Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/908a8a-58db-4509-a285-1ac2edda8e2a/1/PCDKG05wSef7HqrUM9xvV1hxx7c.roa
File: PCDKG05wSef7HqrUM9xvV1hxx7c.roa (raw, json)
Hash identifier: SquoIH9e5SimLmSmLEAZ5lFnOLgnw6briSHJsdtpavw=
Subject key identifier: 3C:20:CA:1B:4E:70:49:E7:FB:1E:AA:D4:33:DC:6F:57:58:71:C7:B7
Certificate issuer: /CN=0074ec3ec53f52f7f52835bb510ab6bedaa00a3d
Certificate serial: 0185701EE1F48CD559D087D9D9D0CC9E3EBC
Authority key identifier: 00:74:EC:3E:C5:3F:52:F7:F5:28:35:BB:51:0A:B6:BE:DA:A0:0A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHTsPsU_Uvf1KDW7UQq2vtqgCj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/908a8a-58db-4509-a285-1ac2edda8e2a/1/PCDKG05wSef7HqrUM9xvV1hxx7c.roa
Signing time: Mon 02 Jan 2023 01:35:50 +0000
ROA not before: Mon 02 Jan 2023 01:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 193.16.112.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e1:f4:8c:d5:59:d0:87:d9:d9:d0:cc:9e:3e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0074ec3ec53f52f7f52835bb510ab6bedaa00a3d
Validity
Not Before: Jan 2 01:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c20ca1b4e7049e7fb1eaad433dc6f575871c7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c9:1d:ad:a0:f3:cb:36:4c:1c:78:73:d7:65:
c3:65:a4:3b:8a:78:24:e1:6c:7f:0c:cb:69:02:ed:
2c:c3:6b:d2:a6:e1:c2:db:dd:73:9b:5e:56:f4:ca:
31:55:2c:1f:6b:ea:88:0d:da:f6:1f:b1:7b:e8:1d:
ae:59:63:c2:2c:57:62:f7:b7:55:a6:79:20:50:33:
d4:93:ed:6d:14:04:36:50:f5:93:94:f7:21:2a:db:
a1:be:9f:95:b7:30:d9:16:da:ec:af:65:c7:81:a3:
96:31:53:f4:72:76:0d:39:3f:81:1f:a5:16:c6:3a:
4b:57:a6:3d:18:8f:1f:70:f0:cd:d8:d3:44:58:8d:
33:58:fe:e2:ee:9f:03:dc:c2:60:7a:87:7f:81:a5:
35:8d:81:0e:bf:27:48:70:39:1e:9f:46:da:75:d0:
63:f9:78:54:9b:e5:2b:7d:db:09:89:3d:e3:fc:6a:
3d:b7:29:f8:95:2b:c6:c6:43:5f:01:6e:c0:4b:75:
7c:8c:11:04:32:e8:64:cd:bd:c3:45:74:76:e1:a6:
d8:5e:f4:f7:02:7d:d4:21:d8:c8:20:d0:65:b7:ad:
0d:fd:2b:3f:67:4a:5b:be:a8:b6:a2:d7:0e:e4:8c:
5a:9f:6d:71:12:e4:bd:ec:64:8b:6e:5c:6e:12:4f:
e5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:20:CA:1B:4E:70:49:E7:FB:1E:AA:D4:33:DC:6F:57:58:71:C7:B7
X509v3 Authority Key Identifier:
keyid:00:74:EC:3E:C5:3F:52:F7:F5:28:35:BB:51:0A:B6:BE:DA:A0:0A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHTsPsU_Uvf1KDW7UQq2vtqgCj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/908a8a-58db-4509-a285-1ac2edda8e2a/1/PCDKG05wSef7HqrUM9xvV1hxx7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/908a8a-58db-4509-a285-1ac2edda8e2a/1/AHTsPsU_Uvf1KDW7UQq2vtqgCj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.112.0/20
Signature Algorithm: sha256WithRSAEncryption
52:52:6b:b5:35:28:0c:b1:0e:f6:93:e4:bd:98:7d:60:83:d9:
5a:b9:92:fc:b3:86:03:fd:c9:76:41:81:be:80:5f:71:31:a0:
8e:88:73:59:ed:3d:98:cc:4a:af:67:18:8c:69:25:2b:2c:a8:
98:1a:96:4b:e3:34:c0:77:a7:9b:55:7f:f1:26:30:cd:83:ba:
48:90:7e:3a:cc:cc:6e:6e:21:1c:0b:a9:c6:12:d9:2a:2a:bc:
8c:d8:5f:db:53:aa:96:d6:3b:b4:1a:c8:8b:41:3d:f0:c0:1c:
24:c5:4e:21:2f:cf:09:f5:7f:57:15:50:40:a8:e1:34:9c:47:
c8:23:39:36:cc:0e:fa:2b:07:00:d7:3d:18:67:5f:26:d2:49:
1c:c1:86:8a:a5:58:34:80:3a:95:5e:39:cf:b0:3e:c6:13:24:
0a:00:03:08:2a:03:bc:87:0a:7c:2b:d3:5c:ce:3b:4e:f6:b4:
f0:d1:74:f4:1f:06:d2:f8:ff:2d:50:4e:ae:0f:98:a9:54:5c:
81:b9:0c:e5:1b:b2:4d:dd:b4:84:c2:0a:9d:75:0f:80:9e:f1:
00:76:39:c6:db:3c:69:51:db:86:fd:75:ec:30:b0:cb:26:ce:
dd:34:33:4b:fa:32:7e:48:e8:fd:ec:dd:62:6f:6f:9a:d6:07:
19:74:89:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHuH0jNVZ0IfZ2dDMnj68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzRlYzNlYzUzZjUyZjdmNTI4MzViYjUxMGFiNmJlZGFh
MDBhM2QwHhcNMjMwMTAyMDEzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIwY2ExYjRlNzA0OWU3ZmIxZWFhZDQzM2RjNmY1NzU4NzFjN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkskdraDzyzZMHHhz12XDZaQ7ingk
4Wx/DMtpAu0sw2vSpuHC291zm15W9MoxVSwfa+qIDdr2H7F76B2uWWPCLFdi97dV
pnkgUDPUk+1tFAQ2UPWTlPchKtuhvp+VtzDZFtrsr2XHgaOWMVP0cnYNOT+BH6UW
xjpLV6Y9GI8fcPDN2NNEWI0zWP7i7p8D3MJgeod/gaU1jYEOvydIcDken0baddBj
+XhUm+UrfdsJiT3j/Go9tyn4lSvGxkNfAW7AS3V8jBEEMuhkzb3DRXR24abYXvT3
An3UIdjIINBlt60N/Ss/Z0pbvqi2otcO5Ixan21xEuS97GSLblxuEk/lqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwgyhtOcEnn+x6q1DPcb1dYcce3MB8GA1UdIwQY
MBaAFAB07D7FP1L39Sg1u1EKtr7aoAo9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhUc1BzVV9VdmYxS0RXN1VRcTJ2dHFnQ2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85MDhhOGEtNThkYi00NTA5LWEyODUt
MWFjMmVkZGE4ZTJhLzEvUENES0cwNXdTZWY3SHFyVU05eHZWMWh4eDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85MDhhOGEtNThkYi00NTA5LWEyODUtMWFjMmVkZGE4ZTJh
LzEvQUhUc1BzVV9VdmYxS0RXN1VRcTJ2dHFnQ2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRBwMA0G
CSqGSIb3DQEBCwUAA4IBAQBSUmu1NSgMsQ72k+S9mH1gg9lauZL8s4YD/cl2QYG+
gF9xMaCOiHNZ7T2YzEqvZxiMaSUrLKiYGpZL4zTAd6ebVX/xJjDNg7pIkH46zMxu
biEcC6nGEtkqKryM2F/bU6qW1ju0GsiLQT3wwBwkxU4hL88J9X9XFVBAqOE0nEfI
Izk2zA76KwcA1z0YZ18m0kkcwYaKpVg0gDqVXjnPsD7GEyQKAAMIKgO8hwp8K9Nc
zjtO9rTw0XT0HwbS+P8tUE6uD5ipVFyBuQzlG7JN3bSEwgqddQ+AnvEAdjnG2zxp
UduG/XXsMLDLJs7dNDNL+jJ+SOj97N1ib2+a1gcZdIkp
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:51 2024 by rpki-client on console-fra.rpki-client.org