Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/cc4eb3-768a-4f91-882c-0db10850c794/1/PhzHYXPCY9XkEfHpyWTaLNnyEZA.roa
File: PhzHYXPCY9XkEfHpyWTaLNnyEZA.roa (raw, json)
Hash identifier: HGQD7ltW0PE8S3LeYMftKIBuggmYppRP1JgI+zoRbQA=
Subject key identifier: 3E:1C:C7:61:73:C2:63:D5:E4:11:F1:E9:C9:64:DA:2C:D9:F2:11:90
Certificate issuer: /CN=3deaededa105d7e9129a9b0ce56b9bfcb9c67394
Certificate serial: 0185718C443D5F9554F8B30D2BC18EF7B264
Authority key identifier: 3D:EA:ED:ED:A1:05:D7:E9:12:9A:9B:0C:E5:6B:9B:FC:B9:C6:73:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pert7aEF1-kSmpsM5Wub_LnGc5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/cc4eb3-768a-4f91-882c-0db10850c794/1/PhzHYXPCY9XkEfHpyWTaLNnyEZA.roa
Signing time: Mon 02 Jan 2023 08:14:55 +0000
ROA not before: Mon 02 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39190
IP address blocks: 194.147.125.0/24 maxlen: 24
194.147.124.0/24 maxlen: 24
194.147.127.0/24 maxlen: 24
194.147.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:44:3d:5f:95:54:f8:b3:0d:2b:c1:8e:f7:b2:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deaededa105d7e9129a9b0ce56b9bfcb9c67394
Validity
Not Before: Jan 2 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e1cc76173c263d5e411f1e9c964da2cd9f21190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f5:c6:e4:d0:ff:92:23:26:28:09:41:28:b1:
8a:29:a9:4c:fa:b5:52:4d:90:2b:b7:cf:4c:5c:f2:
02:c4:94:07:52:8d:02:44:45:da:b4:c3:c7:1d:47:
80:a1:4d:5d:dd:48:98:4d:e8:42:44:f3:16:24:7c:
43:ec:fd:a5:23:03:cb:0c:f6:f8:85:df:7b:84:3c:
e1:f2:29:83:79:45:99:6b:66:59:df:4f:ed:85:4c:
55:c5:19:7c:55:08:03:7c:38:e1:5b:e8:06:83:b2:
1f:36:0d:06:16:7c:08:16:0d:b6:be:f9:ea:dd:cd:
0a:8a:61:09:6b:5a:78:ec:40:09:5d:17:75:6b:09:
16:e6:e0:78:9a:4f:e6:22:45:b6:42:ba:d2:15:f5:
b4:b7:e4:4c:b0:1e:a1:88:1a:39:e1:f2:24:fa:00:
91:b6:4d:58:23:2f:b9:ce:aa:f9:72:91:29:e5:29:
65:a4:0b:74:84:7e:a3:81:98:86:04:58:a5:b6:cb:
62:cd:73:d1:c4:31:69:48:d1:cb:56:96:5d:7d:3f:
ef:56:32:e3:48:51:7e:0b:28:af:0b:7a:57:51:eb:
04:d9:1c:55:c3:41:9b:22:ff:0f:8f:ee:bc:b9:64:
68:54:4f:51:26:a2:07:c9:28:fd:4a:4f:7f:40:9e:
82:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:1C:C7:61:73:C2:63:D5:E4:11:F1:E9:C9:64:DA:2C:D9:F2:11:90
X509v3 Authority Key Identifier:
keyid:3D:EA:ED:ED:A1:05:D7:E9:12:9A:9B:0C:E5:6B:9B:FC:B9:C6:73:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pert7aEF1-kSmpsM5Wub_LnGc5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/cc4eb3-768a-4f91-882c-0db10850c794/1/PhzHYXPCY9XkEfHpyWTaLNnyEZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/cc4eb3-768a-4f91-882c-0db10850c794/1/Pert7aEF1-kSmpsM5Wub_LnGc5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:e5:00:6c:0b:db:15:95:ad:ec:94:f1:2d:6b:d3:e2:bb:43:
80:38:97:12:f7:fc:1c:26:e6:e4:3d:9d:da:c7:8f:89:43:27:
26:72:01:4e:80:e6:55:6c:c2:38:94:62:e6:5c:72:b0:cc:d5:
d2:57:63:a6:de:5c:3f:87:69:10:df:39:0a:56:0a:9e:93:ad:
0c:36:47:41:87:30:15:b1:e6:ad:8c:1d:df:82:6b:66:c8:2e:
42:da:96:a6:4f:8d:b8:88:70:61:79:c6:09:9c:e1:dd:88:39:
96:ea:97:08:37:cf:8c:9c:f0:c2:0f:33:99:94:7c:5c:6f:3c:
9c:ed:ca:5f:94:fd:8d:3e:65:ae:73:57:00:c2:8b:f7:20:04:
9b:4a:ec:13:49:65:7e:c1:61:87:ce:f6:54:37:62:a9:38:4f:
ff:70:7b:5e:ae:61:64:9b:de:4a:13:ab:9d:13:9d:16:f4:58:
81:dd:42:a3:c8:7e:4f:98:13:08:fd:9d:be:aa:a3:de:37:51:
af:a1:6e:ab:69:a3:e9:6b:26:a1:95:14:55:ba:ce:4a:35:c8:
16:7d:1c:32:d9:0a:86:2e:b4:19:7c:f1:e3:de:82:1d:86:3d:
83:4e:64:00:84:ce:be:7d:53:eb:b0:f8:f5:26:87:d6:f7:1e:
39:3e:9c:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjEQ9X5VU+LMNK8GO97JkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWFlZGVkYTEwNWQ3ZTkxMjlhOWIwY2U1NmI5YmZjYjlj
NjczOTQwHhcNMjMwMTAyMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTFjYzc2MTczYzI2M2Q1ZTQxMWYxZTljOTY0ZGEyY2Q5ZjIxMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/XG5ND/kiMmKAlBKLGKKalM+rVS
TZArt89MXPICxJQHUo0CREXatMPHHUeAoU1d3UiYTehCRPMWJHxD7P2lIwPLDPb4
hd97hDzh8imDeUWZa2ZZ30/thUxVxRl8VQgDfDjhW+gGg7IfNg0GFnwIFg22vvnq
3c0KimEJa1p47EAJXRd1awkW5uB4mk/mIkW2QrrSFfW0t+RMsB6hiBo54fIk+gCR
tk1YIy+5zqr5cpEp5SllpAt0hH6jgZiGBFiltstizXPRxDFpSNHLVpZdfT/vVjLj
SFF+CyivC3pXUesE2RxVw0GbIv8Pj+68uWRoVE9RJqIHySj9Sk9/QJ6CgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4cx2FzwmPV5BHx6clk2izZ8hGQMB8GA1UdIwQY
MBaAFD3q7e2hBdfpEpqbDOVrm/y5xnOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVydDdhRUYxLWtTbXBzTTVXdWJfTG5HYzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9jYzRlYjMtNzY4YS00ZjkxLTg4MmMt
MGRiMTA4NTBjNzk0LzEvUGh6SFlYUENZOVhrRWZIcHlXVGFMTm55RVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9jYzRlYjMtNzY4YS00ZjkxLTg4MmMtMGRiMTA4NTBjNzk0
LzEvUGVydDdhRUYxLWtTbXBzTTVXdWJfTG5HYzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpN8MA0G
CSqGSIb3DQEBCwUAA4IBAQDE5QBsC9sVla3slPEta9Piu0OAOJcS9/wcJubkPZ3a
x4+JQycmcgFOgOZVbMI4lGLmXHKwzNXSV2Om3lw/h2kQ3zkKVgqek60MNkdBhzAV
seatjB3fgmtmyC5C2pamT424iHBhecYJnOHdiDmW6pcIN8+MnPDCDzOZlHxcbzyc
7cpflP2NPmWuc1cAwov3IASbSuwTSWV+wWGHzvZUN2KpOE//cHtermFkm95KE6ud
E50W9FiB3UKjyH5PmBMI/Z2+qqPeN1GvoW6raaPpayahlRRVus5KNcgWfRwy2QqG
LrQZfPHj3oIdhj2DTmQAhM6+fVPrsPj1JofW9x45PpzK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:08 2024 by rpki-client on console-fra.rpki-client.org