Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/PXPpglaLi2d_N00NgY-b1y-JnaI.roa
File: PXPpglaLi2d_N00NgY-b1y-JnaI.roa (raw, json)
Hash identifier: X2tIYvmrYzzwR1LMwgJqC8IZnvwi3ns6aOFmUMh29Dc=
Subject key identifier: 3D:73:E9:82:56:8B:8B:67:7F:37:4D:0D:81:8F:9B:D7:2F:89:9D:A2
Certificate issuer: /CN=b187ccec49aa5f66aa02648d91b4a2ee8ff7bde6
Certificate serial: 019228899609ABFCE48780FB4DB2079BD9F0
Authority key identifier: B1:87:CC:EC:49:AA:5F:66:AA:02:64:8D:91:B4:A2:EE:8F:F7:BD:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sYfM7EmqX2aqAmSNkbSi7o_3veY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/PXPpglaLi2d_N00NgY-b1y-JnaI.roa
Signing time: Wed 25 Sep 2024 09:35:58 +0000
ROA not before: Wed 25 Sep 2024 09:35:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 144.200.0.0/16 maxlen: 16
2a02:7dc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:89:96:09:ab:fc:e4:87:80:fb:4d:b2:07:9b:d9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b187ccec49aa5f66aa02648d91b4a2ee8ff7bde6
Validity
Not Before: Sep 25 09:35:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d73e982568b8b677f374d0d818f9bd72f899da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:be:38:6c:15:8c:7f:20:8a:60:a6:b1:62:38:
a4:38:35:73:20:11:4b:de:03:68:51:f3:44:4c:80:
0f:28:00:3a:b2:6a:a2:09:85:20:c3:e8:cf:3a:2f:
09:37:ef:9b:a8:04:80:e6:be:6f:cb:f9:a3:5b:31:
ff:cf:f2:5a:20:78:b5:ca:fd:08:8c:64:a1:da:64:
27:cb:ca:f2:f0:3c:35:e1:d0:a7:1b:f2:28:1d:2b:
9f:3c:ce:86:bc:6c:73:58:12:a3:ad:19:ff:7d:55:
46:23:21:b4:f8:cc:3b:8b:d6:08:3f:23:f7:29:6a:
89:f1:fc:60:11:3a:3d:70:3a:a6:6a:47:f1:80:46:
11:90:a9:f7:f3:a4:8d:57:d3:33:8d:8e:4a:a9:88:
45:85:2a:25:7f:e8:e6:fe:33:42:75:4f:19:51:b6:
11:91:eb:c2:70:b6:05:e6:6f:17:f4:9a:0e:c1:b3:
dd:a4:fd:15:02:a7:34:dd:bc:56:97:a4:a0:e6:86:
d6:bc:90:a8:ec:fa:54:08:78:f0:b2:7d:20:af:d7:
ae:e2:1c:3f:7e:48:57:e7:bc:f5:37:59:47:86:ae:
e8:a9:b7:68:59:6d:dc:71:9b:5f:a1:08:ad:43:cb:
44:73:52:38:8d:a1:f6:49:4f:81:1b:01:8f:bb:0d:
cc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:73:E9:82:56:8B:8B:67:7F:37:4D:0D:81:8F:9B:D7:2F:89:9D:A2
X509v3 Authority Key Identifier:
keyid:B1:87:CC:EC:49:AA:5F:66:AA:02:64:8D:91:B4:A2:EE:8F:F7:BD:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sYfM7EmqX2aqAmSNkbSi7o_3veY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/PXPpglaLi2d_N00NgY-b1y-JnaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/72281a-d688-415d-a2c6-17f4e0f6cdeb/1/sYfM7EmqX2aqAmSNkbSi7o_3veY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.200.0.0/16
IPv6:
2a02:7dc0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:95:94:83:ca:35:a2:b0:e8:e8:10:76:fa:f2:e8:6c:be:47:
ea:28:51:8a:f2:e1:a3:e8:1d:34:e5:39:0a:e4:6c:e1:16:35:
eb:5d:3c:6c:3b:ea:9e:43:90:01:29:01:f5:06:71:c2:14:7d:
7f:9e:cf:39:28:dd:85:d6:d9:9b:78:53:19:4f:6a:fe:87:da:
3c:9f:7d:9d:56:49:7e:83:92:5b:39:e5:cc:45:7e:c1:e6:14:
84:d8:65:fa:f2:9b:f1:cd:3f:f1:9d:84:7a:28:c0:9e:69:61:
d5:f6:e0:51:2f:19:84:38:37:5f:1d:5d:04:2e:a6:21:98:97:
be:81:de:d0:4d:e1:dc:6f:1a:6c:93:fa:51:d1:75:be:29:0a:
66:a6:b7:ff:98:ca:33:de:74:d5:93:3c:d1:be:c4:3a:7a:5b:
38:8d:f3:13:4e:a3:ca:11:c0:53:f6:73:dd:6c:88:3d:0a:12:
55:f8:37:07:6e:8f:d3:9a:b0:4f:05:6d:ff:bd:2e:ef:1f:0f:
bb:32:a7:41:17:b2:a2:33:91:b8:01:d7:66:fd:32:43:b3:32:
86:82:6b:2a:72:7d:a3:17:23:91:56:6b:bc:49:ba:51:55:3d:
60:2b:88:06:f9:ae:60:59:4a:da:7a:e9:c4:06:36:67:04:31:
5e:72:42:3a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZIoiZYJq/zkh4D7TbIHm9nwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxODdjY2VjNDlhYTVmNjZhYTAyNjQ4ZDkxYjRhMmVlOGZm
N2JkZTYwHhcNMjQwOTI1MDkzNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDczZTk4MjU2OGI4YjY3N2YzNzRkMGQ4MThmOWJkNzJmODk5ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb44bBWMfyCKYKaxYjikODVzIBFL
3gNoUfNETIAPKAA6smqiCYUgw+jPOi8JN++bqASA5r5vy/mjWzH/z/JaIHi1yv0I
jGSh2mQny8ry8Dw14dCnG/IoHSufPM6GvGxzWBKjrRn/fVVGIyG0+Mw7i9YIPyP3
KWqJ8fxgETo9cDqmakfxgEYRkKn386SNV9MzjY5KqYhFhSolf+jm/jNCdU8ZUbYR
kevCcLYF5m8X9JoOwbPdpP0VAqc03bxWl6Sg5obWvJCo7PpUCHjwsn0gr9eu4hw/
fkhX57z1N1lHhq7oqbdoWW3ccZtfoQitQ8tEc1I4jaH2SU+BGwGPuw3MCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFD1z6YJWi4tnfzdNDYGPm9cviZ2iMB8GA1UdIwQY
MBaAFLGHzOxJql9mqgJkjZG0ou6P973mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1lmTTdFbXFYMmFxQW1TTmtiU2k3b18zdmVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC83MjI4MWEtZDY4OC00MTVkLWEyYzYt
MTdmNGUwZjZjZGViLzEvUFhQcGdsYUxpMmRfTjAwTmdZLWIxeS1KbmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC83MjI4MWEtZDY4OC00MTVkLWEyYzYtMTdmNGUwZjZjZGVi
LzEvc1lmTTdFbXFYMmFxQW1TTmtiU2k3b18zdmVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAkMgwDQQC
AAIwBwMFACoCfcAwDQYJKoZIhvcNAQELBQADggEBAFqVlIPKNaKw6OgQdvry6Gy+
R+ooUYry4aPoHTTlOQrkbOEWNetdPGw76p5DkAEpAfUGccIUfX+ezzko3YXW2Zt4
UxlPav6H2jyffZ1WSX6Dkls55cxFfsHmFITYZfrym/HNP/GdhHoowJ5pYdX24FEv
GYQ4N18dXQQupiGYl76B3tBN4dxvGmyT+lHRdb4pCmamt/+YyjPedNWTPNG+xDp6
WziN8xNOo8oRwFP2c91siD0KElX4Nwduj9OasE8Fbf+9Lu8fD7syp0EXsqIzkbgB
12b9MkOzMoaCaypyfaMXI5FWa7xJulFVPWAriAb5rmBZStp66cQGNmcEMV5yQjo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:10 2025 by rpki-client