Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/PGPaVWsoqD-yyL6TXD1NJicnVX8.roa
File: PGPaVWsoqD-yyL6TXD1NJicnVX8.roa (raw, json)
Hash identifier: QeK2aVb9ML9pu7DQAbJPLKXGaJqOUmRaWHuaZCt4e5w=
Subject key identifier: 3C:63:DA:55:6B:28:A8:3F:B2:C8:BE:93:5C:3D:4D:26:27:27:55:7F
Certificate issuer: /CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Certificate serial: 019152DCAE0BD9232218EC35555B794EBA91
Authority key identifier: 4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/PGPaVWsoqD-yyL6TXD1NJicnVX8.roa
Signing time: Wed 14 Aug 2024 21:47:59 +0000
ROA not before: Wed 14 Aug 2024 21:47:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207605
IP address blocks: 176.119.205.0/24 maxlen: 24
195.189.140.0/24 maxlen: 24
195.189.141.0/24 maxlen: 24
2a05:4500::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:dc:ae:0b:d9:23:22:18:ec:35:55:5b:79:4e:ba:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Validity
Not Before: Aug 14 21:47:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c63da556b28a83fb2c8be935c3d4d262727557f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f3:bf:2f:52:12:0d:46:67:e3:49:f1:f2:22:
30:cd:0e:8f:f9:d8:4b:86:fb:25:07:3f:84:25:8d:
2d:79:95:40:a0:21:b6:8d:08:67:ae:8d:3a:e1:45:
1b:da:d1:6a:21:f7:36:df:7d:c8:cd:91:26:00:c6:
28:e6:53:05:48:b7:f3:c5:fe:18:d5:d9:ba:93:41:
b9:94:4c:d7:c4:4c:1e:d1:dd:4d:bb:b9:b5:10:41:
6b:0a:fc:92:84:dd:ec:53:22:6e:d4:8a:1d:00:f0:
ab:4e:c3:36:1c:81:06:be:8b:94:34:3f:78:3e:1a:
9a:8f:07:04:a8:5c:13:82:65:32:b5:d1:92:e0:78:
f7:fd:80:e0:0e:ee:3e:8c:87:9f:d0:93:11:d2:b9:
5f:46:8f:34:1a:41:00:67:76:56:63:8d:72:0e:5a:
ae:53:d4:c9:11:ba:f4:d4:60:23:6e:b0:a1:16:b9:
53:e6:96:ed:f0:96:c8:66:4c:ca:7c:ce:1c:b2:1c:
4e:70:d2:5d:7b:f0:1f:4d:61:6d:29:6c:7e:73:21:
9c:ed:c9:f1:1a:f3:98:f1:cf:e2:7b:73:3c:85:c5:
77:9f:bb:d0:fc:6e:76:86:59:97:7d:b4:d9:59:06:
2e:d0:6b:3d:9f:e3:74:47:f1:9c:0b:0a:37:e8:f2:
2e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:63:DA:55:6B:28:A8:3F:B2:C8:BE:93:5C:3D:4D:26:27:27:55:7F
X509v3 Authority Key Identifier:
keyid:4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/PGPaVWsoqD-yyL6TXD1NJicnVX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.205.0/24
195.189.140.0/23
IPv6:
2a05:4500::/29
Signature Algorithm: sha256WithRSAEncryption
2d:52:fd:3e:b3:c3:a1:5a:98:a5:67:2a:17:cf:4f:ad:6c:fe:
38:5b:ca:9a:e7:0a:7f:de:63:1d:e0:46:69:29:40:d4:6f:92:
31:b2:99:79:61:03:3e:01:6d:0f:b5:33:a4:e3:ad:6b:a9:f7:
1c:14:88:f3:25:a0:f9:9b:e4:e7:fd:6c:ae:c7:8b:84:92:c0:
2f:4f:ea:c0:b8:4e:e3:52:67:4b:1e:bb:ec:b7:1f:6b:47:39:
2f:12:3a:b0:7c:6c:f5:03:ec:b8:f7:fa:30:23:a3:d9:ee:6a:
14:95:76:d2:56:0c:c2:f6:0d:ba:55:db:03:ea:91:d5:43:91:
1f:51:cc:85:4c:f0:f7:ec:00:f7:2b:b3:40:91:8e:40:2f:f4:
03:78:a1:c5:8a:1f:d0:17:2d:62:98:2e:f6:48:43:9f:93:5b:
3c:83:d9:e7:db:15:2a:fa:b0:cd:0c:e6:b6:3f:08:3f:9f:9c:
b5:d0:97:c6:09:a6:72:e0:f6:22:cb:b8:65:38:bb:17:7b:9f:
55:a9:b7:86:70:22:6a:bf:d0:a8:5c:30:ef:ba:6a:18:cd:5c:
7a:28:15:a9:3b:ab:a9:79:c0:dc:26:b2:07:f9:17:e2:ae:d6:
be:66:a3:e2:7e:8c:71:17:b0:c7:cb:51:f8:d2:cd:e0:73:90:
a5:38:12:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFS3K4L2SMiGOw1VVt5TrqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDFiMDg1MWI3Zjg5ZWE0YmIxMzJhN2Y1Mzk1YjlkMmFj
YTFjMDIwHhcNMjQwODE0MjE0NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzYzZGE1NTZiMjhhODNmYjJjOGJlOTM1YzNkNGQyNjI3Mjc1NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/O/L1ISDUZn40nx8iIwzQ6P+dhL
hvslBz+EJY0teZVAoCG2jQhnro064UUb2tFqIfc2333IzZEmAMYo5lMFSLfzxf4Y
1dm6k0G5lEzXxEwe0d1Nu7m1EEFrCvyShN3sUyJu1IodAPCrTsM2HIEGvouUND94
PhqajwcEqFwTgmUytdGS4Hj3/YDgDu4+jIef0JMR0rlfRo80GkEAZ3ZWY41yDlqu
U9TJEbr01GAjbrChFrlT5pbt8JbIZkzKfM4cshxOcNJde/AfTWFtKWx+cyGc7cnx
GvOY8c/ie3M8hcV3n7vQ/G52hlmXfbTZWQYu0Gs9n+N0R/GcCwo36PIuawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDxj2lVrKKg/ssi+k1w9TSYnJ1V/MB8GA1UdIwQY
MBaAFEsBsIUbf4nqS7Eyp/U5W50qyhwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgt
YmQ1MDQzYzBkMWZiLzEvUEdQYVZXc29xRC15eUw2VFhEMU5KaWNuVlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgtYmQ1MDQzYzBkMWZi
LzEvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsHfNAwQB
w72MMA0EAgACMAcDBQMqBUUAMA0GCSqGSIb3DQEBCwUAA4IBAQAtUv0+s8OhWpil
ZyoXz0+tbP44W8qa5wp/3mMd4EZpKUDUb5Ixspl5YQM+AW0PtTOk461rqfccFIjz
JaD5m+Tn/Wyux4uEksAvT+rAuE7jUmdLHrvstx9rRzkvEjqwfGz1A+y49/owI6PZ
7moUlXbSVgzC9g26VdsD6pHVQ5EfUcyFTPD37AD3K7NAkY5AL/QDeKHFih/QFy1i
mC72SEOfk1s8g9nn2xUq+rDNDOa2Pwg/n5y10JfGCaZy4PYiy7hlOLsXe59VqbeG
cCJqv9CoXDDvumoYzVx6KBWpO6upecDcJrIH+Rfirta+ZqPifoxxF7DHy1H40s3g
c5ClOBIz
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:38:26 2025 by rpki-client