Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PZ5kdpW0R9pN9s5Ihxl0CbCuYEw.roa
File: PZ5kdpW0R9pN9s5Ihxl0CbCuYEw.roa (raw, json)
Hash identifier: qsIu/UJbzRTI7nNrE3vM3RpDIXwPjd4IS8Vp+am3C7g=
Subject key identifier: 3D:9E:64:76:95:B4:47:DA:4D:F6:CE:48:87:19:74:09:B0:AE:60:4C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189442DB0D6E03074D14DAF3CA1ECD3B3A9
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PZ5kdpW0R9pN9s5Ihxl0CbCuYEw.roa
Signing time: Tue 11 Jul 2023 08:59:52 +0000
ROA not before: Tue 11 Jul 2023 08:59:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 185.222.29.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jul 2023 08:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:2d:b0:d6:e0:30:74:d1:4d:af:3c:a1:ec:d3:b3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 11 08:59:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d9e647695b447da4df6ce4887197409b0ae604c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:26:67:f1:55:3e:2a:23:87:a6:c3:43:b8:
51:4b:83:6e:c8:f5:84:72:d9:4a:dd:3a:1d:c5:4e:
40:48:69:23:0d:76:4a:a8:49:8a:f5:a1:be:21:16:
05:f6:3a:35:00:d1:9a:88:68:59:79:a3:eb:d8:e9:
5f:32:87:5f:d7:a6:e3:82:a5:04:59:e7:73:f5:73:
36:31:76:1d:ee:98:87:7b:54:ac:51:56:af:fb:15:
2c:51:5e:3e:2b:b4:0b:6e:80:67:b7:e7:ec:c8:b6:
35:11:c2:14:fc:f9:02:fc:d5:b3:ca:65:1a:c9:88:
e4:53:14:b5:a3:dd:a4:3c:3b:f1:bb:87:b8:e0:18:
58:36:0b:67:5d:2b:76:9a:12:95:9c:2b:e6:08:2f:
71:50:cd:54:66:e2:bc:e6:e8:bd:55:f2:30:76:eb:
6f:8c:3b:1e:f6:6b:81:31:ed:5f:82:06:bc:58:12:
46:da:7a:0d:af:18:0a:5d:6d:ca:52:4a:45:33:57:
85:5c:11:46:86:0b:82:67:dc:f2:da:71:ce:7c:85:
c6:a2:c3:04:94:f0:9d:14:52:a9:1f:8f:df:05:a0:
1f:67:ec:c0:9a:35:ef:9b:78:32:4d:af:1c:8c:86:
db:90:1f:60:2e:0e:28:7e:95:ad:70:28:b2:c0:72:
f2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9E:64:76:95:B4:47:DA:4D:F6:CE:48:87:19:74:09:B0:AE:60:4C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PZ5kdpW0R9pN9s5Ihxl0CbCuYEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.249.0/24
185.222.29.0/24
Signature Algorithm: sha256WithRSAEncryption
66:d5:14:70:db:12:cf:b1:24:cc:3b:f2:11:77:22:40:dc:34:
d8:30:33:a2:af:eb:17:f7:54:c1:b6:f2:d9:ea:fd:8c:ef:b3:
a9:b1:0d:c5:1e:dd:f0:10:81:8c:bd:8f:06:34:8e:d0:46:1b:
f5:98:f9:d6:ca:78:2f:99:d4:23:b8:6d:fe:89:75:39:91:1a:
90:b4:05:44:2a:5e:29:c5:2c:77:4b:d9:a5:49:d4:78:72:ce:
28:bf:a0:9b:1b:a1:94:f9:82:e6:e7:f1:0f:8b:59:e6:00:5c:
a9:f6:d6:75:a2:b3:c4:2d:80:6b:b3:fd:00:74:92:24:22:40:
a8:66:e4:b6:f7:ed:db:9a:37:52:88:48:77:be:56:04:de:59:
41:03:f4:38:ce:da:d5:5c:c9:3d:1a:42:a3:eb:ab:ce:51:7c:
4a:93:36:f7:a7:7c:eb:a8:b9:16:cb:b9:01:06:d9:07:3f:77:
52:b9:95:25:44:5c:b7:04:98:f3:26:0e:ed:6f:ce:66:28:39:
2c:74:44:52:3e:ab:f5:8c:13:09:db:60:c8:56:30:93:89:49:
7b:48:0d:2d:b2:56:8d:03:21:94:f4:d4:14:4d:04:b6:40:e6:
a1:a3:b5:db:21:98:1b:c1:5f:0b:30:08:ce:0f:4c:32:17:7d:
2f:43:72:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlELbDW4DB00U2vPKHs07OpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzExMDg1OTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDllNjQ3Njk1YjQ0N2RhNGRmNmNlNDg4NzE5NzQwOWIwYWU2MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumAmZ/FVPiojh6bDQ7hRS4NuyPWE
ctlK3TodxU5ASGkjDXZKqEmK9aG+IRYF9jo1ANGaiGhZeaPr2OlfModf16bjgqUE
Wedz9XM2MXYd7piHe1SsUVav+xUsUV4+K7QLboBnt+fsyLY1EcIU/PkC/NWzymUa
yYjkUxS1o92kPDvxu4e44BhYNgtnXSt2mhKVnCvmCC9xUM1UZuK85ui9VfIwdutv
jDse9muBMe1fgga8WBJG2noNrxgKXW3KUkpFM1eFXBFGhguCZ9zy2nHOfIXGosME
lPCdFFKpH4/fBaAfZ+zAmjXvm3gyTa8cjIbbkB9gLg4ofpWtcCiywHLyQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2eZHaVtEfaTfbOSIcZdAmwrmBMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUFo1a2RwVzBSOXBOOXM1SWh4bDBDYkN1WUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudz5AwQA
ud4dMA0GCSqGSIb3DQEBCwUAA4IBAQBm1RRw2xLPsSTMO/IRdyJA3DTYMDOir+sX
91TBtvLZ6v2M77OpsQ3FHt3wEIGMvY8GNI7QRhv1mPnWyngvmdQjuG3+iXU5kRqQ
tAVEKl4pxSx3S9mlSdR4cs4ov6CbG6GU+YLm5/EPi1nmAFyp9tZ1orPELYBrs/0A
dJIkIkCoZuS29+3bmjdSiEh3vlYE3llBA/Q4ztrVXMk9GkKj66vOUXxKkzb3p3zr
qLkWy7kBBtkHP3dSuZUlRFy3BJjzJg7tb85mKDksdERSPqv1jBMJ22DIVjCTiUl7
SA0tslaNAyGU9NQUTQS2QOaho7XbIZgbwV8LMAjOD0wyF30vQ3Jz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org