Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PjMcxasiqmSX1myQr8qmk9Ba9FQ.roa
File: PjMcxasiqmSX1myQr8qmk9Ba9FQ.roa (raw, json)
Hash identifier: cilkB1APpE0LJjQ9K37UEgko2dijfMGWNEiTljzgJho=
Subject key identifier: 3E:33:1C:C5:AB:22:AA:64:97:D6:6C:90:AF:CA:A6:93:D0:5A:F4:54
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D777C996446FB05C6AB44D7E4B3A
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PjMcxasiqmSX1myQr8qmk9Ba9FQ.roa
Signing time: Sun 01 Jan 2023 16:54:46 +0000
ROA not before: Sun 01 Jan 2023 16:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41635
IP address blocks: 89.38.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d7:77:c9:96:44:6f:b0:5c:6a:b4:4d:7e:4b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e331cc5ab22aa6497d66c90afcaa693d05af454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c6:07:31:52:1d:46:a9:33:10:eb:91:8d:83:
fd:40:28:db:f7:92:8c:bf:f0:c9:fd:ba:c8:3b:96:
95:21:6a:8d:74:79:79:b7:5c:91:0e:a5:ca:72:61:
d4:ce:98:dd:f4:f9:ed:8a:f3:d0:ad:11:7b:43:85:
c2:5f:04:cd:c6:70:44:47:e6:82:19:7a:e8:a4:0f:
a9:ea:01:0a:df:89:8a:f9:6e:d9:af:6b:0f:d2:f6:
61:a1:67:24:ed:c9:4b:8a:f1:b7:16:76:e4:09:fa:
8c:37:a0:08:53:2d:2b:af:90:04:eb:9f:d5:cc:e5:
5b:3f:83:40:ba:9b:d9:82:fc:76:36:a4:2b:e4:1e:
2e:af:ef:a3:9f:86:cb:87:1c:94:2a:d1:5a:e9:20:
64:21:28:2d:c3:93:39:77:37:31:b4:38:ff:e9:f7:
53:59:e9:0a:18:f6:b6:78:70:f8:86:5f:bd:4a:ea:
52:b1:2a:c3:31:62:b1:fc:c4:7f:22:b9:7b:f8:83:
e0:46:a5:96:22:b6:08:9b:6a:c3:73:8b:0f:d6:52:
82:83:0d:55:21:24:18:82:44:ef:92:5a:b4:23:7b:
7f:cc:80:71:a5:9d:7e:bd:8d:10:8e:aa:d7:dc:38:
f7:65:d9:cc:54:a5:13:29:09:f7:ec:f2:e5:a3:46:
61:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:33:1C:C5:AB:22:AA:64:97:D6:6C:90:AF:CA:A6:93:D0:5A:F4:54
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PjMcxasiqmSX1myQr8qmk9Ba9FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.208.0/22
Signature Algorithm: sha256WithRSAEncryption
25:9d:e2:e5:b4:e4:a1:d2:28:e6:72:17:84:6b:23:ed:dd:1d:
34:08:c4:f1:33:c6:f0:25:9a:50:34:f9:61:39:40:79:88:98:
ca:51:94:cb:02:25:3f:4a:92:7f:f3:0f:f2:b9:a7:e1:66:ee:
ae:b8:ee:12:38:52:27:c8:ae:91:18:7d:f4:95:fb:db:b2:22:
b4:84:f3:a7:0d:34:39:c7:92:32:4f:52:e9:85:66:f6:6d:f4:
a6:c4:ca:1f:5a:38:a9:81:3f:ad:5f:2e:0d:b9:b7:c6:98:2c:
10:75:66:8f:db:0f:4a:6c:51:3d:3e:fe:91:33:2d:cf:94:f5:
17:78:e3:a4:86:99:ee:fb:cb:83:2e:1b:86:1f:9b:60:41:a1:
e6:5b:93:b2:fc:cd:30:ec:00:50:1f:b0:89:e9:a4:ce:b2:a8:
5d:7e:97:1a:fa:63:28:f3:f0:40:c8:12:14:ce:ed:90:9c:0a:
e9:61:f0:df:82:b7:fd:79:10:a9:db:d5:e5:17:32:2b:3b:b5:
d9:30:b7:29:b3:29:1c:df:c3:73:da:a0:3f:7a:70:42:03:db:
18:7e:76:81:db:89:eb:d9:f5:15:d9:bf:d1:39:2a:ec:fd:53:
af:cb:95:bd:d0:47:ab:d7:be:08:f4:05:73:66:0d:db:9e:54:
b7:1f:f7:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQdd3yZZEb7BcarRNfks6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTMzMWNjNWFiMjJhYTY0OTdkNjZjOTBhZmNhYTY5M2QwNWFmNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMYHMVIdRqkzEOuRjYP9QCjb95KM
v/DJ/brIO5aVIWqNdHl5t1yRDqXKcmHUzpjd9PntivPQrRF7Q4XCXwTNxnBER+aC
GXropA+p6gEK34mK+W7Zr2sP0vZhoWck7clLivG3FnbkCfqMN6AIUy0rr5AE65/V
zOVbP4NAupvZgvx2NqQr5B4ur++jn4bLhxyUKtFa6SBkISgtw5M5dzcxtDj/6fdT
WekKGPa2eHD4hl+9SupSsSrDMWKx/MR/Irl7+IPgRqWWIrYIm2rDc4sP1lKCgw1V
ISQYgkTvklq0I3t/zIBxpZ1+vY0QjqrX3Dj3ZdnMVKUTKQn37PLlo0ZhuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4zHMWrIqpkl9ZskK/KppPQWvRUMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvUGpNY3hhc2lxbVNYMW15UXI4cW1rOUJhOUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSbQMA0G
CSqGSIb3DQEBCwUAA4IBAQAlneLltOSh0ijmcheEayPt3R00CMTxM8bwJZpQNPlh
OUB5iJjKUZTLAiU/SpJ/8w/yuafhZu6uuO4SOFInyK6RGH30lfvbsiK0hPOnDTQ5
x5IyT1LphWb2bfSmxMofWjipgT+tXy4NubfGmCwQdWaP2w9KbFE9Pv6RMy3PlPUX
eOOkhpnu+8uDLhuGH5tgQaHmW5Oy/M0w7ABQH7CJ6aTOsqhdfpca+mMo8/BAyBIU
zu2QnArpYfDfgrf9eRCp29XlFzIrO7XZMLcpsykc38Nz2qA/enBCA9sYfnaB24nr
2fUV2b/ROSrs/VOvy5W90Eer174I9AVzZg3bnlS3H/fK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:06 2024 by rpki-client on console-fra.rpki-client.org