Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/PlsLMKgpFjMiChHipkpCHyI9eb4.roa
File: PlsLMKgpFjMiChHipkpCHyI9eb4.roa (raw, json)
Hash identifier: evMQKO2BLD8i7snceYoXruhfnG1tG9sObf8xhqsHMn0=
Subject key identifier: 3E:5B:0B:30:A8:29:16:33:22:0A:11:E2:A6:4A:42:1F:22:3D:79:BE
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 018CC26D7F9C293F862A0D182D11311189B5
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/PlsLMKgpFjMiChHipkpCHyI9eb4.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.14.238.0/24 maxlen: 24
185.14.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 05:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7f:9c:29:3f:86:2a:0d:18:2d:11:31:11:89:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e5b0b30a8291633220a11e2a64a421f223d79be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0b:b3:a8:71:12:34:68:89:14:9f:5f:ab:f8:
1c:74:a2:cd:da:41:88:a2:1a:92:7c:33:a0:cc:96:
f6:80:1f:20:d4:0e:bc:b1:e6:1d:80:f7:42:71:1c:
e5:00:94:47:eb:3e:55:4f:7e:d3:89:b2:86:53:1e:
3c:e0:e7:ee:fe:5b:07:f8:87:5b:fb:41:9e:84:07:
82:31:e4:52:2e:85:92:c8:02:87:88:42:c9:67:14:
3b:59:17:40:d3:e9:f3:3e:5f:b8:98:78:78:91:5b:
4b:a9:b2:65:2b:4c:26:19:5d:7c:fc:19:36:af:f4:
72:c1:5d:52:1f:c5:51:92:cc:5e:95:bd:7f:ac:fb:
2b:a9:4c:9f:ab:d2:f3:43:f0:ed:57:54:d8:4f:fc:
e3:39:84:0b:bb:28:7c:2d:52:bc:8a:ae:b7:ba:30:
fe:1d:39:ab:d0:0d:bc:b3:4e:2f:a5:c3:21:0a:dd:
4d:75:e8:a5:07:f3:8b:a5:53:92:01:7d:5d:16:b4:
b1:0f:03:9c:fa:52:06:17:a1:c2:c4:47:21:37:21:
86:40:e1:a9:a9:71:fc:ff:e5:12:ac:d9:4c:34:9f:
0f:12:79:ff:37:49:97:71:57:5a:56:a7:21:b7:96:
b4:64:21:09:ba:11:cb:b5:39:aa:3c:38:e6:74:d2:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5B:0B:30:A8:29:16:33:22:0A:11:E2:A6:4A:42:1F:22:3D:79:BE
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/PlsLMKgpFjMiChHipkpCHyI9eb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.236.0/24
185.14.238.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:62:f2:a6:87:01:5f:26:1a:81:9d:17:45:dd:98:15:01:5b:
3f:36:3a:9b:ba:3b:47:cb:88:c8:22:24:20:57:9e:27:b1:92:
e5:77:b3:48:ee:03:2b:2e:b8:27:e4:86:3b:f3:57:41:25:91:
e0:29:f3:df:8c:b4:f5:cf:60:48:d2:a2:a9:d7:6d:ac:18:72:
32:1b:b1:91:3b:ef:4e:47:35:4b:3c:e3:8d:d1:6b:ac:41:6e:
42:d0:16:42:27:2d:eb:a9:b2:e2:cd:fd:40:2d:1d:03:76:dd:
29:47:c3:4c:da:53:78:a8:a0:a8:18:cc:2c:de:18:df:11:36:
f9:8e:b8:02:54:fe:73:38:b3:31:a4:28:77:b6:90:fd:68:a2:
e0:10:e1:43:92:4a:ac:03:bc:86:ee:7b:cf:80:21:59:07:d3:
96:2e:d5:de:12:44:99:ea:83:ed:94:1d:f7:ad:bd:f5:fb:33:
d6:05:92:0f:e4:0e:87:ce:e9:c7:2b:bf:c4:87:fd:57:59:77:
49:f2:5b:14:09:e5:98:5d:c4:f4:22:a5:dc:5f:29:6a:91:0f:
13:90:3a:a2:02:bb:7b:29:55:25:df:a3:b8:26:af:fa:09:24:
dc:98:75:e5:fb:5a:02:d8:15:f2:bd:7b:90:07:a1:30:5c:c2:
c0:80:0c:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbX+cKT+GKg0YLRExEYm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTViMGIzMGE4MjkxNjMzMjIwYTExZTJhNjRhNDIxZjIyM2Q3OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAuzqHESNGiJFJ9fq/gcdKLN2kGI
ohqSfDOgzJb2gB8g1A68seYdgPdCcRzlAJRH6z5VT37TibKGUx484Ofu/lsH+Idb
+0GehAeCMeRSLoWSyAKHiELJZxQ7WRdA0+nzPl+4mHh4kVtLqbJlK0wmGV18/Bk2
r/RywV1SH8VRksxelb1/rPsrqUyfq9LzQ/DtV1TYT/zjOYQLuyh8LVK8iq63ujD+
HTmr0A28s04vpcMhCt1NdeilB/OLpVOSAX1dFrSxDwOc+lIGF6HCxEchNyGGQOGp
qXH8/+USrNlMNJ8PEnn/N0mXcVdaVqcht5a0ZCEJuhHLtTmqPDjmdNK9dQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5bCzCoKRYzIgoR4qZKQh8iPXm+MB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvUGxzTE1LZ3BGak1pQ2hIaXBrcENIeUk5ZWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQ7sAwQA
uQ7uMA0GCSqGSIb3DQEBCwUAA4IBAQA8YvKmhwFfJhqBnRdF3ZgVAVs/NjqbujtH
y4jIIiQgV54nsZLld7NI7gMrLrgn5IY781dBJZHgKfPfjLT1z2BI0qKp122sGHIy
G7GRO+9ORzVLPOON0WusQW5C0BZCJy3rqbLizf1ALR0Ddt0pR8NM2lN4qKCoGMws
3hjfETb5jrgCVP5zOLMxpCh3tpD9aKLgEOFDkkqsA7yG7nvPgCFZB9OWLtXeEkSZ
6oPtlB33rb31+zPWBZIP5A6HzunHK7/Eh/1XWXdJ8lsUCeWYXcT0IqXcXylqkQ8T
kDqiArt7KVUl36O4Jq/6CSTcmHXl+1oC2BXyvXuQB6EwXMLAgAxK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:05 2024 by rpki-client on console-ams.rpki-client.org