Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/PuXsP38qwAaRfvrJdCx883SqODQ.roa
File: PuXsP38qwAaRfvrJdCx883SqODQ.roa (raw, json)
Hash identifier: Z32on6HvKz8pg2ebjT86B1PLZ1ppXg470yUqGIz0T/E=
Subject key identifier: 3E:E5:EC:3F:7F:2A:C0:06:91:7E:FA:C9:74:2C:7C:F3:74:AA:38:34
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018CC26D661C8052E921DEE44F1E0CCA7371
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/PuXsP38qwAaRfvrJdCx883SqODQ.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201924
IP address blocks: 185.126.238.0/24 maxlen: 24
2a11:840:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jan 2024 18:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:66:1c:80:52:e9:21:de:e4:4f:1e:0c:ca:73:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ee5ec3f7f2ac006917efac9742c7cf374aa3834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:78:00:fe:5f:53:03:a9:15:01:ee:4b:55:3b:
cc:7a:c3:21:35:ac:b7:57:db:14:73:63:d1:78:b8:
b8:2d:92:3c:43:b1:fb:c6:b5:5e:b6:8f:6a:09:65:
bd:be:57:a5:e7:65:8e:2c:aa:ad:0b:34:29:81:ed:
ee:e8:cf:33:a2:2b:7a:82:8e:12:bf:e8:56:88:70:
bc:d1:c2:ee:61:fb:10:56:1f:f4:d3:50:06:72:2a:
26:7e:19:b6:9b:89:ac:83:cc:ec:18:7a:99:9d:29:
17:fd:1d:be:a7:83:09:84:9b:c3:05:1e:6d:7b:c2:
48:d5:7f:01:7d:19:8b:35:1d:b2:0b:05:ac:2f:b1:
2e:e1:c7:eb:9b:a0:04:30:52:b1:9b:a8:eb:bf:72:
ed:09:86:97:00:91:81:71:84:50:d3:a7:7a:f1:c9:
e3:6c:0d:3a:05:dd:43:39:0c:54:10:c4:5f:1b:5b:
5f:34:c5:49:cd:36:b8:07:e1:10:5e:41:25:d5:06:
0f:61:c6:ba:a0:0b:41:8d:b8:5b:c6:66:73:38:62:
b8:4f:52:31:8e:15:cf:69:a7:a5:79:78:b2:43:4f:
30:9e:39:5e:24:b2:e1:7e:4c:18:34:59:bf:e3:8c:
30:fb:12:c9:81:21:d7:01:9b:76:51:db:4c:c7:99:
36:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E5:EC:3F:7F:2A:C0:06:91:7E:FA:C9:74:2C:7C:F3:74:AA:38:34
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/PuXsP38qwAaRfvrJdCx883SqODQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.238.0/24
IPv6:
2a11:840:20::/48
Signature Algorithm: sha256WithRSAEncryption
48:4e:93:a0:df:72:e1:73:5c:e9:0a:2e:69:ed:89:ef:54:13:
be:b8:3a:0f:b4:1b:e4:8f:dc:b2:00:60:64:14:ec:45:63:d7:
6c:72:1b:cb:57:54:f6:0d:d6:1d:41:9c:1f:0a:cc:e9:40:3f:
3e:b9:3a:b5:f8:7c:e6:d4:8c:22:c5:38:c8:e4:17:55:26:f1:
29:05:2f:cf:31:9a:bd:fa:13:b3:af:fd:0e:77:e0:6d:b7:64:
69:54:ff:0e:2e:5d:6d:16:70:2d:fb:02:4c:8f:95:83:fc:f1:
96:86:f3:fc:c8:46:9f:65:7b:6f:74:a6:5e:72:ff:5f:d4:4a:
cf:bf:93:b8:fe:5b:eb:ff:ef:ec:75:83:94:50:b0:27:6a:60:
ef:b9:a7:57:89:f3:98:a2:fe:f5:a4:de:34:a8:76:02:6d:ed:
a9:84:7c:c4:16:6f:1e:10:e7:ed:71:a8:57:e3:e2:28:87:cf:
b5:2e:35:2a:be:08:0d:b7:50:2f:7f:2b:bd:f8:6b:cb:c4:c5:
9d:9a:a9:13:fd:e7:8a:a8:30:35:cb:4c:75:f1:5a:9f:f5:59:
95:85:a5:df:88:cb:64:7d:2d:73:e1:3b:02:9f:33:7b:29:56:
d4:67:90:07:a9:50:08:57:b3:1b:cb:bb:10:b3:6a:c7:64:b5:
f4:45:b8:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbWYcgFLpId7kTx4MynNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU1ZWMzZjdmMmFjMDA2OTE3ZWZhYzk3NDJjN2NmMzc0YWEzODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3gA/l9TA6kVAe5LVTvMesMhNay3
V9sUc2PReLi4LZI8Q7H7xrVeto9qCWW9vlel52WOLKqtCzQpge3u6M8zoit6go4S
v+hWiHC80cLuYfsQVh/001AGciomfhm2m4msg8zsGHqZnSkX/R2+p4MJhJvDBR5t
e8JI1X8BfRmLNR2yCwWsL7Eu4cfrm6AEMFKxm6jrv3LtCYaXAJGBcYRQ06d68cnj
bA06Bd1DOQxUEMRfG1tfNMVJzTa4B+EQXkEl1QYPYca6oAtBjbhbxmZzOGK4T1Ix
jhXPaaeleXiyQ08wnjleJLLhfkwYNFm/44ww+xLJgSHXAZt2UdtMx5k2/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD7l7D9/KsAGkX76yXQsfPN0qjg0MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvUHVYc1AzOHF3QWFSZnZySmRDeDg4M1NxT0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuX7uMA8E
AgACMAkDBwAqEQhAACAwDQYJKoZIhvcNAQELBQADggEBAEhOk6DfcuFzXOkKLmnt
ie9UE764Og+0G+SP3LIAYGQU7EVj12xyG8tXVPYN1h1BnB8KzOlAPz65OrX4fObU
jCLFOMjkF1Um8SkFL88xmr36E7Ov/Q534G23ZGlU/w4uXW0WcC37AkyPlYP88ZaG
8/zIRp9le290pl5y/1/USs+/k7j+W+v/7+x1g5RQsCdqYO+5p1eJ85ii/vWk3jSo
dgJt7amEfMQWbx4Q5+1xqFfj4iiHz7UuNSq+CA23UC9/K734a8vExZ2aqRP954qo
MDXLTHXxWp/1WZWFpd+Iy2R9LXPhOwKfM3spVtRnkAepUAhXsxvLuxCzasdktfRF
uC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org