Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/pkPS3um5YINnk2OrN91e2kUwXGc.roa
File: pkPS3um5YINnk2OrN91e2kUwXGc.roa (raw, json)
Hash identifier: 4TNh0vETw5HedX8ARG/wzaXfBHgGM3ulBc21pbjJ9c0=
Subject key identifier: A6:43:D2:DE:E9:B9:60:83:67:93:63:AB:37:DD:5E:DA:45:30:5C:67
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 01856CEF4CA2CEB4BEC674D15C7144968F27
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/pkPS3um5YINnk2OrN91e2kUwXGc.roa
Signing time: Sun 01 Jan 2023 10:45:00 +0000
ROA not before: Sun 01 Jan 2023 10:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209943
IP address blocks: 213.83.7.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:4c:a2:ce:b4:be:c6:74:d1:5c:71:44:96:8f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 1 10:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a643d2dee9b96083679363ab37dd5eda45305c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4d:bc:bb:ed:72:de:16:6e:2c:81:db:c3:5d:
16:6a:6d:44:e0:af:2f:f7:46:b2:30:5b:51:d9:e4:
e9:53:79:95:fb:51:26:35:47:96:c8:18:66:de:07:
1f:ba:58:01:f6:cf:0f:d1:3b:f0:4c:82:d2:bf:6d:
b7:ef:c3:44:c7:b3:84:d7:0d:a8:82:b3:88:76:a6:
da:6f:07:89:31:bd:84:48:6a:d0:53:40:c1:5d:a6:
52:26:b4:ec:57:e2:55:20:87:a9:2b:f1:ed:3c:9a:
bf:13:7d:90:18:68:6d:ba:b9:2e:43:20:f7:1e:31:
f0:0e:3f:42:1c:89:6d:94:d1:32:f3:9a:73:bd:39:
05:2e:a1:9a:6f:39:ab:a2:4d:6d:54:d9:32:45:e1:
a3:15:9e:0e:ad:d3:28:85:46:37:1d:04:3c:ac:14:
43:8e:92:8d:e9:51:f5:f1:59:0c:19:d7:e4:b9:7d:
3a:4c:c7:a2:92:ad:4a:01:22:ad:76:f7:49:6b:7b:
3d:ff:49:b7:50:15:a3:6e:41:7f:a8:bb:95:ff:57:
c2:b3:bf:c5:cb:18:5a:5a:db:45:6a:f8:39:66:e8:
a3:bd:8c:d3:2c:d9:bd:bc:62:91:41:31:4d:a6:47:
eb:72:7e:ae:28:ec:a6:31:ff:9d:d6:70:8d:93:c1:
bc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:43:D2:DE:E9:B9:60:83:67:93:63:AB:37:DD:5E:DA:45:30:5C:67
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/pkPS3um5YINnk2OrN91e2kUwXGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.83.7.0/24
Signature Algorithm: sha256WithRSAEncryption
78:14:c3:6c:60:f4:13:8c:db:67:51:6e:7f:ea:83:a3:c9:5e:
e6:eb:ab:72:6d:da:f0:d0:f5:98:df:91:8b:e8:9d:ff:97:5c:
57:ac:99:24:58:06:ca:0f:f3:53:b9:32:b6:6a:d7:ad:86:b6:
61:1d:ca:dc:6d:f3:90:b9:d8:8c:86:00:f2:35:b5:94:04:a2:
f6:25:b4:ba:8a:e6:58:64:16:51:18:79:98:7c:7e:ea:bf:2d:
f4:24:fb:1f:9b:82:83:4c:fd:d5:70:bf:08:65:6c:53:83:34:
3b:3b:1e:ad:9c:cb:8f:3a:23:b6:39:68:6a:1d:e7:fa:13:ca:
35:ed:66:4f:62:ea:70:65:44:2a:c7:d0:a4:b8:36:cc:96:d3:
9b:87:fe:f6:c8:1e:be:20:5d:bc:68:27:a6:15:d0:66:4c:c4:
25:05:cd:89:07:46:31:75:85:e1:e9:30:8d:d0:91:9e:2d:e5:
4e:4b:85:55:09:5e:f0:82:7d:db:04:49:1e:0a:b5:64:22:81:
8d:ec:f7:ce:2b:f6:01:f1:98:09:c6:85:3f:a7:1d:c9:fa:f4:
d8:12:8f:4e:f5:f9:7d:e4:c8:eb:d4:38:08:26:12:46:d7:96:
36:29:0e:41:31:0a:f7:c2:97:49:1d:e0:a6:57:55:14:4e:66:
fd:f8:5d:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs70yizrS+xnTRXHFElo8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjMwMTAxMTA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQzZDJkZWU5Yjk2MDgzNjc5MzYzYWIzN2RkNWVkYTQ1MzA1YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU28u+1y3hZuLIHbw10Wam1E4K8v
90ayMFtR2eTpU3mV+1EmNUeWyBhm3gcfulgB9s8P0TvwTILSv22378NEx7OE1w2o
grOIdqbabweJMb2ESGrQU0DBXaZSJrTsV+JVIIepK/HtPJq/E32QGGhturkuQyD3
HjHwDj9CHIltlNEy85pzvTkFLqGabzmrok1tVNkyReGjFZ4OrdMohUY3HQQ8rBRD
jpKN6VH18VkMGdfkuX06TMeikq1KASKtdvdJa3s9/0m3UBWjbkF/qLuV/1fCs7/F
yxhaWttFavg5ZuijvYzTLNm9vGKRQTFNpkfrcn6uKOymMf+d1nCNk8G8LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZD0t7puWCDZ5NjqzfdXtpFMFxnMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvcGtQUzN1bTVZSU5uazJPck45MWUya1V3WEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VMHMA0G
CSqGSIb3DQEBCwUAA4IBAQB4FMNsYPQTjNtnUW5/6oOjyV7m66tybdrw0PWY35GL
6J3/l1xXrJkkWAbKD/NTuTK2atethrZhHcrcbfOQudiMhgDyNbWUBKL2JbS6iuZY
ZBZRGHmYfH7qvy30JPsfm4KDTP3VcL8IZWxTgzQ7Ox6tnMuPOiO2OWhqHef6E8o1
7WZPYupwZUQqx9CkuDbMltObh/72yB6+IF28aCemFdBmTMQlBc2JB0YxdYXh6TCN
0JGeLeVOS4VVCV7wgn3bBEkeCrVkIoGN7PfOK/YB8ZgJxoU/px3J+vTYEo9O9fl9
5Mjr1DgIJhJG15Y2KQ5BMQr3wpdJHeCmV1UUTmb9+F2u
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:33 2024 by rpki-client on console-fra.rpki-client.org