Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/PIUqt20nX0_wRFQCg9XJ7VPpNX4.roa
File: PIUqt20nX0_wRFQCg9XJ7VPpNX4.roa (raw, json)
Hash identifier: TsKSww6UeBQYVQBA3xASxkNpo6a7T+DbZ5JC43/p6qM=
Subject key identifier: 3C:85:2A:B7:6D:27:5F:4F:F0:44:54:02:83:D5:C9:ED:53:E9:35:7E
Certificate issuer: /CN=fac0f0da39a22a79f80c1f379b668b90f6d74708
Certificate serial: 018573037906254C730561CD7978E01DC058
Authority key identifier: FA:C0:F0:DA:39:A2:2A:79:F8:0C:1F:37:9B:66:8B:90:F6:D7:47:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/PIUqt20nX0_wRFQCg9XJ7VPpNX4.roa
Signing time: Mon 02 Jan 2023 15:04:45 +0000
ROA not before: Mon 02 Jan 2023 15:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204272
IP address blocks: 185.108.208.0/22 maxlen: 22
2a05:4100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:79:06:25:4c:73:05:61:cd:79:78:e0:1d:c0:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac0f0da39a22a79f80c1f379b668b90f6d74708
Validity
Not Before: Jan 2 15:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c852ab76d275f4ff044540283d5c9ed53e9357e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e2:d0:4f:5d:5f:da:0b:e0:5c:d0:59:46:0f:
bc:ca:f2:3b:ea:7d:e8:2a:65:8a:fd:d8:07:71:d1:
06:28:68:d3:34:a5:34:a9:76:ff:a5:0b:48:79:49:
a3:59:29:d4:d3:70:b3:3e:f0:7d:e1:4c:93:21:9c:
be:b2:70:4b:f7:ea:8c:70:78:3d:77:2e:58:b7:cd:
53:6f:04:82:68:79:4e:da:dd:ad:b9:43:93:98:36:
fe:37:7d:07:ef:68:74:4f:56:eb:05:a8:8c:10:b0:
fa:50:21:95:0a:0e:fb:78:e9:64:46:8c:98:ba:cf:
79:45:e5:d0:13:e4:57:94:13:bc:a6:a0:7a:60:83:
8e:7b:03:ae:d9:fe:c8:de:9b:60:d3:58:f6:42:dd:
8a:43:9c:b9:00:3b:2a:13:4d:39:ae:1e:39:eb:18:
57:06:78:e7:63:4e:82:e2:c8:fe:47:bd:fa:7f:48:
77:55:56:d4:c4:4a:ef:8d:0a:32:12:67:50:80:b2:
94:b8:7e:c9:1b:dd:81:cb:7a:69:90:52:91:89:32:
4f:bc:16:4b:28:79:72:06:1f:00:c5:d3:08:92:f0:
0b:8a:4c:74:64:30:41:5f:de:3d:fd:0e:6f:e2:c8:
47:a9:55:bd:ea:a5:c1:08:aa:e7:1d:d4:d4:2c:2b:
29:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:85:2A:B7:6D:27:5F:4F:F0:44:54:02:83:D5:C9:ED:53:E9:35:7E
X509v3 Authority Key Identifier:
keyid:FA:C0:F0:DA:39:A2:2A:79:F8:0C:1F:37:9B:66:8B:90:F6:D7:47:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/PIUqt20nX0_wRFQCg9XJ7VPpNX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/1-sDw2jmiKnn4DB83m2aLkPbXRwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.208.0/22
IPv6:
2a05:4100::/29
Signature Algorithm: sha256WithRSAEncryption
5c:af:9a:34:b9:37:1c:79:f7:2f:bc:f5:9e:70:fd:4a:4c:e5:
d8:66:3f:95:95:e0:8c:f9:79:53:51:b4:a0:6a:35:14:83:46:
7c:59:78:7e:e7:0b:a9:22:5d:f3:8b:4d:a8:6a:b1:d5:0d:98:
1f:9b:44:01:6a:5b:85:97:09:87:ef:eb:bc:ba:a6:e7:4e:9c:
f9:ff:a9:47:9d:95:c7:60:80:7c:72:96:62:d1:a0:38:5f:92:
07:16:4c:4e:9d:10:97:7a:ac:f1:fe:8b:cf:6c:33:0a:c2:29:
19:bf:bd:38:ed:e0:a4:77:a0:b1:d9:77:19:8e:15:31:17:5c:
e4:50:28:d0:7d:69:63:2e:09:20:c3:69:91:1b:c8:97:ae:1b:
26:3f:8f:9b:89:81:ba:bc:6b:8c:0b:a6:07:87:f9:d1:76:a2:
97:69:78:ca:5a:10:88:e7:cd:38:f0:de:ec:4f:2d:5b:8e:ee:
e4:cb:5f:32:30:81:ee:a7:d2:37:d3:3b:9b:44:8a:eb:51:c8:
1b:eb:e5:bc:d9:ee:e5:ab:0c:fc:bd:a6:69:0d:eb:e6:ac:6b:
f9:bc:e2:70:b0:92:3c:1d:91:40:73:bd:72:a9:d2:76:62:91:
c1:7e:5d:a0:8b:ee:af:6d:dd:a4:e0:e0:47:09:35:24:8b:69:
5f:e8:ed:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzA3kGJUxzBWHNeXjgHcBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYzBmMGRhMzlhMjJhNzlmODBjMWYzNzliNjY4YjkwZjZk
NzQ3MDgwHhcNMjMwMTAyMTUwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg1MmFiNzZkMjc1ZjRmZjA0NDU0MDI4M2Q1YzllZDUzZTkzNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuLQT11f2gvgXNBZRg+8yvI76n3o
KmWK/dgHcdEGKGjTNKU0qXb/pQtIeUmjWSnU03CzPvB94UyTIZy+snBL9+qMcHg9
dy5Yt81TbwSCaHlO2t2tuUOTmDb+N30H72h0T1brBaiMELD6UCGVCg77eOlkRoyY
us95ReXQE+RXlBO8pqB6YIOOewOu2f7I3ptg01j2Qt2KQ5y5ADsqE005rh456xhX
BnjnY06C4sj+R736f0h3VVbUxErvjQoyEmdQgLKUuH7JG92By3ppkFKRiTJPvBZL
KHlyBh8AxdMIkvALikx0ZDBBX949/Q5v4shHqVW96qXBCKrnHdTULCspwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDyFKrdtJ19P8ERUAoPVye1T6TV+MB8GA1UdIwQY
MBaAFPrA8No5oip5+AwfN5tmi5D210cIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zRHcyam1pS25uNERCODNtMmFMa1BiWFJ3Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvODZlZDViLWJjYzEtNGQwMy05NWRh
LWI5OWQ0ZDAwZjgzMS8xL1BJVXF0MjBuWDBfd1JGUUNnOVhKN1ZQcE5YNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODgvODZlZDViLWJjYzEtNGQwMy05NWRhLWI5OWQ0ZDAwZjgz
MS8xLzEtc0R3MmptaUtubjREQjgzbTJhTGtQYlhSd2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5bNAw
DQQCAAIwBwMFAyoFQQAwDQYJKoZIhvcNAQELBQADggEBAFyvmjS5Nxx59y+89Z5w
/UpM5dhmP5WV4Iz5eVNRtKBqNRSDRnxZeH7nC6kiXfOLTahqsdUNmB+bRAFqW4WX
CYfv67y6pudOnPn/qUedlcdggHxylmLRoDhfkgcWTE6dEJd6rPH+i89sMwrCKRm/
vTjt4KR3oLHZdxmOFTEXXORQKNB9aWMuCSDDaZEbyJeuGyY/j5uJgbq8a4wLpgeH
+dF2opdpeMpaEIjnzTjw3uxPLVuO7uTLXzIwge6n0jfTO5tEiutRyBvr5bzZ7uWr
DPy9pmkN6+asa/m84nCwkjwdkUBzvXKp0nZikcF+XaCL7q9t3aTg4EcJNSSLaV/o
7Vg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:35 2024 by rpki-client on console-ams.rpki-client.org