Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/PcY2iWwgmY1ewTkpgSteTP2dbvw.roa
File: PcY2iWwgmY1ewTkpgSteTP2dbvw.roa (raw, json)
Hash identifier: tU0lVzrfZ+qoUlbM1PRam+K5gVtq5waFax0cW155Fns=
Subject key identifier: 3D:C6:36:89:6C:20:99:8D:5E:C1:39:29:81:2B:5E:4C:FD:9D:6E:FC
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 018CC2DB4516DF6BBA4A123BB70449DBB1BA
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/PcY2iWwgmY1ewTkpgSteTP2dbvw.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 178.159.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 15:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:45:16:df:6b:ba:4a:12:3b:b7:04:49:db:b1:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dc636896c20998d5ec13929812b5e4cfd9d6efc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:67:fb:fc:f7:49:16:8a:bd:92:36:22:85:dd:
8b:da:3b:e0:36:fc:cc:32:ad:be:9b:60:67:ce:3e:
a0:d9:bd:36:c8:43:1b:f6:f2:6c:10:a7:df:47:7c:
ab:6c:ce:26:f7:2e:7f:80:7a:83:81:e1:c2:5c:c1:
48:12:43:f6:5b:0c:45:dd:08:d1:9a:d7:76:4a:d0:
f9:f2:35:9d:23:f2:eb:f3:db:aa:65:3f:b9:01:75:
24:0d:b9:29:9c:47:7f:d9:6b:b4:44:8e:0a:e1:d7:
24:f6:08:07:8d:52:4a:c9:a5:6f:cb:e5:b3:1c:37:
10:cd:a3:b7:d8:a7:9b:44:74:bf:29:0d:7d:b8:f4:
05:53:42:a2:29:45:89:5a:56:78:9b:00:92:fc:e1:
a5:7b:4e:80:d6:22:3a:de:cf:e1:56:f0:c9:02:90:
3f:c2:ac:ed:c6:0d:f8:fb:a6:9d:b2:03:be:74:8b:
db:40:be:8e:f7:14:c0:61:1c:06:6a:b5:51:78:1f:
55:96:70:b8:14:f5:1b:a8:ad:6b:04:fa:98:71:ef:
b3:dd:07:35:42:a1:75:04:ed:ac:7c:a6:ed:42:fb:
c2:23:ff:53:98:4b:b7:54:3e:a8:73:7a:89:69:80:
92:35:6e:1d:a6:f0:f2:e5:ef:ab:90:1e:e0:78:e7:
fb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C6:36:89:6C:20:99:8D:5E:C1:39:29:81:2B:5E:4C:FD:9D:6E:FC
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/PcY2iWwgmY1ewTkpgSteTP2dbvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.159.65.0/24
Signature Algorithm: sha256WithRSAEncryption
09:8f:e8:f4:a1:03:15:96:48:92:bd:0a:27:92:4c:e8:ca:7f:
61:ce:3f:56:6a:22:ec:ae:16:df:49:10:61:d7:25:4d:9d:86:
73:f8:51:33:b9:f5:4b:e4:1a:9b:3a:6b:b1:db:47:49:28:f2:
0e:d7:2e:79:28:49:59:ca:5e:03:a2:d0:bf:83:66:5e:98:fb:
fa:25:d4:86:9e:ea:86:a0:93:2f:02:7a:65:40:ca:38:f6:dc:
d5:e0:48:c9:14:72:53:86:c8:f7:21:69:45:97:48:f8:c6:9b:
0c:42:76:7a:4f:3d:54:e3:c7:a7:a3:59:68:cb:9b:11:cc:e7:
8c:e7:a3:89:b2:eb:d2:1b:b0:40:86:5a:c3:39:ab:2e:09:64:
76:ad:bb:80:34:52:31:22:41:4d:9b:84:1a:92:ec:fc:d4:57:
16:5f:e8:65:23:f8:2d:70:45:d5:79:f1:28:77:95:9e:b2:6b:
d4:b9:b8:f5:6e:fc:be:83:a6:5d:64:cf:83:c2:41:a1:f2:d5:
db:69:ce:a1:d9:87:fe:3d:7f:f6:f9:97:ad:56:ee:7b:26:95:
6e:f3:38:4b:f7:ee:db:f1:8f:02:e8:dc:df:e5:20:38:b2:9f:
01:5a:dd:1f:9b:26:ca:22:5c:84:25:d4:82:ac:af:ac:25:23:
e8:10:3e:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC20UW32u6ShI7twRJ27G6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGM2MzY4OTZjMjA5OThkNWVjMTM5Mjk4MTJiNWU0Y2ZkOWQ2ZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGf7/PdJFoq9kjYihd2L2jvgNvzM
Mq2+m2Bnzj6g2b02yEMb9vJsEKffR3yrbM4m9y5/gHqDgeHCXMFIEkP2WwxF3QjR
mtd2StD58jWdI/Lr89uqZT+5AXUkDbkpnEd/2Wu0RI4K4dck9ggHjVJKyaVvy+Wz
HDcQzaO32KebRHS/KQ19uPQFU0KiKUWJWlZ4mwCS/OGle06A1iI63s/hVvDJApA/
wqztxg34+6adsgO+dIvbQL6O9xTAYRwGarVReB9VlnC4FPUbqK1rBPqYce+z3Qc1
QqF1BO2sfKbtQvvCI/9TmEu3VD6oc3qJaYCSNW4dpvDy5e+rkB7geOf7WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3GNolsIJmNXsE5KYErXkz9nW78MB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEvUGNZMmlXd2dtWTFld1RrcGdTdGVUUDJkYnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsp9BMA0G
CSqGSIb3DQEBCwUAA4IBAQAJj+j0oQMVlkiSvQonkkzoyn9hzj9WaiLsrhbfSRBh
1yVNnYZz+FEzufVL5BqbOmux20dJKPIO1y55KElZyl4DotC/g2ZemPv6JdSGnuqG
oJMvAnplQMo49tzV4EjJFHJThsj3IWlFl0j4xpsMQnZ6Tz1U48eno1loy5sRzOeM
56OJsuvSG7BAhlrDOasuCWR2rbuANFIxIkFNm4Qakuz81FcWX+hlI/gtcEXVefEo
d5WesmvUubj1bvy+g6ZdZM+DwkGh8tXbac6h2Yf+PX/2+ZetVu57JpVu8zhL9+7b
8Y8C6Nzf5SA4sp8BWt0fmybKIlyEJdSCrK+sJSPoED7n
-----END CERTIFICATE-----
Generated at Fri Feb 16 20:24:02 2024 by rpki-client on console-fra.rpki-client.org