Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/PkjVBvMX5Ciz6CetU9DCYM8j0mM.roa
File: PkjVBvMX5Ciz6CetU9DCYM8j0mM.roa (raw, json)
Hash identifier: od6/VXRAXRf3K3kXMfLC2jZUsryzG+rbhuBFl5+D0YI=
Subject key identifier: 3E:48:D5:06:F3:17:E4:28:B3:E8:27:AD:53:D0:C2:60:CF:23:D2:63
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01869C0D383FF762F5C63CEDFD11CCB45E18
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/PkjVBvMX5Ciz6CetU9DCYM8j0mM.roa
Signing time: Wed 01 Mar 2023 07:22:37 +0000
ROA not before: Wed 01 Mar 2023 07:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.137.61.0/24 maxlen: 24
185.125.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 10:06:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:0d:38:3f:f7:62:f5:c6:3c:ed:fd:11:cc:b4:5e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Mar 1 07:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e48d506f317e428b3e827ad53d0c260cf23d263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:97:2a:83:4d:7e:5a:e5:86:89:fc:84:9a:
a3:df:cd:77:d3:43:5b:c7:91:27:90:3c:46:22:e0:
d2:f9:45:2c:2b:a8:e6:dc:70:6e:12:f6:9e:c7:0d:
cc:5c:62:a5:4b:e9:05:d5:a5:d2:b2:23:71:0c:13:
83:37:32:c4:bb:df:d1:82:02:d8:e5:66:1e:6b:78:
d4:27:84:d4:74:81:53:c8:e2:32:10:92:3c:de:8a:
20:1a:7c:1f:35:dd:f2:5f:1a:5e:4e:5b:cf:38:6b:
91:f8:ac:87:c3:84:5b:3e:e7:9d:ca:2d:56:e5:3b:
69:c6:a8:4b:d3:23:8a:f9:3e:b6:29:25:1d:b5:b8:
27:d4:b4:b7:50:c2:d1:30:58:55:17:e3:0d:36:ed:
88:04:0e:da:e4:83:1d:35:18:05:14:3a:ed:09:d4:
5c:0b:f6:d8:03:79:c1:76:a6:91:33:c6:e3:1c:fe:
61:34:7d:6d:c5:78:82:cf:04:82:59:ec:3b:4e:7a:
2c:e9:98:13:5c:b0:69:8a:8b:82:93:9f:4f:57:ff:
53:61:56:47:51:27:6a:21:24:7d:c1:df:8b:87:94:
e1:f0:a1:cb:26:9d:23:30:92:08:76:04:5b:11:0b:
17:6a:3c:f9:35:fb:bb:3f:34:29:d6:93:79:12:e5:
1b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:48:D5:06:F3:17:E4:28:B3:E8:27:AD:53:D0:C2:60:CF:23:D2:63
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/PkjVBvMX5Ciz6CetU9DCYM8j0mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.20.0/24
185.137.61.0/24
Signature Algorithm: sha256WithRSAEncryption
77:d2:c4:7d:d1:bb:0d:06:a1:15:28:70:a6:0c:38:ea:2a:94:
1e:90:2f:f5:6c:8c:0f:78:3e:7e:bc:12:64:61:54:42:56:84:
1d:65:b8:b0:7e:dc:0e:1b:dc:e8:58:07:dc:85:98:4a:fd:95:
c7:e1:98:f4:61:17:3b:29:4c:83:28:92:c7:66:ce:44:c3:3f:
4b:06:e7:10:f9:13:8f:55:3e:c7:db:c5:6b:1b:d8:ed:ea:8c:
a6:aa:8e:92:ad:9e:ed:52:a3:49:8d:11:26:77:cc:a6:e0:e1:
50:8d:4e:b9:79:f3:e2:da:d3:0c:1c:5d:e8:74:ed:38:94:ed:
5d:5d:92:8a:4a:cb:c7:ba:d8:8a:77:f7:f5:ea:b7:3b:50:ee:
2e:c4:de:6a:61:1c:e8:b8:89:33:f9:d1:94:85:99:1c:68:4e:
f3:23:66:6d:94:fa:aa:2b:2f:2d:c3:cb:1c:dc:0b:ae:ca:65:
84:1a:40:3f:61:dc:a1:2b:06:7c:0a:7a:6f:5a:70:3a:74:30:
b6:08:10:72:e8:44:24:41:dd:6f:cc:54:94:78:00:07:7d:39:
a7:00:24:b1:4d:7d:33:f3:de:c4:d6:4d:66:43:c5:53:17:d3:
53:9b:b8:43:52:c9:58:73:38:d3:9c:49:60:98:12:fa:17:f1:
c8:84:49:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYacDTg/92L1xjzt/RHMtF4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwMzAxMDcyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQ4ZDUwNmYzMTdlNDI4YjNlODI3YWQ1M2QwYzI2MGNmMjNkMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX2XKoNNflrlhon8hJqj381300Nb
x5EnkDxGIuDS+UUsK6jm3HBuEvaexw3MXGKlS+kF1aXSsiNxDBODNzLEu9/RggLY
5WYea3jUJ4TUdIFTyOIyEJI83oogGnwfNd3yXxpeTlvPOGuR+KyHw4RbPuedyi1W
5TtpxqhL0yOK+T62KSUdtbgn1LS3UMLRMFhVF+MNNu2IBA7a5IMdNRgFFDrtCdRc
C/bYA3nBdqaRM8bjHP5hNH1txXiCzwSCWew7Tnos6ZgTXLBpiouCk59PV/9TYVZH
USdqISR9wd+Lh5Th8KHLJp0jMJIIdgRbEQsXajz5Nfu7PzQp1pN5EuUbxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5I1QbzF+Qos+gnrVPQwmDPI9JjMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvUGtqVkJ2TVg1Q2l6NkNldFU5RENZTThqMG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuX0UAwQA
uYk9MA0GCSqGSIb3DQEBCwUAA4IBAQB30sR90bsNBqEVKHCmDDjqKpQekC/1bIwP
eD5+vBJkYVRCVoQdZbiwftwOG9zoWAfchZhK/ZXH4Zj0YRc7KUyDKJLHZs5Ewz9L
BucQ+ROPVT7H28VrG9jt6oymqo6SrZ7tUqNJjREmd8ym4OFQjU65efPi2tMMHF3o
dO04lO1dXZKKSsvHutiKd/f16rc7UO4uxN5qYRzouIkz+dGUhZkcaE7zI2ZtlPqq
Ky8tw8sc3AuuymWEGkA/YdyhKwZ8CnpvWnA6dDC2CBBy6EQkQd1vzFSUeAAHfTmn
ACSxTX0z897E1k1mQ8VTF9NTm7hDUslYczjTnElgmBL6F/HIhEmp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org