Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PYtuRm5fNL-X6XaFJPqiXvEx2hc.roa
File: PYtuRm5fNL-X6XaFJPqiXvEx2hc.roa (raw, json)
Hash identifier: 8haAVB2RflhtQU+O+2NySHkQ3qP2Jp3qnOfwoKf6j7Y=
Subject key identifier: 3D:8B:6E:46:6E:5F:34:BF:97:E9:76:85:24:FA:A2:5E:F1:31:DA:17
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C541E9B40F4D7AD79D86D2E1E37F83E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PYtuRm5fNL-X6XaFJPqiXvEx2hc.roa
Signing time: Sun 01 Jan 2023 07:55:30 +0000
ROA not before: Sun 01 Jan 2023 07:55:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396006
IP address blocks: 85.208.154.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:1e:9b:40:f4:d7:ad:79:d8:6d:2e:1e:37:f8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d8b6e466e5f34bf97e9768524faa25ef131da17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:15:f0:24:aa:fe:37:df:08:46:5d:aa:32:1f:
8e:21:a4:85:a2:2c:da:5e:89:9c:93:8b:fb:43:12:
0a:41:c9:2b:e6:8e:29:83:85:d3:16:09:f5:76:1f:
72:c0:7e:3b:de:0f:72:b2:65:93:7a:18:fe:e0:a8:
06:69:e6:46:49:94:1e:aa:09:47:09:69:35:22:7f:
31:8c:c1:12:39:8e:2e:03:36:9c:e8:dd:f7:0e:a2:
09:f6:0f:f8:d3:b5:15:95:04:fc:9f:91:77:5b:ce:
23:6e:fe:be:37:92:56:58:ae:82:3b:98:e8:bc:a5:
9f:8f:ab:f7:78:54:57:eb:bb:b5:71:53:cb:34:43:
f6:56:d3:05:6f:b5:55:7f:60:5b:7e:3e:42:02:4e:
0d:52:73:f8:91:e1:c3:36:22:a7:27:d5:03:24:8e:
7c:f0:a6:b6:0a:eb:19:96:91:55:d8:97:5d:c3:8c:
3b:d0:61:fd:10:a0:7e:60:07:5c:17:93:0b:3e:59:
bf:eb:2c:db:3c:dc:79:48:24:63:1f:f2:f4:9c:f0:
b4:75:13:94:81:e9:0c:ad:ed:50:65:21:b5:db:c1:
06:78:c2:d2:72:33:74:f2:ca:3f:1c:ad:dd:4e:49:
32:32:0e:4a:b0:59:44:73:e8:b7:c0:d6:b2:c6:84:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:6E:46:6E:5F:34:BF:97:E9:76:85:24:FA:A2:5E:F1:31:DA:17
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PYtuRm5fNL-X6XaFJPqiXvEx2hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.154.0/24
Signature Algorithm: sha256WithRSAEncryption
58:60:eb:19:ad:6e:1f:b7:82:8e:84:78:dd:cd:96:0b:76:b6:
70:ee:28:a4:7b:1f:34:06:c0:5e:ec:b6:37:27:bb:c5:ff:6f:
e2:d3:f0:7d:d4:95:5d:9e:5d:0f:62:b3:6c:22:4a:c4:13:f2:
92:b2:bd:5f:89:9c:b3:5f:4f:de:82:c1:60:da:78:6d:38:a4:
4f:eb:8e:37:0e:cf:a0:63:04:29:12:e7:52:41:94:b5:4f:1c:
13:fc:6a:a8:93:ff:0d:df:cb:32:c7:1f:0d:3a:c3:98:36:d2:
3e:25:0c:19:4f:18:de:e9:ad:d2:8a:6b:33:c6:3f:84:34:31:
35:07:01:84:dd:ba:dc:61:91:a2:9b:08:bd:4a:44:0e:72:7c:
cc:94:42:ea:87:e5:e9:51:ac:e1:92:61:c7:c6:9f:7b:51:c9:
01:97:26:b7:75:e6:bc:5e:53:32:06:b9:9a:09:99:2c:17:95:
b7:8f:3c:7f:02:38:f1:3d:84:84:4a:bf:68:71:ea:ee:c5:80:
4d:31:f9:71:b3:17:91:d9:92:0d:de:64:d2:9d:ff:88:05:bd:
61:bf:fb:49:88:d6:44:51:ca:5c:77:f6:43:c0:94:e9:f2:84:
b7:d3:d3:3b:08:1f:b9:93:0a:2d:e1:30:dc:9e:7f:b6:74:7f:
73:88:b2:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVB6bQPTXrXnYbS4eN/g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhiNmU0NjZlNWYzNGJmOTdlOTc2ODUyNGZhYTI1ZWYxMzFkYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBXwJKr+N98IRl2qMh+OIaSFoiza
Xomck4v7QxIKQckr5o4pg4XTFgn1dh9ywH473g9ysmWTehj+4KgGaeZGSZQeqglH
CWk1In8xjMESOY4uAzac6N33DqIJ9g/407UVlQT8n5F3W84jbv6+N5JWWK6CO5jo
vKWfj6v3eFRX67u1cVPLNEP2VtMFb7VVf2Bbfj5CAk4NUnP4keHDNiKnJ9UDJI58
8Ka2CusZlpFV2Jddw4w70GH9EKB+YAdcF5MLPlm/6yzbPNx5SCRjH/L0nPC0dROU
gekMre1QZSG128EGeMLScjN08so/HK3dTkkyMg5KsFlEc+i3wNayxoSWBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2LbkZuXzS/l+l2hST6ol7xMdoXMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvUFl0dVJtNWZOTC1YNlhhRkpQcWlYdkV4MmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdCaMA0G
CSqGSIb3DQEBCwUAA4IBAQBYYOsZrW4ft4KOhHjdzZYLdrZw7iikex80BsBe7LY3
J7vF/2/i0/B91JVdnl0PYrNsIkrEE/KSsr1fiZyzX0/egsFg2nhtOKRP6443Ds+g
YwQpEudSQZS1TxwT/Gqok/8N38syxx8NOsOYNtI+JQwZTxje6a3Simszxj+ENDE1
BwGE3brcYZGimwi9SkQOcnzMlELqh+XpUazhkmHHxp97UckBlya3dea8XlMyBrma
CZksF5W3jzx/AjjxPYSESr9oceruxYBNMflxsxeR2ZIN3mTSnf+IBb1hv/tJiNZE
Ucpcd/ZDwJTp8oS309M7CB+5kwot4TDcnn+2dH9ziLL3
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org