Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/PGpvGjDqIhTDEWfpNaEZdgbmJAE.roa
File: PGpvGjDqIhTDEWfpNaEZdgbmJAE.roa (raw, json)
Hash identifier: lyvr5DaofDXam7OaZDnTB5K0PoOo6Dwjq43pWW5iKhI=
Subject key identifier: 3C:6A:6F:1A:30:EA:22:14:C3:11:67:E9:35:A1:19:76:06:E6:24:01
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0189F3909DD4AB4B76D4B645ECB69E426755
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/PGpvGjDqIhTDEWfpNaEZdgbmJAE.roa
Signing time: Mon 14 Aug 2023 10:21:28 +0000
ROA not before: Mon 14 Aug 2023 10:21:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197071
IP address blocks: 2.58.54.0/24 maxlen: 24
2a00:f826:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:90:9d:d4:ab:4b:76:d4:b6:45:ec:b6:9e:42:67:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Aug 14 10:21:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c6a6f1a30ea2214c31167e935a1197606e62401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:83:85:37:7f:a2:a9:09:e8:78:9c:97:77:45:
5a:5d:6b:21:b2:c9:11:97:f6:e2:76:f5:e4:62:0d:
02:f9:54:17:81:2e:cf:c6:f1:a8:4b:76:cb:85:0f:
2f:be:1d:f8:33:bf:9e:a5:87:2b:35:2e:5d:5f:b5:
29:c6:d9:9e:03:b3:54:3a:8b:97:31:e0:76:09:32:
10:87:0d:01:f8:ee:98:82:7e:95:6a:60:f2:9c:51:
5c:b2:12:08:da:4f:a4:99:a9:5b:cb:f3:23:ce:bd:
a7:d6:cd:f0:0d:cd:6e:a8:0f:2d:5b:4d:6d:6b:b5:
c0:3c:a5:98:85:2a:71:1f:c9:8f:f6:11:06:99:c8:
a5:8a:e1:7a:8a:11:cb:9c:3a:a9:9a:5f:d8:12:a0:
0e:64:02:ec:9e:ee:9f:3c:a4:4d:92:6d:1b:f9:40:
ab:cf:d7:43:e9:e6:d5:c5:af:ec:a5:f6:91:a7:d4:
23:01:16:a2:de:b7:71:cd:70:37:ad:34:5d:95:5c:
b9:ba:17:33:3e:0d:51:22:0b:19:1b:b8:56:f8:ac:
63:1d:65:ee:51:be:d7:82:9e:43:b9:62:3b:1e:22:
95:79:6a:79:a2:ae:4c:a9:00:06:12:f9:8d:4c:6d:
45:20:ba:5d:17:4e:54:d2:b6:27:17:77:d1:a1:c4:
88:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6A:6F:1A:30:EA:22:14:C3:11:67:E9:35:A1:19:76:06:E6:24:01
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/PGpvGjDqIhTDEWfpNaEZdgbmJAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.54.0/24
IPv6:
2a00:f826:4::/48
Signature Algorithm: sha256WithRSAEncryption
41:04:d5:d6:f0:33:e1:e0:e5:0b:c0:0c:fb:af:44:51:80:90:
56:10:3b:f6:33:fa:e4:d5:69:6b:dd:a9:11:2f:63:03:34:4c:
d2:ac:43:f8:15:9b:cb:86:b2:51:93:f3:31:b8:79:9b:9d:6b:
3e:04:8d:16:fa:5c:88:58:b6:ac:1f:80:f6:55:71:74:a1:7a:
76:75:6c:2f:98:16:ee:21:25:54:db:a0:9b:c2:13:70:89:b6:
0a:b6:91:7d:ef:98:60:90:e2:bc:44:be:0e:f6:92:c1:e5:32:
e8:ca:d0:19:ec:01:79:13:ab:9d:f0:e5:17:5c:7e:54:0a:b7:
5c:4d:d2:e7:7b:27:e7:a1:44:6a:4a:a7:82:d4:bd:db:b3:d7:
b7:9c:09:ce:eb:67:fc:d8:60:8a:2e:fb:1a:17:a8:00:2c:69:
f7:d8:29:7f:31:7b:cb:be:fc:d6:bc:d7:02:cd:f4:27:6e:85:
01:e8:19:35:b8:a7:be:23:87:77:9f:76:ea:c0:d3:2d:f1:0f:
cb:ca:e5:2a:2d:bb:bd:32:38:79:c4:fe:5a:d3:ab:1a:36:c6:
06:56:ab:00:50:25:7b:79:b0:73:d1:36:d0:c2:6f:93:b1:18:
93:9a:7a:6e:14:62:ca:66:e4:59:bb:82:57:5c:72:e9:a8:34:
68:5c:dd:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnzkJ3Uq0t21LZF7LaeQmdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwODE0MTAyMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzZhNmYxYTMwZWEyMjE0YzMxMTY3ZTkzNWExMTk3NjA2ZTYyNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoOFN3+iqQnoeJyXd0VaXWshsskR
l/bidvXkYg0C+VQXgS7PxvGoS3bLhQ8vvh34M7+epYcrNS5dX7UpxtmeA7NUOouX
MeB2CTIQhw0B+O6Ygn6VamDynFFcshII2k+kmalby/Mjzr2n1s3wDc1uqA8tW01t
a7XAPKWYhSpxH8mP9hEGmciliuF6ihHLnDqpml/YEqAOZALsnu6fPKRNkm0b+UCr
z9dD6ebVxa/spfaRp9QjARai3rdxzXA3rTRdlVy5uhczPg1RIgsZG7hW+KxjHWXu
Ub7Xgp5DuWI7HiKVeWp5oq5MqQAGEvmNTG1FILpdF05U0rYnF3fRocSIJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDxqbxow6iIUwxFn6TWhGXYG5iQBMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvUEdwdkdqRHFJaFRERVdmcE5hRVpkZ2JtSkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAAjo2MA8E
AgACMAkDBwAqAPgmAAQwDQYJKoZIhvcNAQELBQADggEBAEEE1dbwM+Hg5QvADPuv
RFGAkFYQO/Yz+uTVaWvdqREvYwM0TNKsQ/gVm8uGslGT8zG4eZudaz4EjRb6XIhY
tqwfgPZVcXShenZ1bC+YFu4hJVTboJvCE3CJtgq2kX3vmGCQ4rxEvg72ksHlMujK
0BnsAXkTq53w5RdcflQKt1xN0ud7J+ehRGpKp4LUvduz17ecCc7rZ/zYYIou+xoX
qAAsaffYKX8xe8u+/Na81wLN9CduhQHoGTW4p74jh3efdurA0y3xD8vK5Sotu70y
OHnE/lrTqxo2xgZWqwBQJXt5sHPRNtDCb5OxGJOaem4UYspm5Fm7gldccumoNGhc
3ag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org