Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/Pz_NJQqipXUnwCbGr0ZDuXaCfYU.roa
File: Pz_NJQqipXUnwCbGr0ZDuXaCfYU.roa (raw, json)
Hash identifier: ukOp3VbmkQJ/TeUpKVCnE4qKMItyfUKWe09yxi8j8fE=
Subject key identifier: 3F:3F:CD:25:0A:A2:A5:75:27:C0:26:C6:AF:46:43:B9:76:82:7D:85
Certificate issuer: /CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Certificate serial: 0185708CD0AC54BD47F0F917C76245BDB20C
Authority key identifier: CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/Pz_NJQqipXUnwCbGr0ZDuXaCfYU.roa
Signing time: Mon 02 Jan 2023 03:35:54 +0000
ROA not before: Mon 02 Jan 2023 03:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62077
IP address blocks: 185.33.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d0:ac:54:bd:47:f0:f9:17:c7:62:45:bd:b2:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Validity
Not Before: Jan 2 03:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f3fcd250aa2a57527c026c6af4643b976827d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e5:9e:dc:56:d8:d9:a5:fc:ee:ac:a8:0f:f5:
9f:01:48:2b:c2:bc:82:fb:c4:e0:10:5e:9e:57:98:
96:5d:38:4e:48:b3:05:8e:a1:1f:65:b2:b1:16:42:
52:57:a5:94:0d:6b:fb:9a:eb:70:12:31:18:c9:7a:
a2:3e:fa:ad:80:91:07:0b:96:b4:19:aa:6f:57:de:
4e:41:8a:91:a1:38:75:98:5e:56:c7:f9:f1:99:54:
92:91:5e:46:1e:7b:ae:f3:00:5d:77:71:6b:ef:b9:
3f:75:ae:f9:dc:bd:23:dc:f3:cd:86:4f:03:03:15:
0d:fc:d4:26:d6:cd:da:3e:70:a0:10:f4:d8:7b:26:
16:d7:a9:bc:94:8b:78:6a:91:ad:33:85:e3:40:39:
3c:98:92:d9:fd:f8:0b:dc:4e:17:f0:0d:b4:05:3a:
16:66:77:a4:7b:41:93:5c:a8:f4:8b:3f:60:22:96:
7e:45:03:d7:70:b2:a3:8f:dd:64:ac:31:51:eb:1c:
96:d3:55:41:b1:8c:7d:78:b5:56:ac:de:af:0d:cd:
4e:cd:64:99:e8:75:55:5f:1e:8b:31:c8:2d:40:36:
23:d3:da:55:1f:05:00:77:97:42:f1:0e:8b:72:25:
b3:f3:dc:9e:e1:0c:94:26:6d:a3:6f:ae:3e:8b:54:
9b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3F:CD:25:0A:A2:A5:75:27:C0:26:C6:AF:46:43:B9:76:82:7D:85
X509v3 Authority Key Identifier:
keyid:CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/Pz_NJQqipXUnwCbGr0ZDuXaCfYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.60.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d4:73:47:ab:11:07:a0:1e:72:0a:31:61:d1:77:e2:1c:97:
9d:9d:ff:05:d2:5c:95:ba:ae:07:28:d5:e5:cc:20:2a:2f:91:
07:84:e2:88:4a:db:45:4c:6b:ea:80:40:2c:fb:41:2e:a6:df:
c1:6d:0b:ac:b1:f9:12:73:df:16:1d:08:c7:bf:dd:ab:11:ef:
56:82:d0:cb:4c:f0:55:e9:a7:50:6c:08:ae:9d:17:e9:75:0b:
fc:3d:d0:99:0a:0d:0f:7d:ad:42:7f:23:9c:8b:1b:6b:80:3b:
eb:94:45:c0:0b:cf:d9:50:f9:fd:4c:f3:da:df:d1:3b:eb:2a:
be:ad:e7:dc:45:63:c7:59:e4:a2:16:4e:37:d7:9d:ce:f0:36:
46:a6:ac:b6:2c:6c:50:fc:30:b8:e9:f4:64:05:d6:ab:2f:33:
79:3e:43:c3:5e:94:18:35:fa:90:2b:3b:ca:ff:60:ba:e6:b8:
77:c3:52:14:f8:9c:32:ae:cb:6d:00:59:99:c0:6e:94:ca:fd:
00:76:6b:ca:6f:b4:7f:2b:62:31:40:af:c2:92:fb:be:9c:b8:
f4:2b:a6:47:cb:ca:b3:80:9e:96:52:f1:be:f9:e2:9e:a2:19:
44:1a:2f:3f:cf:8f:4b:5e:0b:55:db:14:6c:85:18:ab:ab:35:
55:65:5e:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjNCsVL1H8PkXx2JFvbIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2I4NmU2NTQ3MGY5OTRkZmE2ZDZmZWU4ZTI2NGRiNjJl
MjRhZjkwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNmY2QyNTBhYTJhNTc1MjdjMDI2YzZhZjQ2NDNiOTc2ODI3ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+We3FbY2aX87qyoD/WfAUgrwryC
+8TgEF6eV5iWXThOSLMFjqEfZbKxFkJSV6WUDWv7mutwEjEYyXqiPvqtgJEHC5a0
GapvV95OQYqRoTh1mF5Wx/nxmVSSkV5GHnuu8wBdd3Fr77k/da753L0j3PPNhk8D
AxUN/NQm1s3aPnCgEPTYeyYW16m8lIt4apGtM4XjQDk8mJLZ/fgL3E4X8A20BToW
Zneke0GTXKj0iz9gIpZ+RQPXcLKjj91krDFR6xyW01VBsYx9eLVWrN6vDc1OzWSZ
6HVVXx6LMcgtQDYj09pVHwUAd5dC8Q6LciWz89ye4QyUJm2jb64+i1SbDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8/zSUKoqV1J8Amxq9GQ7l2gn2FMB8GA1UdIwQY
MBaAFMo7huZUcPmU36bW/ujiZNti4kr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgt
OTUzMWQyNGUwNjEwLzEvUHpfTkpRcWlwWFVud0NiR3IwWkR1WGFDZllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgtOTUzMWQyNGUwNjEw
LzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSE8MA0G
CSqGSIb3DQEBCwUAA4IBAQAC1HNHqxEHoB5yCjFh0XfiHJednf8F0lyVuq4HKNXl
zCAqL5EHhOKISttFTGvqgEAs+0Eupt/BbQussfkSc98WHQjHv92rEe9WgtDLTPBV
6adQbAiunRfpdQv8PdCZCg0Pfa1CfyOcixtrgDvrlEXAC8/ZUPn9TPPa39E76yq+
refcRWPHWeSiFk43153O8DZGpqy2LGxQ/DC46fRkBdarLzN5PkPDXpQYNfqQKzvK
/2C65rh3w1IU+JwyrsttAFmZwG6Uyv0AdmvKb7R/K2IxQK/Ckvu+nLj0K6ZHy8qz
gJ6WUvG++eKeohlEGi8/z49LXgtV2xRshRirqzVVZV5F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:31 2024 by rpki-client on console-ams.rpki-client.org