Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/PTZy9xXeBHBn1QYInFnMa8N93bg.roa
File: PTZy9xXeBHBn1QYInFnMa8N93bg.roa (raw, json)
Hash identifier: oyfbZqrhyLiFIGqYnHeg67IT1FyMDY+nbQcksG2cO5M=
Subject key identifier: 3D:36:72:F7:15:DE:04:70:67:D5:06:08:9C:59:CC:6B:C3:7D:DD:B8
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 0189D6174DC1231420D2AB46F42C59FAF2CC
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/PTZy9xXeBHBn1QYInFnMa8N93bg.roa
Signing time: Tue 08 Aug 2023 16:59:58 +0000
ROA not before: Tue 08 Aug 2023 16:59:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 178.236.244.0/24 maxlen: 24
178.236.243.0/24 maxlen: 24
178.236.253.0/24 maxlen: 24
194.59.186.0/24 maxlen: 24
178.236.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Aug 2023 19:45:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:17:4d:c1:23:14:20:d2:ab:46:f4:2c:59:fa:f2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Aug 8 16:59:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d3672f715de047067d506089c59cc6bc37dddb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:05:b9:b4:a4:ba:80:63:67:9a:c5:ad:bf:27:
ef:41:d2:4d:1b:08:b2:3d:ed:05:13:44:e5:e5:40:
aa:ab:e5:66:76:d5:cb:87:29:39:4c:97:39:2f:f5:
78:e9:06:70:c3:5d:aa:a2:dd:72:0e:d3:8e:6b:90:
d9:1f:ed:b9:bd:fe:17:55:d3:79:3f:d4:bf:e2:df:
ba:32:c2:f8:24:be:38:46:be:a8:18:d9:ef:8e:f3:
34:71:16:3a:03:33:92:65:b1:20:2c:b0:df:aa:61:
9f:22:39:db:26:5c:ac:4b:66:f0:55:e7:fc:44:fc:
a0:12:9a:b3:1c:d8:b9:36:56:0b:48:09:4d:60:29:
76:eb:78:8d:7c:17:a6:21:55:d9:24:32:22:92:12:
01:cc:34:d6:5f:68:a2:50:a4:cb:9a:fa:12:81:cf:
bc:81:e8:a6:67:64:b3:cb:6d:64:c7:7e:35:bd:2f:
b7:85:50:db:67:72:fd:01:ea:dd:8c:c9:66:ae:a2:
34:40:f1:e8:8d:20:f0:ec:6d:05:ca:fc:13:c0:72:
1f:ef:dd:55:8c:14:8e:b4:53:de:f3:44:0c:9a:e0:
43:0e:5c:77:03:93:fe:4b:82:2f:58:0e:73:02:27:
8f:43:b2:36:2f:ce:95:f2:5c:b5:cd:40:0f:03:e8:
9a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:36:72:F7:15:DE:04:70:67:D5:06:08:9C:59:CC:6B:C3:7D:DD:B8
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/PTZy9xXeBHBn1QYInFnMa8N93bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.243.0-178.236.244.255
178.236.253.0-178.236.254.255
194.59.186.0/24
Signature Algorithm: sha256WithRSAEncryption
36:cb:96:0f:0d:c2:c3:e9:18:86:6d:d9:b2:c4:61:cc:9e:7c:
c2:f3:d2:ff:bc:9f:52:2f:ca:63:0f:a4:1c:60:9d:0c:d0:9e:
03:8c:74:94:61:d3:b6:12:32:06:3d:b5:e2:f3:6d:8e:6a:05:
db:ea:c3:a2:8f:41:73:4e:a3:b3:7d:0a:4d:46:b6:35:52:48:
2a:40:e0:4d:e9:dc:ce:5c:3c:cf:d6:39:de:6b:39:f0:02:5d:
30:06:9b:e0:3b:c7:e9:e0:51:e3:80:b7:ee:a3:e9:9b:3a:bd:
7c:7f:92:2c:2e:1e:43:42:45:77:3e:ed:44:a0:46:e2:82:9f:
de:8e:e5:ee:8f:90:ec:f5:51:0c:3e:60:2a:24:13:99:e7:dc:
8e:9f:81:f9:0b:d2:ef:54:fc:79:97:ba:cb:ff:a2:19:bd:1b:
56:51:5f:ec:60:0f:9f:98:00:77:c2:4f:68:35:30:25:51:25:
b9:b2:01:62:12:85:de:db:d7:70:2c:37:be:98:51:7c:2f:f2:
15:83:3d:e5:13:44:a0:57:b3:3f:d2:8c:42:05:ee:ba:50:dd:
95:c8:71:36:52:e5:c0:28:53:a7:e8:48:33:5b:88:75:6f:ca:
71:e3:b4:cb:49:c9:30:93:f3:fc:57:88:cb:18:ca:18:ee:44:
6d:5c:a4:6d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYnWF03BIxQg0qtG9CxZ+vLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjMwODA4MTY1OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDM2NzJmNzE1ZGUwNDcwNjdkNTA2MDg5YzU5Y2M2YmMzN2RkZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgW5tKS6gGNnmsWtvyfvQdJNGwiy
Pe0FE0Tl5UCqq+VmdtXLhyk5TJc5L/V46QZww12qot1yDtOOa5DZH+25vf4XVdN5
P9S/4t+6MsL4JL44Rr6oGNnvjvM0cRY6AzOSZbEgLLDfqmGfIjnbJlysS2bwVef8
RPygEpqzHNi5NlYLSAlNYCl263iNfBemIVXZJDIikhIBzDTWX2iiUKTLmvoSgc+8
geimZ2Szy21kx341vS+3hVDbZ3L9AerdjMlmrqI0QPHojSDw7G0FyvwTwHIf791V
jBSOtFPe80QMmuBDDlx3A5P+S4IvWA5zAiePQ7I2L86V8ly1zUAPA+iaSwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFD02cvcV3gRwZ9UGCJxZzGvDfd24MB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvUFRaeTl4WGVCSEJuMVFZSW5Gbk1hOE45M2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBACy7PMD
BACy7PQwDAMEALLs/QMEALLs/gMEAMI7ujANBgkqhkiG9w0BAQsFAAOCAQEANsuW
Dw3Cw+kYhm3ZssRhzJ58wvPS/7yfUi/KYw+kHGCdDNCeA4x0lGHTthIyBj214vNt
jmoF2+rDoo9Bc06js30KTUa2NVJIKkDgTenczlw8z9Y53ms58AJdMAab4DvH6eBR
44C37qPpmzq9fH+SLC4eQ0JFdz7tRKBG4oKf3o7l7o+Q7PVRDD5gKiQTmefcjp+B
+QvS71T8eZe6y/+iGb0bVlFf7GAPn5gAd8JPaDUwJVElubIBYhKF3tvXcCw3vphR
fC/yFYM95RNEoFezP9KMQgXuulDdlchxNlLlwChTp+hIM1uIdW/KceO0y0nJMJPz
/FeIyxjKGO5EbVykbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:40 2024 by rpki-client on console-fra.rpki-client.org