Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PwJQIZoC9swSziNijcK7dTGMo8E.roa
File: PwJQIZoC9swSziNijcK7dTGMo8E.roa (raw, json)
Hash identifier: hY3T7bd30QJS92J9yimuq8n1K6xKTBvJFpvkZAEt4LU=
Subject key identifier: 3F:02:50:21:9A:02:F6:CC:12:CE:23:62:8D:C2:BB:75:31:8C:A3:C1
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018857A535C0410AA8754ED1208EED396A06
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PwJQIZoC9swSziNijcK7dTGMo8E.roa
Signing time: Fri 26 May 2023 10:40:24 +0000
ROA not before: Fri 26 May 2023 10:40:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212941
IP address blocks: 178.239.240.0/20 maxlen: 24
185.67.96.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:a5:35:c0:41:0a:a8:75:4e:d1:20:8e:ed:39:6a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: May 26 10:40:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f0250219a02f6cc12ce23628dc2bb75318ca3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ca:20:92:fb:0b:b6:ce:14:1f:75:cf:65:f9:
6b:01:15:56:47:31:cf:21:39:5a:24:31:15:d5:88:
e9:a8:dc:8e:b3:66:13:08:47:d4:49:31:00:e1:7e:
d1:21:f6:e4:41:91:63:2f:64:93:82:84:5d:be:a3:
08:6b:cc:06:ff:61:41:17:2e:85:c0:68:1b:60:98:
ea:ae:32:9c:0a:7e:c2:65:4e:b5:66:56:4c:09:59:
7e:b3:5d:0d:49:58:36:a8:de:f4:c9:cf:06:da:6c:
b2:e7:97:d3:47:e8:78:85:d0:a8:1d:55:98:f9:72:
a6:e0:4d:36:aa:13:fb:51:8e:c1:e0:0f:48:a8:5e:
a9:76:88:e5:d8:32:96:17:3e:b8:80:b7:af:2e:b1:
a6:bf:88:b7:64:77:97:31:59:18:13:77:50:10:07:
62:10:73:fa:88:7c:a3:0d:0c:51:22:bc:73:2d:03:
72:ac:73:4f:2d:a9:c5:1c:f0:3c:3e:25:10:de:66:
64:36:77:51:20:5c:d3:8a:4c:fb:93:f5:d8:1f:12:
ca:1b:32:09:43:f2:52:60:36:8a:5d:31:52:e5:73:
c9:ad:53:99:a7:06:8e:70:00:70:9c:e8:95:b4:e6:
6c:a6:41:29:21:dc:40:8b:cc:25:68:ee:33:bd:16:
57:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:02:50:21:9A:02:F6:CC:12:CE:23:62:8D:C2:BB:75:31:8C:A3:C1
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PwJQIZoC9swSziNijcK7dTGMo8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.240.0/20
185.67.96.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:ee:c2:a2:bd:45:e1:ad:4f:3f:ea:e9:35:0e:63:b6:8b:f6:
61:3e:11:c3:79:3d:f9:70:35:2d:83:dd:bf:8c:08:0b:9d:23:
62:47:67:c2:93:66:cb:8b:31:e9:6d:51:8b:65:b9:c8:46:55:
0d:af:19:3b:3d:b4:9c:7a:a0:ef:2f:32:bb:15:a2:56:9c:7d:
7f:bb:69:4b:f5:54:91:7f:dd:95:09:37:ad:e9:7d:db:ef:8a:
59:a6:a6:ac:f5:e0:7b:83:6a:7a:56:b4:b5:9b:86:74:1a:32:
e6:6c:51:25:5a:5e:99:81:20:92:40:1f:f0:18:eb:ac:b3:80:
6a:f0:9c:39:d8:79:db:ce:45:de:6b:34:8a:13:6e:1a:5c:be:
e7:64:3b:33:0e:68:e2:14:45:46:e5:eb:ae:36:00:cf:89:71:
b0:1f:4a:29:23:48:5b:f8:7e:ef:60:aa:04:75:59:9d:d1:c8:
d1:e2:e1:ba:6c:c0:11:e5:b2:28:e1:d1:13:d3:a7:04:55:51:
f5:a0:73:16:d8:c0:4d:c8:bc:45:91:20:28:d7:ab:45:4f:62:
30:8c:68:6b:ba:fe:32:42:84:13:7f:70:26:53:49:67:b2:3a:
71:52:46:85:1f:67:e9:25:27:83:91:e3:ac:5e:9e:c1:d0:ed:
c5:20:13:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhXpTXAQQqodU7RII7tOWoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwNTI2MTA0MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjAyNTAyMTlhMDJmNmNjMTJjZTIzNjI4ZGMyYmI3NTMxOGNhM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8ogkvsLts4UH3XPZflrARVWRzHP
ITlaJDEV1YjpqNyOs2YTCEfUSTEA4X7RIfbkQZFjL2STgoRdvqMIa8wG/2FBFy6F
wGgbYJjqrjKcCn7CZU61ZlZMCVl+s10NSVg2qN70yc8G2myy55fTR+h4hdCoHVWY
+XKm4E02qhP7UY7B4A9IqF6pdojl2DKWFz64gLevLrGmv4i3ZHeXMVkYE3dQEAdi
EHP6iHyjDQxRIrxzLQNyrHNPLanFHPA8PiUQ3mZkNndRIFzTikz7k/XYHxLKGzIJ
Q/JSYDaKXTFS5XPJrVOZpwaOcABwnOiVtOZspkEpIdxAi8wlaO4zvRZXbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD8CUCGaAvbMEs4jYo3Cu3UxjKPBMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvUHdKUUlab0M5c3dTemlOaWpjSzdkVEdNbzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsu/wAwQC
uUNgMA0GCSqGSIb3DQEBCwUAA4IBAQAt7sKivUXhrU8/6uk1DmO2i/ZhPhHDeT35
cDUtg92/jAgLnSNiR2fCk2bLizHpbVGLZbnIRlUNrxk7PbSceqDvLzK7FaJWnH1/
u2lL9VSRf92VCTet6X3b74pZpqas9eB7g2p6VrS1m4Z0GjLmbFElWl6ZgSCSQB/w
GOuss4Bq8Jw52HnbzkXeazSKE24aXL7nZDszDmjiFEVG5euuNgDPiXGwH0opI0hb
+H7vYKoEdVmd0cjR4uG6bMAR5bIo4dET06cEVVH1oHMW2MBNyLxFkSAo16tFT2Iw
jGhruv4yQoQTf3AmU0lnsjpxUkaFH2fpJSeDkeOsXp7B0O3FIBMC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org