Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/PZCk7raWXRQQgFumcfxtaH5ie50.roa
File: PZCk7raWXRQQgFumcfxtaH5ie50.roa (raw, json)
Hash identifier: XHwLpSpjF+CDYRpiHQ1v28iUzBl2xNs/PmQJFNpry5A=
Subject key identifier: 3D:90:A4:EE:B6:96:5D:14:10:80:5B:A6:71:FC:6D:68:7E:62:7B:9D
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 01863C42470F2358D2EC674BB9AEF8CA77F7
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/PZCk7raWXRQQgFumcfxtaH5ie50.roa
Signing time: Fri 10 Feb 2023 16:57:01 +0000
ROA not before: Fri 10 Feb 2023 16:57:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 146.247.101.0/24 maxlen: 24
146.247.108.0/24 maxlen: 24
146.247.112.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 23:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3c:42:47:0f:23:58:d2:ec:67:4b:b9:ae:f8:ca:77:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Feb 10 16:57:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d90a4eeb6965d1410805ba671fc6d687e627b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:38:7b:80:b7:ce:aa:a6:f7:2f:f0:53:0f:c4:
fd:ae:db:61:da:ca:16:5e:33:49:0e:c4:38:09:ee:
73:75:27:8e:aa:76:94:84:70:81:9e:a7:58:cd:32:
7b:c3:f6:84:b1:a8:0d:f3:a9:0e:cb:9a:6c:dc:25:
ef:c9:37:e9:19:83:a6:c6:70:39:25:19:51:58:35:
57:1d:43:fe:fc:19:5f:6f:b3:e2:d0:87:58:3d:0c:
d7:19:a9:ac:78:97:91:e3:e6:a3:69:e8:4a:f1:fd:
20:0b:6b:bd:84:e7:ef:ff:33:6e:96:72:a9:0d:0c:
55:da:cf:3b:c7:72:32:f1:39:18:f7:f2:42:83:bd:
f1:42:0e:fa:d1:6f:5c:3f:4c:a4:34:a2:b3:d9:cd:
91:c7:90:b9:68:b2:e5:c6:83:0c:ae:f1:55:a8:bd:
94:d4:7e:ab:f3:7d:ff:9e:5f:e7:24:11:56:59:9f:
3a:df:d3:e0:e6:42:6e:10:58:a4:c0:49:04:1f:25:
a8:0b:d8:25:9a:64:65:86:89:b5:a8:da:42:19:3f:
5a:65:6d:dd:99:05:15:6b:a6:98:f0:1e:7c:c1:93:
a3:12:9b:82:8f:9f:fb:49:fc:ec:22:96:61:8d:c6:
22:e4:1e:40:89:ce:64:71:89:66:b2:e5:39:94:72:
c6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:90:A4:EE:B6:96:5D:14:10:80:5B:A6:71:FC:6D:68:7E:62:7B:9D
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/PZCk7raWXRQQgFumcfxtaH5ie50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.101.0/24
146.247.108.0/24
146.247.112.0/23
Signature Algorithm: sha256WithRSAEncryption
06:52:00:8b:9d:a7:7a:62:2b:0c:c7:64:b5:7c:b3:d4:e0:0c:
5e:b0:47:68:e3:ee:9c:6c:c7:ab:7d:ab:4d:72:2f:18:5c:4f:
8a:26:24:b4:a2:02:ae:f5:94:79:7c:90:49:b8:9a:7a:42:8b:
ed:ee:ce:37:67:d4:79:4b:18:ef:1e:cb:af:97:b3:0a:00:35:
2f:00:f6:b0:2c:d0:8e:8c:fd:a4:14:1d:f4:ef:e7:4d:f1:3a:
61:7f:ce:a8:b7:41:11:4a:c5:1b:24:6f:94:2b:d3:10:cc:b6:
3e:82:8c:79:0f:86:b8:06:aa:55:8b:10:80:5e:8e:35:1a:05:
0e:5b:fa:1e:ca:ac:7a:7e:70:a1:e9:56:39:93:bf:fc:43:08:
f8:7d:d5:29:e9:23:1a:15:06:6e:51:8d:e4:7a:7a:d0:67:32:
4e:5b:fe:e9:43:1b:11:e6:6d:10:18:96:0f:ae:8e:fe:fe:43:
09:3b:77:bc:e8:c1:d2:33:ab:33:52:76:66:4b:96:38:fc:c9:
f0:ce:0a:ee:32:aa:15:7f:89:fb:94:cb:fd:2b:95:60:7d:c4:
41:d9:c5:f3:8c:8a:ab:c6:4a:4c:8a:a4:78:ea:59:04:6b:b2:
85:1b:de:87:b0:2f:86:e5:30:f8:a2:a8:a9:49:8b:91:3d:46:
bc:fa:d6:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY8QkcPI1jS7GdLua74ynf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjMwMjEwMTY1NzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDkwYTRlZWI2OTY1ZDE0MTA4MDViYTY3MWZjNmQ2ODdlNjI3YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjh7gLfOqqb3L/BTD8T9rtth2soW
XjNJDsQ4Ce5zdSeOqnaUhHCBnqdYzTJ7w/aEsagN86kOy5ps3CXvyTfpGYOmxnA5
JRlRWDVXHUP+/Blfb7Pi0IdYPQzXGamseJeR4+ajaehK8f0gC2u9hOfv/zNulnKp
DQxV2s87x3Iy8TkY9/JCg73xQg760W9cP0ykNKKz2c2Rx5C5aLLlxoMMrvFVqL2U
1H6r833/nl/nJBFWWZ8639Pg5kJuEFikwEkEHyWoC9glmmRlhom1qNpCGT9aZW3d
mQUVa6aY8B58wZOjEpuCj5/7SfzsIpZhjcYi5B5Aic5kcYlmsuU5lHLGZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD2QpO62ll0UEIBbpnH8bWh+YnudMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvUFpDazdyYVdYUlFRZ0Z1bWNmeHRhSDVpZTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkvdlAwQA
kvdsAwQBkvdwMA0GCSqGSIb3DQEBCwUAA4IBAQAGUgCLnad6YisMx2S1fLPU4Axe
sEdo4+6cbMerfatNci8YXE+KJiS0ogKu9ZR5fJBJuJp6Qovt7s43Z9R5SxjvHsuv
l7MKADUvAPawLNCOjP2kFB307+dN8Tphf86ot0ERSsUbJG+UK9MQzLY+gox5D4a4
BqpVixCAXo41GgUOW/oeyqx6fnCh6VY5k7/8Qwj4fdUp6SMaFQZuUY3kenrQZzJO
W/7pQxsR5m0QGJYPro7+/kMJO3e86MHSM6szUnZmS5Y4/MnwzgruMqoVf4n7lMv9
K5VgfcRB2cXzjIqrxkpMiqR46lkEa7KFG96HsC+G5TD4oqipSYuRPUa8+tZo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:19 2024 by rpki-client on console-fra.rpki-client.org