Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/pgfhiHbNylCHIgd2rE-ppqmuxc8.roa
File: pgfhiHbNylCHIgd2rE-ppqmuxc8.roa (raw, json)
Hash identifier: 7qXotU+lbYL6g1CLJ6v5bSDFMsy+8qM+2sO3ydPKdp0=
Subject key identifier: A6:07:E1:88:76:CD:CA:50:87:22:07:76:AC:4F:A9:A6:A9:AE:C5:CF
Certificate issuer: /CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Certificate serial: 0185715E8E2CB968ED5C50C46046478EC911
Authority key identifier: 17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/pgfhiHbNylCHIgd2rE-ppqmuxc8.roa
Signing time: Mon 02 Jan 2023 07:25:00 +0000
ROA not before: Mon 02 Jan 2023 07:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60664
IP address blocks: 157.97.76.0/23 maxlen: 23
157.97.78.0/23 maxlen: 23
153.92.160.0/24 maxlen: 24
153.92.162.0/24 maxlen: 24
153.92.161.0/24 maxlen: 24
153.92.164.0/24 maxlen: 24
153.92.163.0/24 maxlen: 24
153.92.165.0/24 maxlen: 24
153.92.166.0/24 maxlen: 24
153.92.167.0/24 maxlen: 24
153.92.169.0/24 maxlen: 24
153.92.168.0/24 maxlen: 24
153.92.170.0/24 maxlen: 24
153.92.172.0/24 maxlen: 24
153.92.171.0/24 maxlen: 24
153.92.175.0/24 maxlen: 24
153.92.174.0/24 maxlen: 24
153.92.173.0/24 maxlen: 24
157.180.192.0/24 maxlen: 24
157.180.194.0/24 maxlen: 24
157.180.193.0/24 maxlen: 24
157.180.195.0/24 maxlen: 24
157.180.197.0/24 maxlen: 24
157.180.196.0/24 maxlen: 24
157.180.196.0/23 maxlen: 23
157.180.198.0/23 maxlen: 23
157.180.198.0/24 maxlen: 24
157.180.199.0/24 maxlen: 24
145.14.130.0/24 maxlen: 24
153.92.124.0/24 maxlen: 24
153.92.64.0/24 maxlen: 24
153.92.66.0/24 maxlen: 24
153.92.65.0/24 maxlen: 24
153.92.68.0/24 maxlen: 24
153.92.67.0/24 maxlen: 24
153.92.70.0/24 maxlen: 24
153.92.69.0/24 maxlen: 24
153.92.71.0/24 maxlen: 24
185.74.64.0/24 maxlen: 24
185.74.64.0/23 maxlen: 23
185.74.65.0/24 maxlen: 24
185.74.67.0/24 maxlen: 24
185.74.66.0/23 maxlen: 23
185.74.66.0/24 maxlen: 24
185.27.181.0/24 maxlen: 24
185.27.183.0/24 maxlen: 24
185.27.182.0/23 maxlen: 23
185.27.182.0/24 maxlen: 24
185.27.180.0/24 maxlen: 24
185.27.180.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 22 Jun 2023 12:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:8e:2c:b9:68:ed:5c:50:c4:60:46:47:8e:c9:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Validity
Not Before: Jan 2 07:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a607e18876cdca5087220776ac4fa9a6a9aec5cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4b:ec:a6:3b:07:0b:92:86:77:33:c3:c2:ba:
67:cb:a5:21:ce:dc:c4:ca:19:e6:28:84:85:6a:e8:
ff:34:c5:d3:94:1d:1b:f4:7e:03:d3:56:c3:d3:46:
a4:56:97:f2:29:58:d3:e9:e7:fe:96:9f:59:47:00:
c1:b1:68:69:3d:85:81:ec:3b:d2:9b:e2:d3:aa:e4:
47:35:39:10:9d:54:25:e7:1e:cc:3a:fa:6d:3b:f7:
92:f8:e4:6b:30:3c:30:83:9d:39:cb:82:fa:cb:66:
d0:6a:50:5f:96:81:a5:c3:9c:08:ab:a6:cf:96:48:
b7:75:36:18:30:ac:9d:a0:3d:47:69:aa:e2:01:af:
50:95:89:02:02:08:51:8c:13:9d:c2:80:97:6d:9a:
c6:ed:2e:b8:d9:69:27:47:e4:1a:47:ba:fe:38:95:
51:41:70:e4:cc:70:b7:60:1f:b0:07:1e:1c:8e:01:
0a:db:9b:20:24:3f:00:52:c5:99:1f:14:6c:9d:04:
42:e9:cb:05:dc:11:0e:47:3c:33:67:c9:7e:72:ae:
38:ac:22:e3:16:98:d0:d4:b8:0d:25:fb:b4:8b:e4:
bf:f5:95:b1:b7:3d:39:cc:a4:e5:46:20:26:4e:e8:
49:4a:b1:d6:b2:b8:3a:27:25:19:4a:c3:5d:2a:d0:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:07:E1:88:76:CD:CA:50:87:22:07:76:AC:4F:A9:A6:A9:AE:C5:CF
X509v3 Authority Key Identifier:
keyid:17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/pgfhiHbNylCHIgd2rE-ppqmuxc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.130.0/24
153.92.64.0/21
153.92.124.0/24
153.92.160.0/20
157.97.76.0/22
157.180.192.0/21
185.27.180.0/22
185.74.64.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:85:53:a4:41:bf:01:b7:05:8a:e8:fc:3e:7e:16:c6:9a:0b:
b8:6b:bd:af:c6:a1:a7:78:a1:39:59:09:1a:47:19:63:d6:0a:
10:ea:c5:8d:03:5f:58:2f:97:88:95:f5:b2:6c:f6:2f:32:0c:
bc:54:2d:01:71:48:4d:17:fd:6b:e5:1f:d6:8a:6f:5e:72:7a:
bc:1d:ae:df:89:f3:98:7a:38:29:67:93:88:a0:e4:e7:de:57:
75:9a:fe:9c:34:64:ab:26:23:c3:0c:df:95:41:5b:47:91:8e:
17:67:37:13:fa:24:4d:02:bf:cb:0e:91:9d:40:0d:d9:4d:47:
87:f5:4b:77:2e:8f:07:33:f3:29:c3:4a:b4:d7:e5:07:f5:d2:
4b:ec:31:e0:13:92:ee:b9:8e:49:b2:00:bd:7c:e4:a5:d9:56:
95:69:1c:5e:76:9d:ca:e8:31:bf:8c:4a:b3:4d:d2:87:56:b4:
8b:5d:9f:e5:d1:25:99:13:7a:67:30:a4:a3:95:1a:c4:3d:aa:
b5:88:f8:d7:df:63:da:f8:67:ad:e7:9c:b3:54:4a:99:83:41:
af:d3:c8:7e:b7:e1:bc:72:34:74:ed:d9:44:8d:78:82:ca:76:
e3:92:29:27:5a:b0:29:dc:63:f1:85:b5:17:36:0f:3b:35:80:
cd:4f:c5:ff
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVxXo4suWjtXFDEYEZHjskRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzhjZmMwOWEzNjNhNzNjYzhkZGEzNjJhMmM5ZTgyMjNk
N2RhZDYwHhcNMjMwMTAyMDcyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA3ZTE4ODc2Y2RjYTUwODcyMjA3NzZhYzRmYTlhNmE5YWVjNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0vspjsHC5KGdzPDwrpny6UhztzE
yhnmKISFauj/NMXTlB0b9H4D01bD00akVpfyKVjT6ef+lp9ZRwDBsWhpPYWB7DvS
m+LTquRHNTkQnVQl5x7MOvptO/eS+ORrMDwwg505y4L6y2bQalBfloGlw5wIq6bP
lki3dTYYMKydoD1HaariAa9QlYkCAghRjBOdwoCXbZrG7S642WknR+QaR7r+OJVR
QXDkzHC3YB+wBx4cjgEK25sgJD8AUsWZHxRsnQRC6csF3BEORzwzZ8l+cq44rCLj
FpjQ1LgNJfu0i+S/9ZWxtz05zKTlRiAmTuhJSrHWsrg6JyUZSsNdKtAd+wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKYH4Yh2zcpQhyIHdqxPqaaprsXPMB8GA1UdIwQY
MBaAFBd4z8CaNjpzzI3aNiosnoIj19rWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjIt
MDEwY2YyZGQ0MGFmLzEvcGdmaGlIYk55bENISWdkMnJFLXBwcW11eGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjItMDEwY2YyZGQ0MGFm
LzEvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAkQ6CAwQD
mVxAAwQAmVx8AwQEmVygAwQCnWFMAwQDnbTAAwQCuRu0AwQCuUpAMA0GCSqGSIb3
DQEBCwUAA4IBAQCOhVOkQb8BtwWK6Pw+fhbGmgu4a72vxqGneKE5WQkaRxlj1goQ
6sWNA19YL5eIlfWybPYvMgy8VC0BcUhNF/1r5R/Wim9ecnq8Ha7fifOYejgpZ5OI
oOTn3ld1mv6cNGSrJiPDDN+VQVtHkY4XZzcT+iRNAr/LDpGdQA3ZTUeH9Ut3Lo8H
M/Mpw0q01+UH9dJL7DHgE5LuuY5JsgC9fOSl2VaVaRxedp3K6DG/jEqzTdKHVrSL
XZ/l0SWZE3pnMKSjlRrEPaq1iPjX32Pa+Get55yzVEqZg0Gv08h+t+G8cjR07dlE
jXiCynbjkiknWrAp3GPxhbUXNg87NYDNT8X/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:17 2024 by rpki-client on console-ams.rpki-client.org