Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/PmO32jMDCIs_c-jwgVQfzlDP4Fk.roa
File: PmO32jMDCIs_c-jwgVQfzlDP4Fk.roa (raw, json)
Hash identifier: UrQD3Phsi4RMw7QEnM5M2KI6e/cczqRw6GA6sE0sysc=
Subject key identifier: 3E:63:B7:DA:33:03:08:8B:3F:73:E8:F0:81:54:1F:CE:50:CF:E0:59
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 018C8C03A4B897E2E87CFF4F6E58BE1FEFBB
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/PmO32jMDCIs_c-jwgVQfzlDP4Fk.roa
Signing time: Thu 21 Dec 2023 10:54:58 +0000
ROA not before: Thu 21 Dec 2023 10:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201986
IP address blocks: 178.219.56.0/21 maxlen: 21
178.219.58.0/23 maxlen: 23
109.68.127.0/24 maxlen: 24
194.61.88.0/22 maxlen: 24
185.150.164.0/22 maxlen: 22
185.150.166.0/24 maxlen: 24
185.150.164.0/23 maxlen: 23
185.150.167.0/24 maxlen: 24
185.57.68.0/22 maxlen: 22
45.153.212.0/23 maxlen: 23
45.153.214.0/23 maxlen: 23
2a02:5960::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:03:a4:b8:97:e2:e8:7c:ff:4f:6e:58:be:1f:ef:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Dec 21 10:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e63b7da3303088b3f73e8f081541fce50cfe059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:92:2b:ab:f8:39:7f:66:2f:ce:aa:fe:87:bf:
31:39:cf:d4:39:3c:d9:14:03:ec:a2:85:30:b0:9f:
eb:3b:2a:c7:96:1b:1e:7b:be:78:27:13:8d:91:9b:
1b:74:03:78:56:a3:47:91:9c:a0:7e:87:a1:74:6b:
4f:57:22:fa:12:aa:a5:1c:94:ad:29:58:44:5a:aa:
b6:15:ff:05:19:f1:1a:23:06:ea:4d:22:1b:87:dd:
75:fc:0e:7a:d6:ef:8f:7c:68:c7:ff:9f:6c:3c:e8:
ee:79:99:7a:b4:ea:46:88:9c:2e:40:5c:14:0a:92:
32:e9:58:6f:db:0a:e3:51:6e:db:94:d3:2a:74:c9:
c6:66:93:5c:76:71:ac:45:19:81:e0:3f:37:06:54:
97:6f:e4:8b:d6:59:42:c3:38:fa:11:16:95:87:07:
c2:e0:4a:bb:64:fb:b2:25:b0:0b:76:98:34:39:90:
5e:0f:de:7f:93:82:86:84:66:b0:95:27:c7:d6:fa:
b1:74:77:d4:d0:64:ba:84:69:26:ab:34:69:dd:eb:
1f:51:b4:0e:50:d1:02:cc:32:a6:f4:ba:1b:53:9c:
e0:79:50:c7:11:a4:53:08:52:93:7e:ec:4e:a1:20:
51:ea:46:53:4a:a5:c8:23:bb:d1:dc:55:b9:22:a9:
de:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:63:B7:DA:33:03:08:8B:3F:73:E8:F0:81:54:1F:CE:50:CF:E0:59
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/PmO32jMDCIs_c-jwgVQfzlDP4Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.212.0/22
109.68.127.0/24
178.219.56.0/21
185.57.68.0/22
185.150.164.0/22
194.61.88.0/22
IPv6:
2a02:5960::/32
Signature Algorithm: sha256WithRSAEncryption
00:75:b4:5b:d0:b1:67:08:be:f8:f2:03:12:2a:c9:7a:19:a5:
88:d6:20:9e:62:03:58:6a:0b:2b:7b:78:45:33:5a:d9:5f:dc:
05:16:89:73:96:ec:1d:62:54:02:bd:59:9b:53:1e:d9:f3:09:
30:44:11:eb:3e:ec:70:61:15:54:f5:89:5b:93:fe:cb:f9:ea:
f8:24:c4:14:93:a2:0a:99:f4:39:7b:c0:7a:a0:e5:ba:30:c2:
b6:67:84:e4:2a:ec:ad:d8:a2:f6:3f:5b:49:ac:17:d9:9e:a1:
ee:26:a0:1a:de:2b:2c:5a:da:ab:41:67:81:10:6c:1e:b1:ca:
86:18:5d:ec:b3:a2:fe:68:d0:50:a8:99:18:11:47:07:47:be:
fa:a9:0a:eb:20:24:24:b7:15:9d:3b:7f:b2:e7:38:f6:f2:ea:
42:f0:11:e2:89:82:c9:a9:1a:7b:d5:9c:27:cd:ba:ba:87:b8:
be:bf:69:25:dd:6b:fc:e3:dd:f9:02:32:70:1d:a3:6a:7c:3a:
73:f8:cd:c6:2d:06:b0:e7:68:8f:97:89:1e:0f:92:10:67:21:
79:73:e3:fe:36:72:4f:e1:3d:89:4f:6b:2e:96:de:49:22:82:
ca:37:ed:3f:f9:79:ee:34:bc:04:ea:b4:83:62:c0:39:30:86:
11:43:e9:19
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYyMA6S4l+LofP9Pbli+H++7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjMxMjIxMTA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTYzYjdkYTMzMDMwODhiM2Y3M2U4ZjA4MTU0MWZjZTUwY2ZlMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZIrq/g5f2Yvzqr+h78xOc/UOTzZ
FAPsooUwsJ/rOyrHlhsee754JxONkZsbdAN4VqNHkZygfoehdGtPVyL6EqqlHJSt
KVhEWqq2Ff8FGfEaIwbqTSIbh911/A561u+PfGjH/59sPOjueZl6tOpGiJwuQFwU
CpIy6Vhv2wrjUW7blNMqdMnGZpNcdnGsRRmB4D83BlSXb+SL1llCwzj6ERaVhwfC
4Eq7ZPuyJbALdpg0OZBeD95/k4KGhGawlSfH1vqxdHfU0GS6hGkmqzRp3esfUbQO
UNECzDKm9LobU5zgeVDHEaRTCFKTfuxOoSBR6kZTSqXII7vR3FW5Iqne5wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFD5jt9ozAwiLP3Po8IFUH85Qz+BZMB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvUG1PMzJqTURDSXNfYy1qd2dWUWZ6bERQNEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZnUAwQA
bUR/AwQDsts4AwQCuTlEAwQCuZakAwQCwj1YMA0EAgACMAcDBQAqAllgMA0GCSqG
SIb3DQEBCwUAA4IBAQAAdbRb0LFnCL748gMSKsl6GaWI1iCeYgNYagsre3hFM1rZ
X9wFFolzluwdYlQCvVmbUx7Z8wkwRBHrPuxwYRVU9Ylbk/7L+er4JMQUk6IKmfQ5
e8B6oOW6MMK2Z4TkKuyt2KL2P1tJrBfZnqHuJqAa3issWtqrQWeBEGwescqGGF3s
s6L+aNBQqJkYEUcHR776qQrrICQktxWdO3+y5zj28upC8BHiiYLJqRp71Zwnzbq6
h7i+v2kl3Wv84935AjJwHaNqfDpz+M3GLQaw52iPl4keD5IQZyF5c+P+NnJP4T2J
T2sult5JIoLKN+0/+XnuNLwE6rSDYsA5MIYRQ+kZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:24 2024 by rpki-client on console-ams.rpki-client.org