Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/PF3996TirOdCWE8fImn-R8b_JlE.roa
File: PF3996TirOdCWE8fImn-R8b_JlE.roa (raw, json)
Hash identifier: ZQjShPfsMJHk1fkESl17ijPnH/yNuPrZgFyW2jjlOt8=
Subject key identifier: 3C:5D:FD:F7:A4:E2:AC:E7:42:58:4F:1F:22:69:FE:47:C6:FF:26:51
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 018A6A0FFF762850EC8FEDF7BE5DC2711122
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/PF3996TirOdCWE8fImn-R8b_JlE.roa
Signing time: Wed 06 Sep 2023 10:35:47 +0000
ROA not before: Wed 06 Sep 2023 10:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 85.153.47.0/24 maxlen: 24
85.153.112.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
85.153.9.0/24 maxlen: 24
85.153.114.0/24 maxlen: 24
85.153.115.0/24 maxlen: 24
85.153.116.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:0f:ff:76:28:50:ec:8f:ed:f7:be:5d:c2:71:11:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Sep 6 10:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c5dfdf7a4e2ace742584f1f2269fe47c6ff2651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:08:36:72:30:19:10:1b:09:91:64:e9:99:7e:
84:0f:cd:86:4d:53:9c:4d:01:b6:f2:da:1f:f9:ae:
6c:9f:e5:c3:b0:14:e1:69:a8:6a:6c:73:16:70:92:
f4:f0:74:84:d0:36:91:aa:e4:1e:87:a8:d4:13:ad:
6d:4c:93:ac:cf:e6:a6:4d:b5:a3:00:20:73:49:6e:
55:e0:f8:c7:e8:23:2d:7e:f7:5b:63:66:32:eb:17:
b4:fa:02:2c:22:df:b1:37:6d:f5:a1:58:7d:b8:aa:
a6:b4:8c:4a:02:a9:56:2a:8b:e0:ee:b8:08:27:e1:
be:27:5c:8a:f9:c2:f7:f1:a7:7b:06:d8:fc:96:ed:
9a:29:6e:fc:05:0f:41:83:8e:7f:63:38:a1:e0:0a:
b4:c2:2e:64:e6:7d:83:90:94:44:08:1d:c2:3b:2f:
a6:ad:42:e4:6d:5d:48:3b:fd:e2:68:80:fc:00:84:
98:bf:c4:39:52:12:f1:a4:54:a8:28:e2:0f:ef:b9:
1e:67:5d:65:ea:c8:84:6b:73:86:4e:14:22:ad:c8:
39:b8:8a:75:12:3c:03:8d:d1:6f:10:d1:37:fc:fb:
1d:35:cc:08:13:8a:75:da:6c:b0:87:9e:54:b8:58:
41:42:6d:fb:ae:04:32:89:ea:a7:40:76:92:39:ad:
df:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:5D:FD:F7:A4:E2:AC:E7:42:58:4F:1F:22:69:FE:47:C6:FF:26:51
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/PF3996TirOdCWE8fImn-R8b_JlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.9.0/24
85.153.47.0/24
85.153.112.0/24
85.153.114.0-85.153.117.255
Signature Algorithm: sha256WithRSAEncryption
52:5c:bb:41:d7:d7:f6:94:83:35:39:45:02:f5:db:c1:e7:cf:
2e:75:90:3b:ed:0b:ca:bf:c6:a4:7e:d5:a9:cc:28:25:15:e9:
69:1c:89:7f:fe:6d:b6:a3:6e:d4:aa:42:c7:d5:a6:c2:ee:90:
95:82:a2:89:00:63:de:5f:3c:4e:44:d8:45:39:44:a7:46:be:
bf:5c:87:3e:09:7f:a5:8d:b8:f6:05:2c:62:05:1f:38:8c:79:
76:dc:93:ad:c1:0b:39:3b:57:e7:fe:4c:c3:9a:04:43:ee:8d:
bd:fa:56:63:21:39:8c:cf:c3:a7:f3:0a:96:90:21:61:ac:c7:
cc:a2:82:b8:f9:3d:81:c3:95:da:94:e4:45:4c:f2:a8:03:f0:
7b:69:e8:5e:62:be:cd:ae:95:aa:c2:c5:6a:08:6f:e2:62:47:
14:16:91:99:ba:45:7d:1f:b9:16:a4:d4:d8:63:d2:32:d0:d1:
5d:0e:32:4c:6e:7d:3c:7e:cd:5f:51:6c:7c:11:db:65:7b:ff:
62:3d:31:1d:d9:6b:0e:da:fd:3d:15:f5:cb:6c:ab:e9:fc:e5:
a5:a0:a0:40:dc:60:1b:a4:cc:33:41:87:92:f3:8a:16:f3:dd:
1f:99:87:dc:2e:2a:82:cf:0b:a1:4e:bb:7d:74:19:1b:6c:7d:
8f:33:59:75
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYpqD/92KFDsj+33vl3CcREiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwOTA2MTAzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzVkZmRmN2E0ZTJhY2U3NDI1ODRmMWYyMjY5ZmU0N2M2ZmYyNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQg2cjAZEBsJkWTpmX6ED82GTVOc
TQG28tof+a5sn+XDsBThaahqbHMWcJL08HSE0DaRquQeh6jUE61tTJOsz+amTbWj
ACBzSW5V4PjH6CMtfvdbY2Yy6xe0+gIsIt+xN231oVh9uKqmtIxKAqlWKovg7rgI
J+G+J1yK+cL38ad7Btj8lu2aKW78BQ9Bg45/Yzih4Aq0wi5k5n2DkJRECB3COy+m
rULkbV1IO/3iaID8AISYv8Q5UhLxpFSoKOIP77keZ11l6siEa3OGThQircg5uIp1
EjwDjdFvENE3/PsdNcwIE4p12mywh55UuFhBQm37rgQyieqnQHaSOa3f2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDxd/fek4qznQlhPHyJp/kfG/yZRMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvUEYzOTk2VGlyT2RDV0U4Zkltbi1SOGJfSmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVZkJAwQA
VZkvAwQAVZlwMAwDBAFVmXIDBAFVmXQwDQYJKoZIhvcNAQELBQADggEBAFJcu0HX
1/aUgzU5RQL128Hnzy51kDvtC8q/xqR+1anMKCUV6WkciX/+bbajbtSqQsfVpsLu
kJWCookAY95fPE5E2EU5RKdGvr9chz4Jf6WNuPYFLGIFHziMeXbck63BCzk7V+f+
TMOaBEPujb36VmMhOYzPw6fzCpaQIWGsx8yigrj5PYHDldqU5EVM8qgD8Htp6F5i
vs2ularCxWoIb+JiRxQWkZm6RX0fuRak1Nhj0jLQ0V0OMkxufTx+zV9RbHwR22V7
/2I9MR3Zaw7a/T0V9ctsq+n85aWgoEDcYBukzDNBh5Lzihbz3R+Zh9wuKoLPC6FO
u310GRtsfY8zWXU=
-----END CERTIFICATE-----
Generated at Wed Sep 6 11:51:42 2023 by rpki-client on console-fra.rpki-client.org