Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/PVfsUrLBR4-dzPgZSX7M3fiOxMQ.roa
File: PVfsUrLBR4-dzPgZSX7M3fiOxMQ.roa (raw, json)
Hash identifier: sKwH1BdrWwIRVHCMDI8ig7N79HdgniH5CNLOuJSbgpI=
Subject key identifier: 3D:57:EC:52:B2:C1:47:8F:9D:CC:F8:19:49:7E:CC:DD:F8:8E:C4:C4
Certificate issuer: /CN=96e82ab648b8b3f8857569c39af9544adfc17c01
Certificate serial: 0185704295094815C3302B151D2FCFC0D3BE
Authority key identifier: 96:E8:2A:B6:48:B8:B3:F8:85:75:69:C3:9A:F9:54:4A:DF:C1:7C:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lugqtki4s_iFdWnDmvlUSt_BfAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/PVfsUrLBR4-dzPgZSX7M3fiOxMQ.roa
Signing time: Mon 02 Jan 2023 02:14:49 +0000
ROA not before: Mon 02 Jan 2023 02:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13065
IP address blocks: 89.28.224.0/21 maxlen: 21
185.9.56.0/22 maxlen: 22
212.109.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:95:09:48:15:c3:30:2b:15:1d:2f:cf:c0:d3:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96e82ab648b8b3f8857569c39af9544adfc17c01
Validity
Not Before: Jan 2 02:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d57ec52b2c1478f9dccf819497eccddf88ec4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ea:07:3c:c9:54:e3:17:b7:6d:79:f4:32:73:
dc:8b:bf:6f:6a:55:a0:27:06:a8:3d:65:ce:e7:fb:
5d:05:b1:ff:cb:e7:c7:f0:75:33:41:b4:ed:5e:66:
21:45:74:ac:b6:e4:ee:23:4e:e2:e3:39:fc:6f:dc:
ca:4a:1a:1c:5d:9a:3b:e3:dd:37:97:bc:fa:d2:68:
00:89:4f:a2:f5:c2:22:6d:32:1f:90:2d:20:99:7d:
ab:89:f5:0c:67:0c:be:d9:b9:bc:bb:2a:a4:68:3f:
2c:5b:92:a5:05:ba:b2:a9:f4:0e:09:d9:de:a1:07:
ac:26:80:f3:5a:a9:cb:93:16:98:d1:89:72:ba:d5:
25:9a:cf:24:4b:e1:4f:71:86:c4:7d:ce:4b:31:22:
b2:b8:54:01:ac:db:a0:5b:e6:80:e9:cd:6e:d3:cc:
26:d5:51:ff:01:6b:d4:ae:b8:f3:ae:13:d1:9d:8a:
a1:19:d5:d8:b7:63:b9:b4:f3:4d:60:f0:73:03:cd:
fb:18:2e:e9:1e:45:ef:a4:a6:1d:7e:f7:fa:87:68:
af:8b:6a:7a:5c:e2:b8:ec:15:d6:58:36:df:54:db:
db:9c:49:d2:0c:d5:7d:89:7e:82:12:e0:8a:54:59:
f2:4d:b4:b0:5f:5e:a9:80:43:8c:32:3d:e6:ce:a3:
55:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:57:EC:52:B2:C1:47:8F:9D:CC:F8:19:49:7E:CC:DD:F8:8E:C4:C4
X509v3 Authority Key Identifier:
keyid:96:E8:2A:B6:48:B8:B3:F8:85:75:69:C3:9A:F9:54:4A:DF:C1:7C:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lugqtki4s_iFdWnDmvlUSt_BfAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/PVfsUrLBR4-dzPgZSX7M3fiOxMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/lugqtki4s_iFdWnDmvlUSt_BfAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.224.0/21
185.9.56.0/22
212.109.144.0/20
Signature Algorithm: sha256WithRSAEncryption
46:51:f8:ac:32:26:83:73:a8:a3:c4:6f:a5:ac:fc:0f:37:14:
bb:7b:ef:11:41:86:e9:3b:45:43:fa:cc:fe:c8:6b:88:54:b5:
0b:1f:d4:a9:5a:80:48:43:c0:77:ca:92:08:f8:2e:39:b2:88:
62:5d:9d:af:24:47:1d:9c:74:06:80:72:af:4d:e5:09:ce:d7:
27:ce:15:13:b3:86:48:a5:b0:1d:a2:2d:19:5d:5f:b4:3c:45:
4d:0b:62:95:7c:09:24:bb:c4:26:f4:a6:fc:36:e2:3b:36:80:
88:93:52:21:b1:1f:a7:f0:ba:e0:8b:4d:b5:41:ea:cb:5c:f1:
66:33:5b:48:94:ca:d1:b4:4d:59:a8:e0:ee:5c:bd:70:27:83:
18:46:7d:5c:37:e9:4f:77:7b:a9:ed:52:35:60:25:eb:f1:4f:
92:df:78:92:b2:eb:62:e1:46:55:8c:59:94:77:62:9b:00:f1:
a2:e8:83:b3:fb:07:0a:dc:a5:5b:1d:59:36:5b:4d:06:fd:c3:
f6:72:bd:b1:ab:58:c1:99:db:d1:c1:c4:c7:cf:be:ce:b0:be:
4a:58:a4:cc:75:3b:49:8f:58:d2:3f:67:51:e5:c0:31:98:50:
65:09:50:c3:54:9c:12:71:46:8d:8a:52:33:b8:1f:ff:ae:69:
79:23:a2:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwQpUJSBXDMCsVHS/PwNO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZTgyYWI2NDhiOGIzZjg4NTc1NjljMzlhZjk1NDRhZGZj
MTdjMDEwHhcNMjMwMTAyMDIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDU3ZWM1MmIyYzE0NzhmOWRjY2Y4MTk0OTdlY2NkZGY4OGVjNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOoHPMlU4xe3bXn0MnPci79valWg
JwaoPWXO5/tdBbH/y+fH8HUzQbTtXmYhRXSstuTuI07i4zn8b9zKShocXZo74903
l7z60mgAiU+i9cIibTIfkC0gmX2rifUMZwy+2bm8uyqkaD8sW5KlBbqyqfQOCdne
oQesJoDzWqnLkxaY0YlyutUlms8kS+FPcYbEfc5LMSKyuFQBrNugW+aA6c1u08wm
1VH/AWvUrrjzrhPRnYqhGdXYt2O5tPNNYPBzA837GC7pHkXvpKYdfvf6h2ivi2p6
XOK47BXWWDbfVNvbnEnSDNV9iX6CEuCKVFnyTbSwX16pgEOMMj3mzqNVXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD1X7FKywUePncz4GUl+zN34jsTEMB8GA1UdIwQY
MBaAFJboKrZIuLP4hXVpw5r5VErfwXwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHVncXRraTRzX2lGZFduRG12bFVTdF9CZkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8yNDI2ZjEtOGYyYS00OWZmLTg2NDMt
MTkzYWQ1Yzc5YjgzLzEvUFZmc1VyTEJSNC1kelBnWlNYN00zZmlPeE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8yNDI2ZjEtOGYyYS00OWZmLTg2NDMtMTkzYWQ1Yzc5Yjgz
LzEvbHVncXRraTRzX2lGZFduRG12bFVTdF9CZkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWRzgAwQC
uQk4AwQE1G2QMA0GCSqGSIb3DQEBCwUAA4IBAQBGUfisMiaDc6ijxG+lrPwPNxS7
e+8RQYbpO0VD+sz+yGuIVLULH9SpWoBIQ8B3ypII+C45sohiXZ2vJEcdnHQGgHKv
TeUJztcnzhUTs4ZIpbAdoi0ZXV+0PEVNC2KVfAkku8Qm9Kb8NuI7NoCIk1IhsR+n
8Lrgi021QerLXPFmM1tIlMrRtE1ZqODuXL1wJ4MYRn1cN+lPd3up7VI1YCXr8U+S
33iSsuti4UZVjFmUd2KbAPGi6IOz+wcK3KVbHVk2W00G/cP2cr2xq1jBmdvRwcTH
z77OsL5KWKTMdTtJj1jSP2dR5cAxmFBlCVDDVJwScUaNilIzuB//rml5I6Ke
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:08 2024 by rpki-client on console-ams.rpki-client.org