Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/PHzxgz47z3UocYFbOz6qLp0oUvY.roa
File: PHzxgz47z3UocYFbOz6qLp0oUvY.roa (raw, json)
Hash identifier: mVNqo1U9r5MrnzEBv7dccnzngWCGICEm4MUs8Xx6I9M=
Subject key identifier: 3C:7C:F1:83:3E:3B:CF:75:28:71:81:5B:3B:3E:AA:2E:9D:28:52:F6
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 01856F0B5CFC11FD91628E402D0E7821020D
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/PHzxgz47z3UocYFbOz6qLp0oUvY.roa
Signing time: Sun 01 Jan 2023 20:34:53 +0000
ROA not before: Sun 01 Jan 2023 20:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205005
IP address blocks: 185.2.144.0/23 maxlen: 23
185.121.208.0/22 maxlen: 22
2a00:1be7::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:5c:fc:11:fd:91:62:8e:40:2d:0e:78:21:02:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Jan 1 20:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c7cf1833e3bcf752871815b3b3eaa2e9d2852f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:08:27:f1:3a:9b:c8:23:55:6d:fe:23:a0:19:
d6:6a:fc:fd:48:fc:14:39:c7:97:0d:2a:86:b3:ab:
6f:24:d5:40:d1:69:87:c2:ac:e9:39:dc:c4:5a:fd:
b0:20:4f:6e:08:65:58:3f:bb:3d:a2:f0:23:e6:5b:
83:9c:ef:a9:8f:ba:b1:c9:49:09:66:3d:61:14:8c:
67:cd:57:e3:08:9e:6f:b1:89:12:b6:6f:4f:5e:56:
fc:d1:0d:b3:e2:78:50:6a:fb:23:d4:57:83:73:12:
79:58:12:35:7c:50:ae:7d:be:54:91:de:0d:e7:43:
28:f5:cd:87:bf:cc:e0:8b:58:53:81:28:53:39:ad:
19:c4:6f:4b:c3:b9:46:41:7d:66:c4:b9:97:e2:34:
50:cc:8b:e0:6a:6c:c6:e5:27:ae:c5:41:82:e1:5e:
b3:65:51:f7:2c:02:a8:1b:72:a6:e0:c0:c5:dc:ac:
b2:1b:16:de:36:35:be:a1:53:33:56:e3:b9:86:4a:
04:b1:21:b1:02:38:df:76:85:59:b5:eb:d9:04:9a:
49:ee:ec:fd:c8:a2:68:54:14:27:1b:74:4a:a7:0b:
9b:35:cc:4a:5e:8d:a3:24:c2:04:f8:a9:80:bf:e2:
0b:cf:93:aa:c3:72:2c:d6:f8:5c:1e:9e:83:d8:90:
18:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7C:F1:83:3E:3B:CF:75:28:71:81:5B:3B:3E:AA:2E:9D:28:52:F6
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/PHzxgz47z3UocYFbOz6qLp0oUvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.144.0/23
185.121.208.0/22
IPv6:
2a00:1be7::/32
Signature Algorithm: sha256WithRSAEncryption
89:09:bb:9b:b4:4d:bf:d6:5c:81:88:cf:b6:c6:78:4d:1d:31:
19:bf:d4:a8:a5:5f:1f:15:74:58:cf:ef:23:32:1e:9d:a9:1b:
c8:47:6a:c9:8c:b9:29:cc:4b:0d:25:97:68:d2:82:f4:50:b4:
93:bd:3f:23:cb:ce:99:68:62:17:d2:be:cc:de:8b:28:7d:88:
90:8d:2a:ed:40:12:14:61:ca:24:bc:ff:a1:34:98:4e:52:d1:
fd:c6:ad:b3:a8:97:3c:4b:2b:f6:8e:42:d1:b1:b7:c6:bd:eb:
21:a3:c7:fe:cb:8e:55:66:f0:28:32:70:4e:af:a6:5c:70:75:
58:6c:a9:53:d6:81:4a:49:d9:52:0f:47:c3:75:65:86:95:f9:
5c:15:04:e3:b4:c3:91:41:5d:3a:5a:0e:1b:3d:c3:3c:d5:ec:
7b:1e:ef:9a:d7:56:d1:d0:d7:d2:c9:09:ab:ff:03:a1:69:50:
70:67:cf:39:14:dd:f8:52:1b:8f:f2:67:f9:bc:69:b0:a7:f0:
f3:a2:56:09:2d:05:d8:0a:76:03:ef:3a:ba:17:d8:0d:b0:69:
90:66:7f:d1:8d:55:30:dd:26:aa:94:8d:9e:a8:cd:77:44:e5:
5f:c2:8d:a7:c8:40:92:d2:d3:25:ff:52:d2:af:98:f6:c0:88:
90:e3:e5:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvC1z8Ef2RYo5ALQ54IQINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjMwMTAxMjAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzdjZjE4MzNlM2JjZjc1Mjg3MTgxNWIzYjNlYWEyZTlkMjg1MmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwgn8TqbyCNVbf4joBnWavz9SPwU
OceXDSqGs6tvJNVA0WmHwqzpOdzEWv2wIE9uCGVYP7s9ovAj5luDnO+pj7qxyUkJ
Zj1hFIxnzVfjCJ5vsYkStm9PXlb80Q2z4nhQavsj1FeDcxJ5WBI1fFCufb5Ukd4N
50Mo9c2Hv8zgi1hTgShTOa0ZxG9Lw7lGQX1mxLmX4jRQzIvgamzG5SeuxUGC4V6z
ZVH3LAKoG3Km4MDF3KyyGxbeNjW+oVMzVuO5hkoEsSGxAjjfdoVZtevZBJpJ7uz9
yKJoVBQnG3RKpwubNcxKXo2jJMIE+KmAv+ILz5Oqw3Is1vhcHp6D2JAYaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDx88YM+O891KHGBWzs+qi6dKFL2MB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEvUEh6eGd6NDd6M1VvY1lGYk96NnFMcDBvVXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuQKQAwQC
uXnQMA0EAgACMAcDBQAqABvnMA0GCSqGSIb3DQEBCwUAA4IBAQCJCbubtE2/1lyB
iM+2xnhNHTEZv9SopV8fFXRYz+8jMh6dqRvIR2rJjLkpzEsNJZdo0oL0ULSTvT8j
y86ZaGIX0r7M3osofYiQjSrtQBIUYcokvP+hNJhOUtH9xq2zqJc8Syv2jkLRsbfG
vesho8f+y45VZvAoMnBOr6ZccHVYbKlT1oFKSdlSD0fDdWWGlflcFQTjtMORQV06
Wg4bPcM81ex7Hu+a11bR0NfSyQmr/wOhaVBwZ885FN34UhuP8mf5vGmwp/DzolYJ
LQXYCnYD7zq6F9gNsGmQZn/RjVUw3SaqlI2eqM13ROVfwo2nyECS0tMl/1LSr5j2
wIiQ4+X4
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:50 2024 by rpki-client on console.sobornost.net