Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/PBFMEEAlfLMeyqjotUGcyHaTNBU.roa
File: PBFMEEAlfLMeyqjotUGcyHaTNBU.roa (raw, json)
Hash identifier: XFdTIFu9QbkQ66bLkMCOYyWi+CX682hulVxRWD1CelI=
Subject key identifier: 3C:11:4C:10:40:25:7C:B3:1E:CA:A8:E8:B5:41:9C:C8:76:93:34:15
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 018570F09D66E2B72D3DE46D9B8854FC12CC
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/PBFMEEAlfLMeyqjotUGcyHaTNBU.roa
Signing time: Mon 02 Jan 2023 05:24:55 +0000
ROA not before: Mon 02 Jan 2023 05:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 158.162.192.0/18 maxlen: 18
158.162.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:9d:66:e2:b7:2d:3d:e4:6d:9b:88:54:fc:12:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 05:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c114c1040257cb31ecaa8e8b5419cc876933415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:33:88:53:f5:0a:9e:02:a6:5d:af:c4:aa:25:
04:24:64:0e:25:b6:de:c0:d7:5c:e6:10:6f:6e:d6:
38:0f:8f:db:9e:98:05:60:2e:7f:73:2a:31:26:3d:
4d:8e:78:d0:eb:c2:a9:bd:76:67:9b:d4:93:1c:48:
08:b7:a5:dc:ae:e0:a1:c4:a7:d0:54:2c:eb:ca:42:
00:ef:81:66:6d:9f:9b:db:e0:f1:6e:f3:3b:5a:fc:
d4:4f:c5:cc:c3:be:c5:78:7d:91:43:f3:a4:e4:00:
fa:53:ff:5f:3e:6b:64:71:ce:21:05:b2:bf:c2:68:
be:e5:3c:ce:fb:4f:04:ef:6e:a3:ca:a6:a5:90:6d:
5e:5c:f0:a8:27:d6:85:b2:73:8b:83:da:97:c0:c3:
9a:dd:12:eb:0a:f9:02:c5:fc:70:ea:e4:a1:b9:a2:
01:14:ce:0d:b4:23:d4:da:5a:10:fb:7f:89:e7:af:
6c:71:51:1f:c5:c7:65:c3:d3:b0:29:f3:36:2b:40:
e8:0e:63:dd:d4:d8:e8:e1:ab:42:f4:11:71:a0:de:
85:d6:6f:42:68:fc:9f:01:3a:92:0f:5e:dd:5e:80:
0f:54:c9:8c:f6:d8:fc:4f:d9:5d:de:7a:9a:c4:c7:
f2:2a:29:70:02:50:c4:90:09:d5:24:e3:df:2e:0f:
84:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:11:4C:10:40:25:7C:B3:1E:CA:A8:E8:B5:41:9C:C8:76:93:34:15
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/PBFMEEAlfLMeyqjotUGcyHaTNBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.32.0/19
158.162.192.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:bd:10:e5:14:a3:14:9d:46:a0:2a:64:2d:40:0f:1a:16:bb:
79:f5:62:67:cc:9a:b1:f0:fb:a9:7f:89:f9:9f:ee:2d:1b:db:
b4:bd:4b:cb:80:e5:9f:af:73:2e:05:25:d5:bb:61:2d:89:26:
19:70:83:90:e4:1e:42:3d:7d:41:a2:07:fd:cf:a1:50:9f:df:
92:f6:8e:78:4e:f1:27:d9:57:99:d6:ab:9e:10:8e:21:34:2e:
bb:24:4b:2c:0e:da:80:69:1e:89:b6:db:aa:2b:0d:43:52:be:
1f:83:30:78:d4:5d:6d:67:b3:71:ef:11:a0:70:b6:d1:34:68:
69:17:6b:49:e6:37:ff:26:1d:3e:18:12:21:77:e8:0c:11:ee:
64:69:62:73:6f:cd:bc:b7:e9:78:0c:fb:e5:fe:a5:a0:89:ae:
00:56:97:df:29:c8:63:25:fc:1e:52:4f:c1:c4:24:8a:c0:c4:
77:61:db:e0:79:ab:c3:7b:bf:f7:d3:ed:1b:6d:e7:86:4f:13:
7a:c2:ca:52:36:62:8d:81:a7:12:80:28:12:cb:38:f6:5f:df:
9e:5a:61:5c:6a:4b:f4:7f:30:20:00:af:06:cb:fa:9d:bb:a7:
91:fa:e3:8d:a3:db:2e:f2:31:42:8e:52:30:4a:f8:9f:47:37:
a2:41:c4:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw8J1m4rctPeRtm4hU/BLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjMwMTAyMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzExNGMxMDQwMjU3Y2IzMWVjYWE4ZThiNTQxOWNjODc2OTMzNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDOIU/UKngKmXa/EqiUEJGQOJbbe
wNdc5hBvbtY4D4/bnpgFYC5/cyoxJj1NjnjQ68KpvXZnm9STHEgIt6XcruChxKfQ
VCzrykIA74FmbZ+b2+DxbvM7WvzUT8XMw77FeH2RQ/Ok5AD6U/9fPmtkcc4hBbK/
wmi+5TzO+08E726jyqalkG1eXPCoJ9aFsnOLg9qXwMOa3RLrCvkCxfxw6uShuaIB
FM4NtCPU2loQ+3+J569scVEfxcdlw9OwKfM2K0DoDmPd1Njo4atC9BFxoN6F1m9C
aPyfATqSD17dXoAPVMmM9tj8T9ld3nqaxMfyKilwAlDEkAnVJOPfLg+EdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDwRTBBAJXyzHsqo6LVBnMh2kzQVMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvUEJGTUVFQWxmTE1leXFqb3RVR2N5SGFUTkJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFnqIgAwQG
nqLAMA0GCSqGSIb3DQEBCwUAA4IBAQBfvRDlFKMUnUagKmQtQA8aFrt59WJnzJqx
8Pupf4n5n+4tG9u0vUvLgOWfr3MuBSXVu2EtiSYZcIOQ5B5CPX1Bogf9z6FQn9+S
9o54TvEn2VeZ1queEI4hNC67JEssDtqAaR6JttuqKw1DUr4fgzB41F1tZ7Nx7xGg
cLbRNGhpF2tJ5jf/Jh0+GBIhd+gMEe5kaWJzb828t+l4DPvl/qWgia4AVpffKchj
JfweUk/BxCSKwMR3YdvgeavDe7/30+0bbeeGTxN6wspSNmKNgacSgCgSyzj2X9+e
WmFcakv0fzAgAK8Gy/qdu6eR+uONo9su8jFCjlIwSvifRzeiQcTh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:50 2024 by rpki-client on console-fra.rpki-client.org