Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/8def12-897e-4e22-aa8b-834b9c10bf48/1/P1PmfD32_5z9rCzBX15_oPLScSs.roa
File: P1PmfD32_5z9rCzBX15_oPLScSs.roa (raw, json)
Hash identifier: +ofwiTxlEoMnC55zPmz1ziWsw3Yk0VjkoendeA8JUs4=
Subject key identifier: 3F:53:E6:7C:3D:F6:FF:9C:FD:AC:2C:C1:5F:5E:7F:A0:F2:D2:71:2B
Certificate issuer: /CN=65516ddc7331e2e269dc57d9c7632f25de7d0c6e
Certificate serial: 018CC6B84F95C179C714A3A41FD303C08E23
Authority key identifier: 65:51:6D:DC:73:31:E2:E2:69:DC:57:D9:C7:63:2F:25:DE:7D:0C:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZVFt3HMx4uJp3FfZx2MvJd59DG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/8def12-897e-4e22-aa8b-834b9c10bf48/1/P1PmfD32_5z9rCzBX15_oPLScSs.roa
Signing time: Mon 01 Jan 2024 20:30:16 +0000
ROA not before: Mon 01 Jan 2024 20:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207988
IP address blocks: 193.7.212.0/22 maxlen: 22
2a07:cc00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:4f:95:c1:79:c7:14:a3:a4:1f:d3:03:c0:8e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65516ddc7331e2e269dc57d9c7632f25de7d0c6e
Validity
Not Before: Jan 1 20:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f53e67c3df6ff9cfdac2cc15f5e7fa0f2d2712b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8e:b6:90:b1:16:89:6c:7d:b5:34:db:15:4a:
60:0c:27:a7:90:52:4b:8f:de:c3:0e:b5:a6:7e:e1:
a1:9a:d9:07:61:95:e6:45:42:6b:ad:56:9e:ef:2e:
d4:5f:a9:55:1d:94:da:8d:cb:64:6e:03:c5:ed:3e:
f9:97:12:89:4f:42:1e:17:dd:0e:af:5d:a1:d8:03:
b4:1a:0c:77:59:b8:29:e6:57:47:69:47:29:a4:b8:
3c:11:28:a7:04:2d:81:c6:2d:17:9e:98:4f:54:f4:
d1:53:93:72:4d:2c:04:c7:a6:7e:fa:ed:f5:60:85:
11:57:07:0a:b5:dd:c7:af:a2:0a:b3:75:89:28:e7:
86:e1:22:8b:74:d8:d6:22:46:bc:ba:78:4b:eb:4b:
88:4b:7c:03:a7:9e:44:ce:46:90:76:eb:0a:ba:06:
5d:cb:d4:8c:a4:20:10:e1:b0:09:fc:4d:08:71:86:
5c:6b:80:38:05:42:96:07:75:c1:6d:19:e3:66:07:
80:f0:6a:41:c3:c7:32:e8:94:09:e5:fd:3d:23:2b:
ab:0c:f3:31:e6:64:3d:66:82:fe:bd:42:00:9f:7a:
74:19:8c:1d:e2:a8:ee:c4:c6:dd:72:56:c0:37:e2:
7d:33:4d:fd:0c:b5:5e:70:b4:5a:e1:73:15:4b:67:
fe:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:53:E6:7C:3D:F6:FF:9C:FD:AC:2C:C1:5F:5E:7F:A0:F2:D2:71:2B
X509v3 Authority Key Identifier:
keyid:65:51:6D:DC:73:31:E2:E2:69:DC:57:D9:C7:63:2F:25:DE:7D:0C:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZVFt3HMx4uJp3FfZx2MvJd59DG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/8def12-897e-4e22-aa8b-834b9c10bf48/1/P1PmfD32_5z9rCzBX15_oPLScSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/8def12-897e-4e22-aa8b-834b9c10bf48/1/ZVFt3HMx4uJp3FfZx2MvJd59DG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.7.212.0/22
IPv6:
2a07:cc00::/29
Signature Algorithm: sha256WithRSAEncryption
17:db:4e:17:c8:4a:91:de:31:85:cd:1e:74:23:ca:ad:f5:69:
c6:9a:90:78:1c:7e:58:90:20:ef:9c:96:3b:25:89:cd:7a:0b:
62:9c:12:d5:de:3d:78:a3:06:bb:1e:c0:3a:3c:2a:c4:a9:cd:
a3:b9:e1:99:fc:cc:fe:13:29:15:3c:fa:8f:2b:c9:fe:a2:00:
16:9e:61:27:7a:8f:b0:6d:85:40:42:4c:4a:90:82:34:ec:b9:
b6:d6:34:b7:ec:3b:e5:7f:3e:dd:f8:2e:52:ec:8d:24:d8:e0:
a0:60:0f:44:d5:84:6e:ba:36:f5:f5:e5:bd:d5:93:92:e1:e8:
95:09:14:74:67:47:ed:3d:e0:dc:58:23:03:b5:b0:8d:df:b7:
7f:06:48:fa:98:43:67:9f:b8:8e:5c:49:56:eb:2f:6d:22:03:
5a:bf:c0:93:0a:af:f3:e8:db:e2:ef:c7:31:ba:d3:d4:4c:d0:
4e:41:1d:43:9b:2d:73:c5:f5:4f:47:05:73:85:72:81:57:ce:
23:fe:c3:24:9c:83:71:dd:51:fa:25:b1:bb:c9:c3:fc:d4:64:
33:f4:f6:67:07:e8:ff:ce:38:1c:6a:2b:7a:af:34:8a:09:b5:
c9:ce:ac:9d:78:4a:4d:ae:cb:1c:ab:06:c6:1d:16:1a:b5:2f:
ca:e3:cc:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuE+VwXnHFKOkH9MDwI4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NTE2ZGRjNzMzMWUyZTI2OWRjNTdkOWM3NjMyZjI1ZGU3
ZDBjNmUwHhcNMjQwMTAxMjAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUzZTY3YzNkZjZmZjljZmRhYzJjYzE1ZjVlN2ZhMGYyZDI3MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY62kLEWiWx9tTTbFUpgDCenkFJL
j97DDrWmfuGhmtkHYZXmRUJrrVae7y7UX6lVHZTajctkbgPF7T75lxKJT0IeF90O
r12h2AO0Ggx3Wbgp5ldHaUcppLg8ESinBC2Bxi0XnphPVPTRU5NyTSwEx6Z++u31
YIURVwcKtd3Hr6IKs3WJKOeG4SKLdNjWIka8unhL60uIS3wDp55EzkaQdusKugZd
y9SMpCAQ4bAJ/E0IcYZca4A4BUKWB3XBbRnjZgeA8GpBw8cy6JQJ5f09IyurDPMx
5mQ9ZoL+vUIAn3p0GYwd4qjuxMbdclbAN+J9M039DLVecLRa4XMVS2f+fwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD9T5nw99v+c/awswV9ef6Dy0nErMB8GA1UdIwQY
MBaAFGVRbdxzMeLiadxX2cdjLyXefQxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlZGdDNITXg0dUpwM0ZmWngyTXZKZDU5REc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi84ZGVmMTItODk3ZS00ZTIyLWFhOGIt
ODM0YjljMTBiZjQ4LzEvUDFQbWZEMzJfNXo5ckN6QlgxNV9vUExTY1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi84ZGVmMTItODk3ZS00ZTIyLWFhOGItODM0YjljMTBiZjQ4
LzEvWlZGdDNITXg0dUpwM0ZmWngyTXZKZDU5REc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwQfUMA0E
AgACMAcDBQMqB8wAMA0GCSqGSIb3DQEBCwUAA4IBAQAX204XyEqR3jGFzR50I8qt
9WnGmpB4HH5YkCDvnJY7JYnNegtinBLV3j14owa7HsA6PCrEqc2jueGZ/Mz+EykV
PPqPK8n+ogAWnmEneo+wbYVAQkxKkII07Lm21jS37Dvlfz7d+C5S7I0k2OCgYA9E
1YRuujb19eW91ZOS4eiVCRR0Z0ftPeDcWCMDtbCN37d/Bkj6mENnn7iOXElW6y9t
IgNav8CTCq/z6Nvi78cxutPUTNBOQR1Dmy1zxfVPRwVzhXKBV84j/sMknINx3VH6
JbG7ycP81GQz9PZnB+j/zjgcait6rzSKCbXJzqydeEpNrsscqwbGHRYatS/K48z6
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:29 2025 by rpki-client