Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pFM-GsX05Tx9RkJSgAOyzwNNXkU.roa
File: pFM-GsX05Tx9RkJSgAOyzwNNXkU.roa (raw, json)
Hash identifier: bdasFzrg8+ra5ArkDK4t7vtpHIbvJ+binB/FXW3eOzU=
Subject key identifier: A4:53:3E:1A:C5:F4:E5:3C:7D:46:42:52:80:03:B2:CF:03:4D:5E:45
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D3615C0FDB482BEFEB43A59766531C1E5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pFM-GsX05Tx9RkJSgAOyzwNNXkU.roa
Signing time: Tue 23 Jan 2024 11:30:11 +0000
ROA not before: Tue 23 Jan 2024 11:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201575
IP address blocks: 185.199.54.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:51:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:15:c0:fd:b4:82:be:fe:b4:3a:59:76:65:31:c1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 23 11:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4533e1ac5f4e53c7d4642528003b2cf034d5e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:af:0c:3b:19:79:23:69:4c:2c:22:b6:3c:9d:
7c:55:b9:65:a3:f9:5d:8a:ec:52:d7:fc:1a:0d:4a:
3f:b3:f3:f1:60:e4:80:dc:a1:72:c9:ae:92:13:3d:
53:16:c2:1b:fc:26:3a:32:43:32:16:7a:75:30:26:
c5:0f:ee:65:82:92:3b:d7:7d:0e:cf:1e:c8:69:43:
94:1b:d6:6f:b8:92:46:88:3a:d0:ca:c3:28:be:ac:
65:e1:17:c4:1c:de:32:36:2a:1e:79:ec:37:90:8a:
11:2f:a6:87:b5:a7:5d:6f:64:43:2e:3b:f6:6d:de:
da:2e:3d:7e:b3:34:bc:2f:8c:5a:de:74:5b:65:d9:
8f:57:ad:e6:37:5e:dc:9a:08:33:f2:3b:a5:fe:3b:
1b:60:56:0c:8f:6a:31:d0:b5:5a:70:96:2f:bb:3a:
7b:6e:0d:62:af:89:d4:07:a5:a4:0d:f1:5d:f9:06:
2e:96:d5:80:27:62:3c:32:aa:e1:3a:63:0b:7f:23:
60:3b:2a:15:39:cb:38:34:37:34:6c:23:1e:c1:46:
e5:c7:95:14:2b:8d:d5:dc:3c:57:7d:84:37:14:6a:
c3:da:ce:45:ed:5e:a2:bb:48:2f:98:5a:e4:df:d9:
b7:d8:f5:93:ae:6d:72:1a:9c:5a:7e:63:36:f9:bb:
8d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:53:3E:1A:C5:F4:E5:3C:7D:46:42:52:80:03:B2:CF:03:4D:5E:45
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pFM-GsX05Tx9RkJSgAOyzwNNXkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.54.0/24
185.230.67.0/24
193.8.114.0/24
194.76.169.0/24
Signature Algorithm: sha256WithRSAEncryption
64:7a:18:be:52:c0:ab:a0:a0:71:fa:83:45:ea:2f:19:84:60:
2b:8b:f2:20:94:a7:6d:45:ed:45:05:62:2c:00:51:ea:7b:07:
86:6f:c0:58:45:75:f9:d6:dd:8d:1f:e4:37:08:a3:8b:da:ce:
65:2e:90:85:a2:ec:cf:97:24:6b:94:2d:27:14:c1:1b:0f:24:
0d:b2:95:6d:37:f3:46:2c:b9:a5:11:87:d8:58:8e:9f:34:eb:
10:96:7d:42:85:23:55:6a:a1:c7:d8:8d:0c:45:14:63:5f:ac:
55:0d:86:51:ba:09:ef:d6:26:d7:57:d2:57:2c:12:3b:62:64:
76:5f:74:00:4f:41:0d:e9:4a:55:ab:69:e7:00:23:93:00:d9:
2b:67:30:ec:e2:f8:1f:52:d9:d1:bb:2d:66:de:35:da:4b:e5:
07:b5:cf:0b:a8:c7:d8:cc:ec:1d:ad:c8:ea:6c:94:67:20:63:
6a:e5:3e:53:83:ab:be:44:af:98:8a:de:5c:dc:7b:db:8d:48:
d3:f1:74:c8:4f:e4:e9:f3:6f:99:06:ef:2a:32:2b:dc:d9:aa:
5e:43:c1:d4:19:d7:a1:59:57:64:eb:3f:e0:4a:bd:36:f0:57:
71:2f:02:34:02:90:25:9a:3d:85:43:fa:74:ea:03:7a:4a:39:
c6:f2:ef:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY02FcD9tIK+/rQ6WXZlMcHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTIzMTEzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDUzM2UxYWM1ZjRlNTNjN2Q0NjQyNTI4MDAzYjJjZjAzNGQ1ZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K8MOxl5I2lMLCK2PJ18Vbllo/ld
iuxS1/waDUo/s/PxYOSA3KFyya6SEz1TFsIb/CY6MkMyFnp1MCbFD+5lgpI7130O
zx7IaUOUG9ZvuJJGiDrQysMovqxl4RfEHN4yNioeeew3kIoRL6aHtaddb2RDLjv2
bd7aLj1+szS8L4xa3nRbZdmPV63mN17cmggz8jul/jsbYFYMj2ox0LVacJYvuzp7
bg1ir4nUB6WkDfFd+QYultWAJ2I8MqrhOmMLfyNgOyoVOcs4NDc0bCMewUblx5UU
K43V3DxXfYQ3FGrD2s5F7V6iu0gvmFrk39m32PWTrm1yGpxafmM2+buNuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKRTPhrF9OU8fUZCUoADss8DTV5FMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcEZNLUdzWDA1VHg5UmtKU2dBT3l6d05OWGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAucc2AwQA
ueZDAwQAwQhyAwQAwkypMA0GCSqGSIb3DQEBCwUAA4IBAQBkehi+UsCroKBx+oNF
6i8ZhGAri/IglKdtRe1FBWIsAFHqeweGb8BYRXX51t2NH+Q3CKOL2s5lLpCFouzP
lyRrlC0nFMEbDyQNspVtN/NGLLmlEYfYWI6fNOsQln1ChSNVaqHH2I0MRRRjX6xV
DYZRugnv1ibXV9JXLBI7YmR2X3QAT0EN6UpVq2nnACOTANkrZzDs4vgfUtnRuy1m
3jXaS+UHtc8LqMfYzOwdrcjqbJRnIGNq5T5Tg6u+RK+Yit5c3HvbjUjT8XTIT+Tp
82+ZBu8qMivc2apeQ8HUGdehWVdk6z/gSr028FdxLwI0ApAlmj2FQ/p06gN6SjnG
8u8B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org