Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/pMnXWAqI2WcqGAXZhiuGFzKAx2w.roa
File: pMnXWAqI2WcqGAXZhiuGFzKAx2w.roa (raw, json)
Hash identifier: 8gbiqwiblD8fmJ9uXtX/BZ7l0q1ruyet6p820BQYplU=
Subject key identifier: A4:C9:D7:58:0A:88:D9:67:2A:18:05:D9:86:2B:86:17:32:80:C7:6C
Certificate issuer: /CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Certificate serial: 018843657CB5FA19162AE902C99116DA8BE1
Authority key identifier: AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/pMnXWAqI2WcqGAXZhiuGFzKAx2w.roa
Signing time: Mon 22 May 2023 12:18:24 +0000
ROA not before: Mon 22 May 2023 12:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 89.237.173.0/24 maxlen: 24
78.138.192.0/18 maxlen: 18
78.138.240.0/24 maxlen: 24
212.24.226.0/24 maxlen: 24
89.237.139.0/24 maxlen: 24
89.237.162.0/24 maxlen: 24
89.237.167.0/24 maxlen: 24
2a00:f580::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Jul 2023 11:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:65:7c:b5:fa:19:16:2a:e9:02:c9:91:16:da:8b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Validity
Not Before: May 22 12:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4c9d7580a88d9672a1805d9862b86173280c76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a0:1e:65:81:b0:a3:66:f2:fe:92:1b:46:7e:
aa:94:d2:71:f0:18:e9:fe:af:81:02:d1:9a:e3:9c:
e4:e0:79:b3:83:84:6a:ba:8b:24:02:e1:b1:5d:00:
a0:03:2c:69:34:8d:a6:e9:86:34:55:08:f7:a4:4f:
bc:9f:72:93:dd:09:cf:e1:49:ef:90:b8:16:db:86:
6c:95:4b:ac:9a:c6:65:db:45:2d:c5:ed:68:74:eb:
d6:15:b0:09:79:c1:67:d7:38:ff:f2:ca:e9:4b:41:
fb:4c:ee:a8:45:e9:13:c2:e7:30:4b:69:a0:db:97:
ce:d7:3e:f6:32:63:4f:9e:c7:d4:e6:30:96:1b:92:
28:c2:06:d1:a2:69:ec:69:7f:5a:0e:d6:12:fb:a8:
94:00:47:e8:b7:0a:54:43:d7:e8:e5:32:c6:24:86:
a1:8e:c9:78:bd:ab:59:97:88:d8:ca:4e:90:f3:37:
fb:4a:5e:8a:b9:73:da:81:95:7b:e0:35:6e:04:37:
99:27:15:6f:59:d5:10:08:50:f4:fd:47:e3:97:7c:
32:e6:59:32:b4:81:7d:f6:b6:80:4e:7a:0b:77:7c:
50:a2:bd:04:1e:5e:f8:50:b8:20:41:13:ed:e3:0d:
2b:8e:1a:10:73:8e:31:5c:ba:ea:bd:82:9f:f8:03:
b1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C9:D7:58:0A:88:D9:67:2A:18:05:D9:86:2B:86:17:32:80:C7:6C
X509v3 Authority Key Identifier:
keyid:AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/pMnXWAqI2WcqGAXZhiuGFzKAx2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.192.0/18
89.237.139.0/24
89.237.162.0/24
89.237.167.0/24
89.237.173.0/24
212.24.226.0/24
IPv6:
2a00:f580::/32
Signature Algorithm: sha256WithRSAEncryption
10:53:16:ab:c4:cf:77:8f:41:17:6b:fd:fb:86:80:a5:f7:13:
0b:7a:f2:92:df:68:0c:3c:e5:66:92:fe:b5:11:6c:cd:9d:98:
57:78:36:07:08:6c:5e:84:4c:af:65:95:a1:cf:c8:5c:93:ad:
65:09:46:89:b7:74:83:b7:41:d5:8d:e0:aa:86:4d:76:7c:19:
43:e4:10:f6:c5:ad:e3:3a:05:50:8f:d8:69:ef:4f:3b:b0:a6:
29:39:80:2e:92:13:f4:9d:60:d6:a6:23:c0:43:73:46:02:97:
c8:e2:91:ce:39:40:85:92:01:0d:f1:c0:76:14:99:1a:31:24:
d2:d5:28:33:a9:dc:b2:19:fa:7d:e0:58:5a:9f:32:d3:10:af:
67:d0:8d:3d:27:bf:05:ac:31:04:45:7b:4c:37:a5:fe:d1:d7:
4f:34:df:08:05:bc:40:cb:e8:e2:0a:9d:f0:fd:9a:ed:cc:52:
86:7a:f3:c2:09:f2:bc:37:43:90:b8:d5:0e:91:e6:f0:e6:3d:
c5:ea:45:40:8b:ea:76:df:74:0b:ad:9d:43:73:cb:7a:f7:19:
8e:bc:06:f2:f0:25:77:7e:5e:88:13:63:3d:1f:21:c8:fc:7b:
de:e4:cc:f6:9d:11:b0:6d:28:e0:ed:43:91:3a:9a:fd:0b:68:
31:df:db:15
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYhDZXy1+hkWKukCyZEW2ovhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNTJjMjhlZjlhNWIyMjkxYWJhNjcxYWM5YTY1ZDhmYWFk
YzU1MTgwHhcNMjMwNTIyMTIxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGM5ZDc1ODBhODhkOTY3MmExODA1ZDk4NjJiODYxNzMyODBjNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaAeZYGwo2by/pIbRn6qlNJx8Bjp
/q+BAtGa45zk4Hmzg4RquoskAuGxXQCgAyxpNI2m6YY0VQj3pE+8n3KT3QnP4Unv
kLgW24ZslUusmsZl20Utxe1odOvWFbAJecFn1zj/8srpS0H7TO6oRekTwucwS2mg
25fO1z72MmNPnsfU5jCWG5IowgbRomnsaX9aDtYS+6iUAEfotwpUQ9fo5TLGJIah
jsl4vatZl4jYyk6Q8zf7Sl6KuXPagZV74DVuBDeZJxVvWdUQCFD0/Ufjl3wy5lky
tIF99raATnoLd3xQor0EHl74ULggQRPt4w0rjhoQc44xXLrqvYKf+AOxHwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKTJ11gKiNlnKhgF2YYrhhcygMdsMB8GA1UdIwQY
MBaAFK1Swo75pbIpGrpnGsmmXY+q3FUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgt
NzAyYmU0OGE1NTFlLzEvcE1uWFdBcUkyV2NxR0FYWmhpdUdGektBeDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgtNzAyYmU0OGE1NTFl
LzEvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGTorAAwQA
We2LAwQAWe2iAwQAWe2nAwQAWe2tAwQA1BjiMA0EAgACMAcDBQAqAPWAMA0GCSqG
SIb3DQEBCwUAA4IBAQAQUxarxM93j0EXa/37hoCl9xMLevKS32gMPOVmkv61EWzN
nZhXeDYHCGxehEyvZZWhz8hck61lCUaJt3SDt0HVjeCqhk12fBlD5BD2xa3jOgVQ
j9hp7087sKYpOYAukhP0nWDWpiPAQ3NGApfI4pHOOUCFkgEN8cB2FJkaMSTS1Sgz
qdyyGfp94FhanzLTEK9n0I09J78FrDEERXtMN6X+0ddPNN8IBbxAy+jiCp3w/Zrt
zFKGevPCCfK8N0OQuNUOkebw5j3F6kVAi+p233QLrZ1Dc8t69xmOvAby8CV3fl6I
E2M9HyHI/Hve5Mz2nRGwbSjg7UOROpr9C2gx39sV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:19 2024 by rpki-client on console-fra.rpki-client.org