Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Pm439kpn8MOhLyiX1CzaxwhrqOg.roa
File: Pm439kpn8MOhLyiX1CzaxwhrqOg.roa (raw, json)
Hash identifier: sn7wTm+IjJaL2Qneg16LXQg4n6t9lJ+rOwNqFGLLP3s=
Subject key identifier: 3E:6E:37:F6:4A:67:F0:C3:A1:2F:28:97:D4:2C:DA:C7:08:6B:A8:E8
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DACBDDACFB3B3C946CFD4D7C87AFA5
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Pm439kpn8MOhLyiX1CzaxwhrqOg.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202147
IP address blocks: 91.245.200.0/21 maxlen: 24
88.98.112.0/20 maxlen: 24
185.51.108.0/22 maxlen: 24
188.241.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 11:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cb:dd:ac:fb:3b:3c:94:6c:fd:4d:7c:87:af:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e6e37f64a67f0c3a12f2897d42cdac7086ba8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f0:fb:c8:cd:8b:e2:36:ee:20:93:7a:7d:85:
d1:42:52:9d:2f:61:fc:f0:98:c7:f2:16:0e:38:0c:
13:8c:38:d3:5b:cb:a0:13:52:91:cd:84:fc:9b:60:
3f:48:46:84:cf:c7:79:13:9f:6f:c5:d0:76:f1:fa:
9c:c4:0f:51:bd:7a:d0:65:d2:b9:76:89:c6:e3:c0:
80:8a:9d:0e:9c:56:f8:19:5b:53:66:79:43:01:f7:
28:71:f3:41:62:f1:4f:3a:ce:68:ac:58:b3:7e:45:
c7:cd:08:2d:54:85:85:89:03:de:a6:ac:84:82:a5:
84:d5:73:78:96:52:46:cc:5e:51:de:48:1d:d6:f0:
b0:1d:d1:c5:61:8f:00:03:f7:64:60:0b:65:a8:dc:
e6:f2:36:90:03:b3:7c:84:7f:63:73:e3:1f:ef:73:
4d:a8:e3:31:87:12:3d:e6:26:cb:09:b4:e1:ce:20:
fb:7f:a7:45:ab:b0:2b:13:ad:18:ad:57:6b:e7:74:
1b:8f:a8:7e:52:d9:bb:e6:89:63:ae:3b:76:1d:e3:
01:e7:6c:6f:01:6e:e4:95:96:df:b4:8d:9d:5e:11:
92:5e:05:80:73:83:25:da:a0:1d:fa:eb:92:9c:33:
33:3d:ae:b5:54:bb:11:ed:bd:01:f4:b5:b7:3a:95:
4e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6E:37:F6:4A:67:F0:C3:A1:2F:28:97:D4:2C:DA:C7:08:6B:A8:E8
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Pm439kpn8MOhLyiX1CzaxwhrqOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.98.112.0/20
91.245.200.0/21
185.51.108.0/22
188.241.96.0/21
Signature Algorithm: sha256WithRSAEncryption
72:b1:d3:18:97:98:3e:b8:ab:6b:3a:1f:fb:5c:3c:32:62:09:
13:ae:22:c0:fa:c9:3e:a1:5e:c0:67:55:93:1d:e6:ce:f5:1c:
e6:49:ee:70:74:e8:ab:38:20:fe:62:db:d5:7d:82:68:95:15:
50:ea:73:75:98:6e:a7:a4:d3:73:0d:5f:58:93:a1:28:6f:d8:
cb:6d:87:4a:34:af:1f:8c:59:b2:bd:9c:1d:23:a6:82:74:ac:
a3:08:ea:bf:f3:f6:8a:88:7c:f1:ca:1e:5d:66:bf:73:e0:48:
72:14:b5:29:97:fb:22:67:f8:a9:80:0b:69:64:b0:c1:f1:3f:
a3:22:f0:dd:35:5e:f1:06:59:f0:6e:48:97:76:94:d8:4e:d6:
84:5c:8f:c9:1f:dc:16:25:e1:16:bf:85:f0:32:36:c6:ef:99:
8d:ac:ee:e2:ba:04:e9:43:96:dc:e8:d1:ea:80:36:bd:2d:bd:
d8:b2:9e:52:f7:5f:8b:b5:2e:cc:9c:ff:8b:ba:ff:a5:d1:13:
0c:12:16:ba:3f:81:a6:59:e1:bf:58:bb:5a:03:32:83:ad:72:
d6:91:8a:82:85:1b:d8:f6:61:3e:b2:ad:a0:45:8c:48:1e:bd:
60:b9:02:8d:eb:2b:fb:f7:8e:01:60:d5:4f:14:1f:0f:2f:9a:
49:a2:4b:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2svdrPs7PJRs/U18h6+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZlMzdmNjRhNjdmMGMzYTEyZjI4OTdkNDJjZGFjNzA4NmJhOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvD7yM2L4jbuIJN6fYXRQlKdL2H8
8JjH8hYOOAwTjDjTW8ugE1KRzYT8m2A/SEaEz8d5E59vxdB28fqcxA9RvXrQZdK5
donG48CAip0OnFb4GVtTZnlDAfcocfNBYvFPOs5orFizfkXHzQgtVIWFiQPepqyE
gqWE1XN4llJGzF5R3kgd1vCwHdHFYY8AA/dkYAtlqNzm8jaQA7N8hH9jc+Mf73NN
qOMxhxI95ibLCbThziD7f6dFq7ArE60YrVdr53Qbj6h+Utm75oljrjt2HeMB52xv
AW7klZbftI2dXhGSXgWAc4Ml2qAd+uuSnDMzPa61VLsR7b0B9LW3OpVODQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD5uN/ZKZ/DDoS8ol9Qs2scIa6joMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvUG00MzlrcG44TU9oTHlpWDFDemF4d2hycU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEWGJwAwQD
W/XIAwQCuTNsAwQDvPFgMA0GCSqGSIb3DQEBCwUAA4IBAQBysdMYl5g+uKtrOh/7
XDwyYgkTriLA+sk+oV7AZ1WTHebO9RzmSe5wdOirOCD+YtvVfYJolRVQ6nN1mG6n
pNNzDV9Yk6Eob9jLbYdKNK8fjFmyvZwdI6aCdKyjCOq/8/aKiHzxyh5dZr9z4Ehy
FLUpl/siZ/ipgAtpZLDB8T+jIvDdNV7xBlnwbkiXdpTYTtaEXI/JH9wWJeEWv4Xw
MjbG75mNrO7iugTpQ5bc6NHqgDa9Lb3Ysp5S91+LtS7MnP+Luv+l0RMMEha6P4Gm
WeG/WLtaAzKDrXLWkYqChRvY9mE+sq2gRYxIHr1guQKN6yv7944BYNVPFB8PL5pJ
oku7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org