Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PKylXRLto2PPb7GTwuv1aYGPh_Q.roa
File: PKylXRLto2PPb7GTwuv1aYGPh_Q.roa (raw, json)
Hash identifier: ubSjoBl49khtx+Cfxl7lVGKKXiiYwHF7VaeDiS8klGo=
Subject key identifier: 3C:AC:A5:5D:12:ED:A3:63:CF:6F:B1:93:C2:EB:F5:69:81:8F:87:F4
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018AAAC3C08D8917F38EEC77844474A023FF
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PKylXRLto2PPb7GTwuv1aYGPh_Q.roa
Signing time: Tue 19 Sep 2023 00:07:50 +0000
ROA not before: Tue 19 Sep 2023 00:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 86.104.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:aa:c3:c0:8d:89:17:f3:8e:ec:77:84:44:74:a0:23:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Sep 19 00:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3caca55d12eda363cf6fb193c2ebf569818f87f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d9:4a:cd:de:c9:0f:ce:c4:99:23:08:2d:dc:
f1:c5:35:33:03:c1:32:38:da:3a:d9:9a:35:0b:a4:
4a:91:05:3e:b4:be:f0:c3:98:8d:4b:6f:d8:51:14:
ef:eb:41:45:ad:b0:5e:14:00:e3:1d:6f:2d:9e:14:
7d:78:ee:4a:8e:b2:b9:f0:26:2a:6f:19:de:af:52:
07:45:41:5d:55:ce:8a:b8:52:dc:91:d6:7b:57:5c:
80:20:73:cc:36:9b:78:f5:c1:f5:44:d9:ae:aa:c4:
c7:22:1f:9b:8a:be:3a:cc:69:44:61:50:7e:bc:95:
86:01:c3:d4:65:95:b7:6c:33:0c:ea:fd:7e:19:98:
91:a2:cb:b6:70:04:e5:9b:93:6f:31:90:5e:9f:e7:
cc:77:83:a0:49:8e:63:ed:1a:7d:21:2d:08:64:03:
61:0f:e5:60:00:b6:af:57:e2:55:74:9a:4b:85:51:
a3:7c:b2:d1:fa:0e:81:91:fc:54:25:2a:7e:8d:7a:
fb:10:5c:53:13:92:1e:6b:15:69:28:b4:6b:90:fe:
a3:9a:4a:4e:29:33:d5:c0:92:db:b5:19:68:90:7e:
3b:10:d2:15:5a:73:39:11:2a:94:44:26:d2:87:e4:
f5:18:55:61:3a:18:6a:94:ec:25:87:09:12:0c:75:
94:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AC:A5:5D:12:ED:A3:63:CF:6F:B1:93:C2:EB:F5:69:81:8F:87:F4
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PKylXRLto2PPb7GTwuv1aYGPh_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.8.0/24
Signature Algorithm: sha256WithRSAEncryption
38:43:f0:ea:5a:88:1b:7f:b3:33:f7:e9:ec:fb:5a:5b:ce:53:
46:ab:83:03:60:64:78:1d:a2:4c:19:f8:ae:30:b6:b2:bc:5e:
06:bf:23:b5:96:09:3b:7b:af:a3:83:ca:58:e9:fd:5d:f2:14:
98:cc:d4:c1:7b:9c:5b:98:f1:c8:ce:55:af:b6:9a:5b:9a:d2:
45:0e:f1:0e:fd:14:75:72:09:11:b1:28:19:1b:62:1b:11:3d:
40:22:02:90:69:60:68:d6:25:e1:a7:a1:b5:e2:af:72:f8:cc:
6c:e0:fa:c9:af:90:97:07:f8:f7:4a:d7:ef:43:9f:0d:a8:96:
ad:e3:3b:ea:dc:1c:e2:d8:9d:00:d0:73:b3:29:94:c4:a7:d4:
1b:a4:29:98:69:76:e1:14:3c:b1:d7:4a:af:80:e9:24:71:29:
2e:45:77:5f:38:58:22:d1:44:76:a4:71:86:36:a3:a6:f4:82:
fe:23:d1:c1:33:ee:fb:d1:8b:a3:85:f7:f1:3d:4d:af:9e:36:
99:27:69:b5:e4:86:5e:da:7c:23:28:b9:e8:86:b7:61:ca:2b:
8a:7d:77:c1:13:1e:3e:19:fe:b8:f8:67:43:cd:9d:a8:2a:dd:
53:b8:1c:17:d9:b2:06:ca:cf:8b:17:2b:1d:93:ad:d9:c5:21:
e7:ec:b4:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqqw8CNiRfzjux3hER0oCP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwOTE5MDAwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FjYTU1ZDEyZWRhMzYzY2Y2ZmIxOTNjMmViZjU2OTgxOGY4N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdlKzd7JD87EmSMILdzxxTUzA8Ey
ONo62Zo1C6RKkQU+tL7ww5iNS2/YURTv60FFrbBeFADjHW8tnhR9eO5KjrK58CYq
bxner1IHRUFdVc6KuFLckdZ7V1yAIHPMNpt49cH1RNmuqsTHIh+bir46zGlEYVB+
vJWGAcPUZZW3bDMM6v1+GZiRosu2cATlm5NvMZBen+fMd4OgSY5j7Rp9IS0IZANh
D+VgALavV+JVdJpLhVGjfLLR+g6BkfxUJSp+jXr7EFxTE5IeaxVpKLRrkP6jmkpO
KTPVwJLbtRlokH47ENIVWnM5ESqURCbSh+T1GFVhOhhqlOwlhwkSDHWUUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyspV0S7aNjz2+xk8Lr9WmBj4f0MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvUEt5bFhSTHRvMlBQYjdHVHd1djFhWUdQaF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmgIMA0G
CSqGSIb3DQEBCwUAA4IBAQA4Q/DqWogbf7Mz9+ns+1pbzlNGq4MDYGR4HaJMGfiu
MLayvF4GvyO1lgk7e6+jg8pY6f1d8hSYzNTBe5xbmPHIzlWvtppbmtJFDvEO/RR1
cgkRsSgZG2IbET1AIgKQaWBo1iXhp6G14q9y+Mxs4PrJr5CXB/j3StfvQ58NqJat
4zvq3Bzi2J0A0HOzKZTEp9QbpCmYaXbhFDyx10qvgOkkcSkuRXdfOFgi0UR2pHGG
NqOm9IL+I9HBM+770YujhffxPU2vnjaZJ2m15IZe2nwjKLnohrdhyiuKfXfBEx4+
Gf64+GdDzZ2oKt1TuBwX2bIGys+LFysdk63ZxSHn7LSl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:05 2024 by rpki-client on console-ams.rpki-client.org