Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b664cb-349a-4ffb-b268-090e5bd580b3/1/PwUwxaEIooFdLdOdq-tZZkZtrpQ.roa
File: PwUwxaEIooFdLdOdq-tZZkZtrpQ.roa (raw, json)
Hash identifier: jV31awmvq5OvDjcbrNBblaAB06X6sq2O07GVjzLWWMA=
Subject key identifier: 3F:05:30:C5:A1:08:A2:81:5D:2D:D3:9D:AB:EB:59:66:46:6D:AE:94
Certificate issuer: /CN=c77a11ccad12e455286f5d0eb3040e863f30c993
Certificate serial: 018C5D43FEAE815A07ECE10D92E7F96FCF0A
Authority key identifier: C7:7A:11:CC:AD:12:E4:55:28:6F:5D:0E:B3:04:0E:86:3F:30:C9:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3oRzK0S5FUob10OswQOhj8wyZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b664cb-349a-4ffb-b268-090e5bd580b3/1/PwUwxaEIooFdLdOdq-tZZkZtrpQ.roa
Signing time: Tue 12 Dec 2023 09:03:06 +0000
ROA not before: Tue 12 Dec 2023 09:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20847
IP address blocks: 195.60.212.0/22 maxlen: 24
2001:67c:78::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:43:fe:ae:81:5a:07:ec:e1:0d:92:e7:f9:6f:cf:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77a11ccad12e455286f5d0eb3040e863f30c993
Validity
Not Before: Dec 12 09:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f0530c5a108a2815d2dd39dabeb5966466dae94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d6:f9:8f:17:bf:67:4d:e4:ee:8c:5c:7a:8f:
dc:77:25:6a:3a:a0:72:61:99:08:c6:2f:8e:6b:15:
31:a0:d1:99:82:62:f5:f0:f0:fc:63:dc:4b:ba:4a:
b2:55:9f:ca:a1:95:4b:f1:2e:44:d2:6f:fc:1f:94:
2a:4a:b3:4d:e6:41:f7:34:8e:ad:c1:b4:c8:16:d2:
d4:cb:50:e4:64:e9:0f:f3:a8:cc:1c:68:73:4f:c7:
44:eb:e2:72:fa:2f:0a:3e:0c:b4:8a:50:9f:47:d3:
53:38:98:e6:d4:d2:c4:06:3b:69:ab:89:24:cf:66:
35:28:33:a8:ed:ab:a3:cf:94:a1:c4:cd:c2:d9:59:
49:b6:e8:7d:4e:c0:80:ec:d0:a2:b4:48:07:a9:8b:
4d:d5:25:4f:95:99:b5:ce:df:b2:7f:2a:79:75:52:
53:26:d3:80:06:55:4e:c8:4e:54:30:78:5b:34:10:
69:d7:49:a8:44:b7:91:c1:75:ee:9c:76:3a:04:06:
00:50:db:c4:63:42:88:69:cf:55:b0:00:89:4c:67:
98:7b:1d:8c:73:9c:d3:b3:12:52:de:ba:3b:d9:b0:
65:40:11:1a:e7:ca:52:59:87:18:90:d1:91:48:61:
ab:14:d4:73:64:c2:38:54:38:12:2e:af:31:4e:ac:
84:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:05:30:C5:A1:08:A2:81:5D:2D:D3:9D:AB:EB:59:66:46:6D:AE:94
X509v3 Authority Key Identifier:
keyid:C7:7A:11:CC:AD:12:E4:55:28:6F:5D:0E:B3:04:0E:86:3F:30:C9:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3oRzK0S5FUob10OswQOhj8wyZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b664cb-349a-4ffb-b268-090e5bd580b3/1/PwUwxaEIooFdLdOdq-tZZkZtrpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b664cb-349a-4ffb-b268-090e5bd580b3/1/x3oRzK0S5FUob10OswQOhj8wyZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.212.0/22
IPv6:
2001:67c:78::/48
Signature Algorithm: sha256WithRSAEncryption
5c:01:24:bb:02:cf:e9:62:c2:a8:78:87:9f:95:ff:cf:8a:29:
85:af:93:a4:48:e5:78:cc:40:13:2c:97:f8:b3:5b:2b:89:e0:
96:5b:5d:06:e7:02:9e:4e:c4:6e:10:a5:ee:9e:29:89:15:b6:
fd:2d:cf:b8:a6:bc:ae:a9:08:73:5f:de:6b:60:44:93:80:44:
89:24:97:9f:75:a6:08:27:8d:05:09:fd:c6:e7:1c:5c:35:85:
a2:cd:d4:89:91:bb:36:80:e4:99:76:69:79:22:4d:43:02:91:
f5:68:e6:a6:5b:b8:d6:94:47:83:ae:f4:cd:ed:67:42:ea:42:
31:a2:9f:4a:d4:ff:13:56:38:57:74:f3:4e:74:29:0a:18:15:
9f:28:0c:81:93:94:40:4e:91:62:52:b9:d5:e6:05:08:d4:bc:
1e:c7:22:42:94:d2:60:7e:0a:82:df:c2:bc:0d:b3:9b:9b:dc:
b8:9a:11:4c:14:5a:57:6b:6d:f3:be:b7:b5:c6:cf:74:bb:c6:
1c:36:5c:b6:72:43:f8:bb:79:40:e9:fc:72:fe:9c:e5:f6:f2:
8b:fc:f9:89:9b:02:a1:52:5e:44:5e:c1:be:da:6a:cf:8f:15:
01:e3:0a:84:3d:41:d2:51:c7:d0:8d:b1:7b:13:1d:6e:1f:88:
73:8d:2c:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxdQ/6ugVoH7OENkuf5b88KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3N2ExMWNjYWQxMmU0NTUyODZmNWQwZWIzMDQwZTg2M2Yz
MGM5OTMwHhcNMjMxMjEyMDkwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA1MzBjNWExMDhhMjgxNWQyZGQzOWRhYmViNTk2NjQ2NmRhZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdb5jxe/Z03k7oxceo/cdyVqOqBy
YZkIxi+OaxUxoNGZgmL18PD8Y9xLukqyVZ/KoZVL8S5E0m/8H5QqSrNN5kH3NI6t
wbTIFtLUy1DkZOkP86jMHGhzT8dE6+Jy+i8KPgy0ilCfR9NTOJjm1NLEBjtpq4kk
z2Y1KDOo7aujz5ShxM3C2VlJtuh9TsCA7NCitEgHqYtN1SVPlZm1zt+yfyp5dVJT
JtOABlVOyE5UMHhbNBBp10moRLeRwXXunHY6BAYAUNvEY0KIac9VsACJTGeYex2M
c5zTsxJS3ro72bBlQBEa58pSWYcYkNGRSGGrFNRzZMI4VDgSLq8xTqyEMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD8FMMWhCKKBXS3TnavrWWZGba6UMB8GA1UdIwQY
MBaAFMd6EcytEuRVKG9dDrMEDoY/MMmTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNvUnpLMFM1RlVvYjEwT3N3UU9oajh3eVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iNjY0Y2ItMzQ5YS00ZmZiLWIyNjgt
MDkwZTViZDU4MGIzLzEvUHdVd3hhRUlvb0ZkTGRPZHEtdFpaa1p0cnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iNjY0Y2ItMzQ5YS00ZmZiLWIyNjgtMDkwZTViZDU4MGIz
LzEveDNvUnpLMFM1RlVvYjEwT3N3UU9oajh3eVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwzzUMA8E
AgACMAkDBwAgAQZ8AHgwDQYJKoZIhvcNAQELBQADggEBAFwBJLsCz+liwqh4h5+V
/8+KKYWvk6RI5XjMQBMsl/izWyuJ4JZbXQbnAp5OxG4Qpe6eKYkVtv0tz7imvK6p
CHNf3mtgRJOARIkkl591pggnjQUJ/cbnHFw1haLN1ImRuzaA5Jl2aXkiTUMCkfVo
5qZbuNaUR4Ou9M3tZ0LqQjGin0rU/xNWOFd08050KQoYFZ8oDIGTlEBOkWJSudXm
BQjUvB7HIkKU0mB+CoLfwrwNs5ub3LiaEUwUWldrbfO+t7XGz3S7xhw2XLZyQ/i7
eUDp/HL+nOX28ov8+YmbAqFSXkRewb7aas+PFQHjCoQ9QdJRx9CNsXsTHW4fiHON
LBo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:53 2024 by rpki-client on console-ams.rpki-client.org