Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/PMX1-oAhFEDj2q4O6oq5rwP-Gdg.roa
File: PMX1-oAhFEDj2q4O6oq5rwP-Gdg.roa (raw, json)
Hash identifier: 9faPq8girn5Y78sMxEpTeFDO28yyh+/HrszJsZmBejY=
Subject key identifier: 3C:C5:F5:FA:80:21:14:40:E3:DA:AE:0E:EA:8A:B9:AF:03:FE:19:D8
Certificate issuer: /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial: 0189DECC9A640B0316D6ACF541F96D1B4F25
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/PMX1-oAhFEDj2q4O6oq5rwP-Gdg.roa
Signing time: Thu 10 Aug 2023 09:34:57 +0000
ROA not before: Thu 10 Aug 2023 09:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60504
IP address blocks: 2a13:82c2::/32 maxlen: 32
2a13:82c0::/32 maxlen: 32
2a13:82c3:3000::/36 maxlen: 36
2a13:82c3:6000::/36 maxlen: 36
2a13:82c3:9000::/36 maxlen: 36
2a13:82c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Nov 2023 12:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:cc:9a:64:0b:03:16:d6:ac:f5:41:f9:6d:1b:4f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Validity
Not Before: Aug 10 09:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cc5f5fa80211440e3daae0eea8ab9af03fe19d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:53:cc:9d:4d:8d:94:08:11:32:2a:bd:77:91:
7b:51:b7:05:d7:18:6d:21:cb:ed:6a:4a:fd:e4:b3:
ef:26:4c:77:85:1c:b3:74:7c:07:e0:72:bb:25:b2:
39:16:b4:7e:29:80:be:74:77:9b:55:2d:b9:0d:d2:
ac:66:e9:97:b9:45:29:95:8f:fe:c5:5f:07:41:c1:
34:c2:24:95:31:81:92:ea:89:6b:54:35:2b:98:a9:
e3:3b:ce:68:ea:a2:0b:4c:b1:cc:82:a7:78:d0:31:
06:70:b9:e2:49:2a:03:65:8e:45:a4:13:13:c8:af:
00:38:b4:08:e3:67:20:40:28:cb:a5:aa:22:c4:91:
73:0d:5a:28:16:f3:99:6c:24:3b:bd:38:4e:5a:49:
46:82:d4:65:ba:24:ec:bf:ba:3c:db:1f:af:81:ca:
35:16:06:7b:a2:a1:d5:ab:94:cb:fd:82:81:d0:7e:
79:ff:b5:5c:de:aa:f6:50:54:2f:79:de:d8:23:ac:
3c:76:c9:6b:b3:f7:50:3e:08:fb:0c:fe:8a:68:3c:
df:06:69:38:bb:67:17:f5:ea:83:5e:03:86:b1:02:
f2:ab:79:45:84:0d:c6:56:2c:a0:ee:3d:24:0f:8e:
7b:b8:66:90:df:72:8e:8d:5c:eb:e9:e0:87:df:ce:
98:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C5:F5:FA:80:21:14:40:E3:DA:AE:0E:EA:8A:B9:AF:03:FE:19:D8
X509v3 Authority Key Identifier:
keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/PMX1-oAhFEDj2q4O6oq5rwP-Gdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:82c0::-2a13:82c2:ffff:ffff:ffff:ffff:ffff:ffff
2a13:82c3:3000::/36
2a13:82c3:6000::/36
2a13:82c3:9000::/36
Signature Algorithm: sha256WithRSAEncryption
2a:e5:71:1a:d6:4b:de:9d:9c:e1:e4:97:a1:16:81:d7:08:e7:
1a:29:5b:04:50:bd:00:89:b6:84:69:96:18:51:d0:64:23:e4:
f6:d5:9c:f7:f0:59:ac:c9:44:2f:1a:3f:a3:f2:49:2c:c0:98:
d2:61:f6:68:dd:0f:7d:0b:25:1b:92:bf:e7:f0:a9:9e:28:ee:
1e:3f:3b:da:7e:46:5f:43:9e:fb:d3:7c:78:b5:19:e7:2b:43:
25:a9:82:19:7a:a3:2c:5b:5e:2f:89:fc:98:7e:27:e7:6e:44:
f8:a1:80:c8:12:64:e8:36:ec:cc:23:57:8d:8b:a0:82:1a:f6:
4d:03:c5:b1:03:f7:95:2d:46:38:13:39:8d:68:20:c6:dd:39:
e3:e1:9a:38:9e:8e:f3:c5:2e:b6:6b:a3:15:6c:b6:77:8c:65:
21:c0:e2:04:0a:e9:83:9b:fa:b7:37:6c:45:7b:ba:eb:84:70:
91:b3:0b:35:f3:4b:7c:e1:55:a3:e3:57:90:21:88:b7:a9:8a:
6a:b1:b8:76:b5:1a:c8:1c:dc:39:d8:4d:b8:ab:5f:68:aa:af:
5b:06:f7:64:c6:57:05:c1:c5:76:e0:c5:a2:fa:12:51:b8:54:
7e:69:d3:7e:ac:00:eb:8f:c8:af:04:3c:11:8c:fd:be:79:c8:
eb:ca:1d:8c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYnezJpkCwMW1qz1QfltG08lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjMwODEwMDkzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2M1ZjVmYTgwMjExNDQwZTNkYWFlMGVlYThhYjlhZjAzZmUxOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllPMnU2NlAgRMiq9d5F7UbcF1xht
Icvtakr95LPvJkx3hRyzdHwH4HK7JbI5FrR+KYC+dHebVS25DdKsZumXuUUplY/+
xV8HQcE0wiSVMYGS6olrVDUrmKnjO85o6qILTLHMgqd40DEGcLniSSoDZY5FpBMT
yK8AOLQI42cgQCjLpaoixJFzDVooFvOZbCQ7vThOWklGgtRluiTsv7o82x+vgco1
FgZ7oqHVq5TL/YKB0H55/7Vc3qr2UFQved7YI6w8dslrs/dQPgj7DP6KaDzfBmk4
u2cX9eqDXgOGsQLyq3lFhA3GViyg7j0kD457uGaQ33KOjVzr6eCH386Y9QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDzF9fqAIRRA49quDuqKua8D/hnYMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvUE1YMS1vQWhGRURqMnE0TzZvcTVyd1AtR2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMA4DBQYqE4LA
AwUAKhOCwgMGBCoTgsMwAwYEKhOCw2ADBgQqE4LDkDANBgkqhkiG9w0BAQsFAAOC
AQEAKuVxGtZL3p2c4eSXoRaB1wjnGilbBFC9AIm2hGmWGFHQZCPk9tWc9/BZrMlE
Lxo/o/JJLMCY0mH2aN0PfQslG5K/5/CpnijuHj872n5GX0Oe+9N8eLUZ5ytDJamC
GXqjLFteL4n8mH4n525E+KGAyBJk6DbszCNXjYugghr2TQPFsQP3lS1GOBM5jWgg
xt054+GaOJ6O88UutmujFWy2d4xlIcDiBArpg5v6tzdsRXu664RwkbMLNfNLfOFV
o+NXkCGIt6mKarG4drUayBzcOdhNuKtfaKqvWwb3ZMZXBcHFduDFovoSUbhUfmnT
fqwA64/IrwQ8EYz9vnnI68odjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org