Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PFJqGwPxl4si_ISPgsbYXv69HRQ.roa
File: PFJqGwPxl4si_ISPgsbYXv69HRQ.roa (raw, json)
Hash identifier: wEeIClTW7S5PZJjViKtZvETqAjwWnbNaWbMOPJQF1gA=
Subject key identifier: 3C:52:6A:1B:03:F1:97:8B:22:FC:84:8F:82:C6:D8:5E:FE:BD:1D:14
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0186BDDC0D98F42B828A1DE56897F4434308
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PFJqGwPxl4si_ISPgsbYXv69HRQ.roa
Signing time: Tue 07 Mar 2023 20:56:00 +0000
ROA not before: Tue 07 Mar 2023 20:56:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212335
IP address blocks: 89.42.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bd:dc:0d:98:f4:2b:82:8a:1d:e5:68:97:f4:43:43:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 7 20:56:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c526a1b03f1978b22fc848f82c6d85efebd1d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:d8:2b:21:e8:9a:73:15:52:67:9b:1c:b6:
92:22:f5:a4:6e:e1:9e:8b:79:d0:b4:24:6e:ff:bb:
1a:a7:5c:72:91:98:93:7d:79:93:1f:ee:f3:07:ee:
e5:64:74:af:30:d3:09:aa:a1:09:d1:64:e5:33:d0:
24:df:40:65:ea:5a:31:fc:30:f6:f0:f3:d0:f8:66:
a3:cd:ec:8c:cc:cc:45:e6:3b:4b:21:f2:be:1f:51:
d7:09:5d:7b:bf:86:73:6a:f8:f9:62:14:25:b0:1e:
02:23:07:e4:28:71:eb:55:e1:cf:da:d2:60:80:88:
8b:35:cd:92:bd:de:59:f7:9a:d2:c1:04:2a:75:d7:
be:b2:db:bd:21:76:37:7e:a0:8d:75:11:d3:2c:5b:
a1:b1:ec:06:f1:78:88:16:57:3f:02:af:dd:bb:c9:
12:5d:c0:33:9a:12:3b:8b:e5:0e:80:39:62:6f:90:
f5:69:f6:bd:d1:73:c0:e7:f8:e6:09:c3:64:28:32:
01:84:47:58:26:2b:93:94:bb:7b:11:9d:39:71:35:
58:13:13:3c:ef:66:ee:7b:53:c5:c5:e9:64:bd:7f:
90:d3:04:df:9e:55:bc:6b:8a:4f:48:5f:e9:1c:f0:
f8:58:87:9e:8b:80:a6:e2:c2:a1:ff:6d:4b:5f:6c:
77:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:52:6A:1B:03:F1:97:8B:22:FC:84:8F:82:C6:D8:5E:FE:BD:1D:14
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PFJqGwPxl4si_ISPgsbYXv69HRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.29.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:5a:2b:9e:e8:75:59:d5:cc:d5:79:d4:9c:17:ab:65:7f:22:
23:e6:29:b6:fc:fd:a7:be:f6:1d:3d:f0:33:15:42:91:c0:d9:
9c:2b:6e:fd:bb:26:a8:af:c4:63:56:c1:80:f6:c9:f6:62:9f:
09:cb:e7:60:0e:1b:41:73:3e:1a:45:85:8e:f1:05:81:dd:cb:
3e:0f:30:2e:5b:2f:c0:21:e7:76:41:7d:e1:41:f1:3a:8b:d5:
35:4e:dc:1c:9a:ca:11:4f:1e:19:19:33:eb:af:0b:a1:22:3b:
a9:8e:2f:c3:39:0d:4a:ce:78:04:fd:aa:e9:cb:5e:87:9f:5c:
4e:98:4b:9f:35:3c:c4:cc:0e:cd:81:c6:06:06:f4:85:1b:14:
ef:27:f2:fe:6b:e9:bb:b2:ad:1e:7d:fb:05:df:18:ec:17:d5:
83:3e:e9:66:61:67:55:5b:80:b7:ab:72:0a:07:30:43:fb:2f:
f1:85:53:65:fc:e7:2c:9e:83:bb:b3:f4:08:3e:50:9e:fd:90:
fc:be:f5:05:de:17:28:40:99:a4:e9:4f:8c:a4:ef:2c:73:48:
88:2d:c7:d5:bd:f7:06:9b:46:1c:ee:a7:fc:4a:18:37:ec:30:
09:92:c7:49:d0:34:fc:f0:9a:64:65:1a:76:e9:04:d0:15:10:
85:7c:44:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa93A2Y9CuCih3laJf0Q0MIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMzA3MjA1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUyNmExYjAzZjE5NzhiMjJmYzg0OGY4MmM2ZDg1ZWZlYmQxZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih7YKyHomnMVUmebHLaSIvWkbuGe
i3nQtCRu/7sap1xykZiTfXmTH+7zB+7lZHSvMNMJqqEJ0WTlM9Ak30Bl6lox/DD2
8PPQ+GajzeyMzMxF5jtLIfK+H1HXCV17v4Zzavj5YhQlsB4CIwfkKHHrVeHP2tJg
gIiLNc2Svd5Z95rSwQQqdde+stu9IXY3fqCNdRHTLFuhsewG8XiIFlc/Aq/du8kS
XcAzmhI7i+UOgDlib5D1afa90XPA5/jmCcNkKDIBhEdYJiuTlLt7EZ05cTVYExM8
72bue1PFxelkvX+Q0wTfnlW8a4pPSF/pHPD4WIeei4Cm4sKh/21LX2x3JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxSahsD8ZeLIvyEj4LG2F7+vR0UMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUEZKcUd3UHhsNHNpX0lTUGdzYllYdjY5SFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSodMA0G
CSqGSIb3DQEBCwUAA4IBAQCOWiue6HVZ1czVedScF6tlfyIj5im2/P2nvvYdPfAz
FUKRwNmcK279uyaor8RjVsGA9sn2Yp8Jy+dgDhtBcz4aRYWO8QWB3cs+DzAuWy/A
Ied2QX3hQfE6i9U1TtwcmsoRTx4ZGTPrrwuhIjupji/DOQ1KzngE/arpy16Hn1xO
mEufNTzEzA7NgcYGBvSFGxTvJ/L+a+m7sq0effsF3xjsF9WDPulmYWdVW4C3q3IK
BzBD+y/xhVNl/OcsnoO7s/QIPlCe/ZD8vvUF3hcoQJmk6U+MpO8sc0iILcfVvfcG
m0Yc7qf8Shg37DAJksdJ0DT88JpkZRp26QTQFRCFfESY
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:15:04 2024 by rpki-client on console-ams.rpki-client.org