Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/PagJs1gJ6I9nsUBeydbx4RgjSLA.roa
File: PagJs1gJ6I9nsUBeydbx4RgjSLA.roa (raw, json)
Hash identifier: SxW/Zi1ZsP+EXL5FdVnZ964/l7JLq0jvQJPTI+yFAxg=
Subject key identifier: 3D:A8:09:B3:58:09:E8:8F:67:B1:40:5E:C9:D6:F1:E1:18:23:48:B0
Certificate issuer: /CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Certificate serial: 01856FCB94BB72C386DBDDAD4550BE7F90A0
Authority key identifier: B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/PagJs1gJ6I9nsUBeydbx4RgjSLA.roa
Signing time: Mon 02 Jan 2023 00:04:50 +0000
ROA not before: Mon 02 Jan 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62373
IP address blocks: 185.240.60.0/22 maxlen: 22
185.229.140.0/22 maxlen: 22
185.38.4.0/22 maxlen: 22
2a04:7501::/32 maxlen: 32
2a0c:7380::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:94:bb:72:c3:86:db:dd:ad:45:50:be:7f:90:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Validity
Not Before: Jan 2 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da809b35809e88f67b1405ec9d6f1e1182348b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4d:83:81:d8:49:79:85:ba:50:d6:ce:0b:94:
c8:64:40:b9:7f:59:b3:ea:55:6b:b1:b3:5d:2c:fa:
0c:cd:75:0f:32:dc:31:e0:be:1f:45:07:e3:81:f2:
e3:c2:a9:56:fc:3a:54:b9:9e:31:7b:87:41:3f:75:
79:0d:df:04:78:de:af:ec:dc:c3:d9:98:c4:fe:3e:
d1:7a:0c:9f:27:9f:dc:0d:a9:3f:24:be:48:b9:53:
99:ae:d4:21:06:02:b9:90:8d:ae:38:29:c7:1b:b8:
45:f5:eb:d6:3c:11:76:49:f9:bb:5e:73:29:b1:26:
56:a4:22:d7:03:bb:e9:8c:4a:44:ec:4d:4d:2f:36:
fc:e7:fa:db:10:9d:fb:0d:da:3c:91:de:db:e0:ea:
25:7b:64:8c:6c:9b:d8:bb:3a:38:4d:25:d6:d7:c3:
06:96:27:c1:1c:97:4f:32:1a:8d:e7:6f:41:f6:39:
04:43:49:da:66:89:2e:28:6d:49:cd:d4:3c:71:62:
5a:29:90:fa:b7:06:bd:7d:ab:35:31:21:1a:89:00:
5b:24:77:17:02:1b:8c:d2:7e:e9:4e:8b:04:8f:8a:
c5:f7:89:40:fa:a7:2e:40:42:e9:78:21:5d:e8:72:
9e:d4:bc:31:47:e1:a4:94:26:bb:94:78:0d:10:80:
4f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A8:09:B3:58:09:E8:8F:67:B1:40:5E:C9:D6:F1:E1:18:23:48:B0
X509v3 Authority Key Identifier:
keyid:B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/PagJs1gJ6I9nsUBeydbx4RgjSLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.4.0/22
185.229.140.0/22
185.240.60.0/22
IPv6:
2a04:7501::/32
2a0c:7380::/29
Signature Algorithm: sha256WithRSAEncryption
62:c1:03:03:00:0a:d6:81:9e:a6:aa:ab:0f:fd:c9:a6:31:3c:
93:e1:5b:5b:bd:26:89:a0:9a:24:2d:5c:b0:3b:79:b2:20:37:
c6:1e:66:d0:30:07:37:a1:2d:35:69:bc:47:2d:97:05:07:82:
84:8f:7b:c6:a1:42:0a:9a:13:31:e0:ec:ff:c8:78:d4:1a:52:
8f:9b:1c:a3:52:75:26:0e:83:2b:07:d4:27:ac:aa:c4:26:b7:
e8:c9:de:a6:4d:fb:b2:2d:b5:2a:1e:81:24:8b:9e:f2:2d:25:
04:2e:3f:50:96:74:84:dc:37:41:31:2b:41:43:21:9f:19:4d:
c8:be:94:6c:52:ef:4d:ed:e1:36:70:80:5c:b3:25:e1:15:70:
7b:61:e9:40:20:5d:73:7d:8e:3c:95:46:b5:45:7c:47:f6:ca:
0e:ea:c1:7a:9d:80:b6:4e:b3:d3:d4:ac:65:4b:fc:eb:88:85:
b6:b6:14:d6:7e:45:95:52:b8:90:e1:57:e8:0e:ee:15:6d:27:
ac:41:c6:4a:20:5c:10:62:fa:40:fc:1b:c0:0d:03:6f:20:ce:
b7:77:e9:9c:0c:f0:ee:6c:c9:98:c0:77:c5:b4:58:f8:6f:66:
8a:64:98:d0:f5:0e:66:86:8e:d9:0f:ce:6b:29:bb:12:3c:9a:
3b:79:39:aa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVvy5S7csOG292tRVC+f5CgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2E3MWNhNjBkNzRlNDVkMmI5NzQ4YWIxMDY2NTI5ZmQw
MTMzN2UwHhcNMjMwMTAyMDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE4MDliMzU4MDllODhmNjdiMTQwNWVjOWQ2ZjFlMTE4MjM0OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE2DgdhJeYW6UNbOC5TIZEC5f1mz
6lVrsbNdLPoMzXUPMtwx4L4fRQfjgfLjwqlW/DpUuZ4xe4dBP3V5Dd8EeN6v7NzD
2ZjE/j7RegyfJ5/cDak/JL5IuVOZrtQhBgK5kI2uOCnHG7hF9evWPBF2Sfm7XnMp
sSZWpCLXA7vpjEpE7E1NLzb85/rbEJ37Ddo8kd7b4Oole2SMbJvYuzo4TSXW18MG
lifBHJdPMhqN529B9jkEQ0naZokuKG1JzdQ8cWJaKZD6twa9fas1MSEaiQBbJHcX
AhuM0n7pTosEj4rF94lA+qcuQELpeCFd6HKe1LwxR+GklCa7lHgNEIBPKwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFD2oCbNYCeiPZ7FAXsnW8eEYI0iwMB8GA1UdIwQY
MBaAFLQ6ccpg105F0rl0irEGZSn9ATN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEt
Nzk4YWM0OTI4ZWQ2LzEvUGFnSnMxZ0o2STluc1VCZXlkYng0UmdqU0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEtNzk4YWM0OTI4ZWQ2
LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuSYEAwQC
ueWMAwQCufA8MBQEAgACMA4DBQAqBHUBAwUDKgxzgDANBgkqhkiG9w0BAQsFAAOC
AQEAYsEDAwAK1oGepqqrD/3JpjE8k+FbW70miaCaJC1csDt5siA3xh5m0DAHN6Et
NWm8Ry2XBQeChI97xqFCCpoTMeDs/8h41BpSj5sco1J1Jg6DKwfUJ6yqxCa36Mne
pk37si21Kh6BJIue8i0lBC4/UJZ0hNw3QTErQUMhnxlNyL6UbFLvTe3hNnCAXLMl
4RVwe2HpQCBdc32OPJVGtUV8R/bKDurBep2Atk6z09SsZUv864iFtrYU1n5FlVK4
kOFX6A7uFW0nrEHGSiBcEGL6QPwbwA0DbyDOt3fpnAzw7mzJmMB3xbRY+G9mimSY
0PUOZoaO2Q/Oaym7EjyaO3k5qg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:55 2024 by rpki-client on console-fra.rpki-client.org