Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/PCLasb2QClvSkhVVbzF0PMncEpI.roa
File: PCLasb2QClvSkhVVbzF0PMncEpI.roa (raw, json)
Hash identifier: RP/clVVpMqGSAMt3ZzrGj8g71Iuu8GbkRNIvnGG0Yok=
Subject key identifier: 3C:22:DA:B1:BD:90:0A:5B:D2:92:15:55:6F:31:74:3C:C9:DC:12:92
Certificate issuer: /CN=dab1c03088ebfe553812b31547c03c90a25d8771
Certificate serial: 019421B1AF22EE4A9D48CC4779EE6A3F4C35
Authority key identifier: DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/PCLasb2QClvSkhVVbzF0PMncEpI.roa
Signing time: Wed 01 Jan 2025 11:48:00 +0000
ROA not before: Wed 01 Jan 2025 11:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58130
IP address blocks: 176.116.96.0/20 maxlen: 20
176.116.96.0/24 maxlen: 24
176.116.104.0/24 maxlen: 24
176.116.105.0/24 maxlen: 24
176.116.106.0/24 maxlen: 24
176.116.107.0/24 maxlen: 24
176.116.108.0/24 maxlen: 24
176.116.111.0/24 maxlen: 24
176.116.112.0/22 maxlen: 22
185.165.140.0/23 maxlen: 23
185.165.142.0/23 maxlen: 23
2001:67c:1050::/48 maxlen: 48
2a0a:1a00::/29 maxlen: 29
2a0a:1a00::/30 maxlen: 30
2a0a:1a00:f000:9000::/56 maxlen: 56
2a0a:1a04::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 14 Jan 2025 06:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:af:22:ee:4a:9d:48:cc:47:79:ee:6a:3f:4c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab1c03088ebfe553812b31547c03c90a25d8771
Validity
Not Before: Jan 1 11:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c22dab1bd900a5bd29215556f31743cc9dc1292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7f:89:e7:90:fe:22:81:e5:e0:bf:11:24:21:
28:64:07:22:d9:15:a9:d3:04:a6:7b:57:91:b6:63:
39:ca:0f:cd:63:aa:2b:6d:a6:0c:70:36:1f:d5:67:
e4:16:dc:75:51:a2:64:48:86:cc:56:c7:c3:53:48:
a9:16:c2:7a:0b:90:37:19:61:d2:bd:af:a7:c9:c5:
ec:3c:b8:09:50:45:4d:51:79:d5:6f:b0:7d:1e:62:
ae:fb:5b:c4:10:f9:66:10:1b:97:df:6c:60:1a:ee:
45:ff:be:b7:0d:25:77:60:0a:96:42:f6:ca:3b:43:
8a:8e:42:13:36:40:91:ed:38:96:dc:e6:c4:58:3e:
a4:5c:67:69:59:68:88:9d:15:02:e3:1e:bb:84:38:
9f:2f:91:29:da:53:44:70:36:a3:fd:49:2a:68:e9:
b9:ca:d7:b6:a6:18:4f:fe:94:92:59:b4:71:90:0d:
1c:ce:a2:4a:b0:16:17:b7:cf:e1:48:7b:59:06:11:
e8:2c:42:10:d4:e6:fc:4e:22:4c:0d:36:d9:a2:ea:
99:5f:95:3f:35:01:f7:2f:b8:25:bd:e5:6f:a4:e4:
7c:95:8c:d7:20:33:c2:0a:74:f8:bf:c9:4e:75:8b:
de:84:7d:9d:0e:13:e6:7f:47:60:8f:d6:bc:a5:71:
c6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:22:DA:B1:BD:90:0A:5B:D2:92:15:55:6F:31:74:3C:C9:DC:12:92
X509v3 Authority Key Identifier:
keyid:DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/PCLasb2QClvSkhVVbzF0PMncEpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.96.0-176.116.115.255
185.165.140.0/22
IPv6:
2001:67c:1050::/48
2a0a:1a00::/29
Signature Algorithm: sha256WithRSAEncryption
cb:0d:87:cb:7e:24:6b:30:59:aa:63:38:f1:0a:80:d9:cc:41:
92:c6:d0:47:aa:46:dc:ab:1d:88:9b:40:4a:34:01:b0:e4:f6:
69:6c:c8:72:86:39:00:5b:46:c8:72:6b:5d:2e:55:c1:cd:14:
f4:4b:ce:90:cb:f4:2a:c1:13:c6:86:e4:50:d6:91:d7:9e:0a:
ef:b0:f3:69:0e:a9:86:bc:dc:f7:9d:dc:bc:2d:ee:18:c2:1f:
ef:82:10:5f:6b:d3:22:69:a5:22:81:8d:b3:91:39:f2:b0:3d:
e6:88:cb:ff:ac:f0:17:78:00:56:25:99:1a:ea:2c:2b:12:59:
23:5d:22:45:eb:db:c1:71:14:47:56:ee:e9:69:ff:2e:52:f7:
fa:ec:8f:a8:e7:b7:5f:9d:64:55:4a:2e:04:3c:bb:67:e1:63:
9a:9d:9e:fd:1a:1b:5e:50:10:fe:12:31:74:b0:3b:6e:4c:fd:
5c:18:aa:10:28:96:10:fd:b8:f3:11:33:ba:b3:0e:c4:7c:54:
f2:0d:b8:62:83:bf:5f:6f:12:61:49:7d:ca:f2:aa:4b:09:09:
ab:ef:f7:88:d1:86:b8:a9:6d:a2:fd:d0:db:c9:c9:36:9d:f3:
43:29:77:29:27:bb:ac:3a:fd:be:cf:36:6e:ac:9a:26:7f:c9:
5b:26:bd:d7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQhsa8i7kqdSMxHee5qP0w1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjFjMDMwODhlYmZlNTUzODEyYjMxNTQ3YzAzYzkwYTI1
ZDg3NzEwHhcNMjUwMTAxMTE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIyZGFiMWJkOTAwYTViZDI5MjE1NTU2ZjMxNzQzY2M5ZGMxMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX+J55D+IoHl4L8RJCEoZAci2RWp
0wSme1eRtmM5yg/NY6orbaYMcDYf1WfkFtx1UaJkSIbMVsfDU0ipFsJ6C5A3GWHS
va+nycXsPLgJUEVNUXnVb7B9HmKu+1vEEPlmEBuX32xgGu5F/763DSV3YAqWQvbK
O0OKjkITNkCR7TiW3ObEWD6kXGdpWWiInRUC4x67hDifL5Ep2lNEcDaj/UkqaOm5
yte2phhP/pSSWbRxkA0czqJKsBYXt8/hSHtZBhHoLEIQ1Ob8TiJMDTbZouqZX5U/
NQH3L7glveVvpOR8lYzXIDPCCnT4v8lOdYvehH2dDhPmf0dgj9a8pXHGbwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDwi2rG9kApb0pIVVW8xdDzJ3BKSMB8GA1UdIwQY
MBaAFNqxwDCI6/5VOBKzFUfAPJCiXYdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEt
YjcyMzk4MDcwODIzLzEvUENMYXNiMlFDbHZTa2hWVmJ6RjBQTW5jRXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEtYjcyMzk4MDcwODIz
LzEvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBAWwdGAD
BAKwdHADBAK5pYwwFgQCAAIwEAMHACABBnwQUAMFAyoKGgAwDQYJKoZIhvcNAQEL
BQADggEBAMsNh8t+JGswWapjOPEKgNnMQZLG0EeqRtyrHYibQEo0AbDk9mlsyHKG
OQBbRshya10uVcHNFPRLzpDL9CrBE8aG5FDWkdeeCu+w82kOqYa83Ped3Lwt7hjC
H++CEF9r0yJppSKBjbOROfKwPeaIy/+s8Bd4AFYlmRrqLCsSWSNdIkXr28FxFEdW
7ulp/y5S9/rsj6jnt1+dZFVKLgQ8u2fhY5qdnv0aG15QEP4SMXSwO25M/VwYqhAo
lhD9uPMRM7qzDsR8VPINuGKDv19vEmFJfcryqksJCavv94jRhripbaL90NvJyTad
80Mpdyknu6w6/b7PNm6smiZ/yVsmvdc=
-----END CERTIFICATE-----
Generated at Tue May 6 06:23:50 2025 by rpki-client