Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/PBYnkfqgy7LIydbWdhaIyBnKjoE.roa
File: PBYnkfqgy7LIydbWdhaIyBnKjoE.roa (raw, json)
Hash identifier: gKxk6otNYagcei9Qws7fbEHX50F1GS2XMTcPDgs9qtc=
Subject key identifier: 3C:16:27:91:FA:A0:CB:B2:C8:C9:D6:D6:76:16:88:C8:19:CA:8E:81
Certificate issuer: /CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Certificate serial: 0185CF89E199FA5D15E57347D70D6AE3F33B
Authority key identifier: 07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/PBYnkfqgy7LIydbWdhaIyBnKjoE.roa
Signing time: Fri 20 Jan 2023 14:16:37 +0000
ROA not before: Fri 20 Jan 2023 14:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57717
IP address blocks: 185.173.235.0/24 maxlen: 24
185.216.140.0/23 maxlen: 23
185.216.143.0/24 maxlen: 24
2a0b:b7c0::/30 maxlen: 30
2a0b:b7c4::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:89:e1:99:fa:5d:15:e5:73:47:d7:0d:6a:e3:f3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Validity
Not Before: Jan 20 14:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c162791faa0cbb2c8c9d6d6761688c819ca8e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:74:f0:c3:a9:b7:18:bb:16:5b:8c:46:fb:85:
65:3a:2c:56:9d:25:5d:24:2c:22:05:a6:6d:52:4a:
cf:96:e8:99:d9:b0:eb:fa:74:d1:10:cf:f9:43:61:
d8:00:23:51:e4:86:1a:1d:44:ec:b8:cf:02:f3:13:
13:de:33:80:c4:69:83:1e:15:bb:7b:a3:ec:65:b9:
8a:58:b1:78:f1:7f:2c:56:cf:9d:51:fd:6a:9e:f4:
3a:66:79:44:25:e8:f2:e7:9a:0d:38:7f:cb:15:a7:
7f:ec:a3:a8:a8:ed:0a:52:2d:5b:92:4b:7a:84:42:
92:bb:ac:50:b0:65:42:c1:ca:4d:70:7e:ce:38:06:
03:69:99:39:8c:65:f7:3e:19:72:76:3b:9d:9b:90:
e9:78:51:01:a1:cd:9f:7b:57:ce:52:31:d1:f6:e6:
76:f9:a8:a8:02:4b:2c:8d:fd:87:4f:ca:a5:49:a6:
b9:58:3f:e1:2e:44:9e:ac:a6:6e:3b:be:f3:6d:db:
03:e8:5f:61:ac:af:e5:a6:37:a6:1a:a6:75:21:67:
5c:12:bf:ba:8e:14:10:07:af:84:93:92:07:3b:5f:
eb:58:5f:28:7a:c6:27:d5:44:17:dc:cc:09:57:36:
7f:8d:35:82:99:25:83:62:08:e5:d8:95:08:2f:55:
8c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:16:27:91:FA:A0:CB:B2:C8:C9:D6:D6:76:16:88:C8:19:CA:8E:81
X509v3 Authority Key Identifier:
keyid:07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/PBYnkfqgy7LIydbWdhaIyBnKjoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.235.0/24
185.216.140.0/23
185.216.143.0/24
IPv6:
2a0b:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:67:30:32:a0:87:d5:43:54:17:43:3a:f5:82:ae:17:27:e9:
01:9f:0f:98:2e:bd:6c:69:f2:f7:b7:0f:41:c7:6b:7e:65:62:
c2:30:29:35:69:0e:a8:d7:e2:5a:d7:77:97:18:28:52:48:b1:
12:d9:d4:b1:37:cd:96:7b:7d:e1:ed:60:64:3e:e1:b8:eb:56:
32:1d:0a:f9:c3:c6:b0:47:fb:4d:97:12:72:33:b1:d4:a3:fd:
31:95:98:74:33:d6:f8:d7:bc:2e:67:a3:96:6e:eb:64:43:75:
42:ec:97:91:dc:99:ae:51:22:0c:a6:ed:71:9a:d3:18:23:29:
85:d6:05:b7:5a:53:44:49:2b:20:c7:f9:0c:8f:c6:3b:3f:a3:
8e:25:cf:9c:e9:37:67:24:64:8d:48:02:c4:bf:98:7b:20:00:
3d:d3:3d:c9:8a:ff:20:c6:20:37:a3:23:78:71:27:79:39:3c:
f6:25:88:e6:13:cf:b4:cd:d2:02:c5:5f:5f:35:4b:8c:f8:35:
21:1c:87:a4:9e:a8:0c:84:66:59:64:4e:a0:1b:f4:14:37:e1:
c0:20:aa:c3:13:0a:c7:ae:5f:10:f6:ea:4d:b1:cd:5d:76:90:
1d:48:5c:09:72:2e:8a:7b:bc:24:79:95:48:c6:0a:ee:2e:3e:
7f:1f:92:35
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYXPieGZ+l0V5XNH1w1q4/M7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTVjNGU0YmUzYjhjYmRlMGVhZTk0NjBhMTEwMzJkNmE2
NGFiNzEwHhcNMjMwMTIwMTQxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE2Mjc5MWZhYTBjYmIyYzhjOWQ2ZDY3NjE2ODhjODE5Y2E4ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnTww6m3GLsWW4xG+4VlOixWnSVd
JCwiBaZtUkrPluiZ2bDr+nTREM/5Q2HYACNR5IYaHUTsuM8C8xMT3jOAxGmDHhW7
e6PsZbmKWLF48X8sVs+dUf1qnvQ6ZnlEJejy55oNOH/LFad/7KOoqO0KUi1bkkt6
hEKSu6xQsGVCwcpNcH7OOAYDaZk5jGX3Phlydjudm5DpeFEBoc2fe1fOUjHR9uZ2
+aioAkssjf2HT8qlSaa5WD/hLkSerKZuO77zbdsD6F9hrK/lpjemGqZ1IWdcEr+6
jhQQB6+Ek5IHO1/rWF8oesYn1UQX3MwJVzZ/jTWCmSWDYgjl2JUIL1WMYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDwWJ5H6oMuyyMnW1nYWiMgZyo6BMB8GA1UdIwQY
MBaAFAflxOS+O4y94OrpRgoRAy1qZKtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUt
NGM4ODgzMzI3YTJhLzEvUEJZbmtmcWd5N0xJeWRiV2RoYUl5Qm5Lam9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUtNGM4ODgzMzI3YTJh
LzEvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAua3rAwQB
udiMAwQAudiPMA0EAgACMAcDBQMqC7fAMA0GCSqGSIb3DQEBCwUAA4IBAQCgZzAy
oIfVQ1QXQzr1gq4XJ+kBnw+YLr1safL3tw9Bx2t+ZWLCMCk1aQ6o1+Ja13eXGChS
SLES2dSxN82We33h7WBkPuG461YyHQr5w8awR/tNlxJyM7HUo/0xlZh0M9b417wu
Z6OWbutkQ3VC7JeR3JmuUSIMpu1xmtMYIymF1gW3WlNESSsgx/kMj8Y7P6OOJc+c
6TdnJGSNSALEv5h7IAA90z3Jiv8gxiA3oyN4cSd5OTz2JYjmE8+0zdICxV9fNUuM
+DUhHIeknqgMhGZZZE6gG/QUN+HAIKrDEwrHrl8Q9upNsc1ddpAdSFwJci6Ke7wk
eZVIxgruLj5/H5I1
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:46 2024 by rpki-client on console-ams.rpki-client.org