Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/PxCexIBchYIRKtpFp5pk6Rurb7Y.roa
File: PxCexIBchYIRKtpFp5pk6Rurb7Y.roa (raw, json)
Hash identifier: IuunPHcqHwFd0XN8j1GVLe7symcaqngtclqhhTd506s=
Subject key identifier: 3F:10:9E:C4:80:5C:85:82:11:2A:DA:45:A7:9A:64:E9:1B:AB:6F:B6
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 01898D9CBC5C64992236A4282030B0077021
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/PxCexIBchYIRKtpFp5pk6Rurb7Y.roa
Signing time: Tue 25 Jul 2023 15:13:26 +0000
ROA not before: Tue 25 Jul 2023 15:13:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 185.247.18.0/24 maxlen: 24
185.247.19.0/24 maxlen: 24
176.57.212.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:9c:bc:5c:64:99:22:36:a4:28:20:30:b0:07:70:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jul 25 15:13:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f109ec4805c8582112ada45a79a64e91bab6fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b6:57:92:c3:34:fd:9b:12:3f:b2:11:43:bf:
7f:b9:1b:c3:4f:9b:c1:39:c9:9f:29:76:8e:7e:09:
08:7a:08:b3:c4:1d:6c:88:78:dd:01:31:a7:9c:bc:
c3:64:1f:14:60:a7:fb:5f:30:28:95:9e:57:0e:da:
48:e6:d8:4f:85:18:b1:62:02:a2:6b:76:c7:f9:8e:
a9:8b:4c:1a:24:a4:de:ed:67:16:07:10:18:a0:cd:
dc:bd:b0:5a:d9:1d:63:43:c9:24:eb:a9:d8:8e:bd:
e4:ed:1f:3d:58:88:b0:a0:73:bc:1b:8a:c4:7d:28:
e4:eb:61:2c:57:34:45:91:79:26:e5:9b:28:10:04:
c0:8f:4c:b4:ad:b5:06:23:70:66:b9:fc:37:7a:bd:
1c:33:68:ac:b2:8c:ce:03:e8:46:85:7d:26:76:f8:
c4:4f:cb:ec:0f:1f:56:ab:da:5e:f7:e0:8b:14:e6:
0d:88:1b:c0:c4:19:03:22:3d:92:bb:e1:da:69:bf:
2b:18:11:35:8b:ff:77:91:ee:a3:bd:b2:ce:48:76:
50:b9:79:c8:eb:8d:69:16:5a:11:dc:5d:71:20:2b:
bc:80:19:d4:f2:68:66:c1:77:cf:ba:7e:62:e2:db:
e7:e7:69:c5:86:77:09:7a:b2:4b:08:71:b6:a7:d0:
c8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:10:9E:C4:80:5C:85:82:11:2A:DA:45:A7:9A:64:E9:1B:AB:6F:B6
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/PxCexIBchYIRKtpFp5pk6Rurb7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.212.0/24
185.247.18.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:31:3f:dc:02:53:fd:18:17:0a:c4:e0:52:86:5c:9a:d2:d3:
41:3d:ae:fe:13:4f:fe:f1:a1:75:9d:06:de:79:1e:6c:ac:eb:
cb:26:a8:58:89:99:30:1d:16:c1:6c:ef:98:aa:77:08:05:91:
d8:20:64:9d:bd:35:35:45:d5:62:91:99:f1:0b:ac:14:92:74:
d3:a6:60:9b:e4:9c:ce:8e:fd:49:c8:40:8f:49:aa:27:6f:bb:
6a:3d:0f:a6:7d:22:e3:2d:ef:d9:99:94:45:50:e6:81:49:de:
71:d1:3b:98:f5:27:a8:c2:be:9e:22:c4:16:dc:38:80:74:49:
24:e5:6b:c9:14:0b:0b:45:29:6f:fe:95:c2:cd:d0:1c:01:f3:
d1:7c:9c:23:11:f3:eb:be:56:0d:3c:95:7f:d1:bc:f9:d8:87:
16:2c:2d:2e:d7:24:54:87:4b:ed:f3:5f:dc:e6:68:fd:8a:9a:
20:b3:d5:67:7b:0b:c7:e8:d0:19:1c:ce:a6:ab:00:c7:cf:9a:
1b:4e:e0:0f:94:83:e1:a7:41:e3:92:93:3f:05:3e:87:9b:eb:
fa:d2:31:e5:b7:6a:f8:14:d7:7c:de:35:d5:95:73:26:42:31:
a3:e8:5a:c4:b6:26:a2:7a:41:4c:e5:3f:13:3d:87:12:b2:09:
ec:74:4e:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmNnLxcZJkiNqQoIDCwB3AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwNzI1MTUxMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjEwOWVjNDgwNWM4NTgyMTEyYWRhNDVhNzlhNjRlOTFiYWI2ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbZXksM0/ZsSP7IRQ79/uRvDT5vB
OcmfKXaOfgkIegizxB1siHjdATGnnLzDZB8UYKf7XzAolZ5XDtpI5thPhRixYgKi
a3bH+Y6pi0waJKTe7WcWBxAYoM3cvbBa2R1jQ8kk66nYjr3k7R89WIiwoHO8G4rE
fSjk62EsVzRFkXkm5ZsoEATAj0y0rbUGI3Bmufw3er0cM2issozOA+hGhX0mdvjE
T8vsDx9Wq9pe9+CLFOYNiBvAxBkDIj2Su+Haab8rGBE1i/93ke6jvbLOSHZQuXnI
641pFloR3F1xICu8gBnU8mhmwXfPun5i4tvn52nFhncJerJLCHG2p9DImQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD8QnsSAXIWCESraRaeaZOkbq2+2MB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvUHhDZXhJQmNoWUlSS3RwRnA1cGs2UnVyYjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsDnUAwQB
ufcSMA0GCSqGSIb3DQEBCwUAA4IBAQCdMT/cAlP9GBcKxOBShlya0tNBPa7+E0/+
8aF1nQbeeR5srOvLJqhYiZkwHRbBbO+YqncIBZHYIGSdvTU1RdVikZnxC6wUknTT
pmCb5JzOjv1JyECPSaonb7tqPQ+mfSLjLe/ZmZRFUOaBSd5x0TuY9Seowr6eIsQW
3DiAdEkk5WvJFAsLRSlv/pXCzdAcAfPRfJwjEfPrvlYNPJV/0bz52IcWLC0u1yRU
h0vt81/c5mj9ipogs9VnewvH6NAZHM6mqwDHz5obTuAPlIPhp0HjkpM/BT6Hm+v6
0jHlt2r4FNd83jXVlXMmQjGj6FrEtiaiekFM5T8TPYcSsgnsdE6O
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:57:14 2024 by rpki-client on console-fra.rpki-client.org