Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/pMmqyhYBi-bTR2WXp8G6qJ4AJbs.roa
File: pMmqyhYBi-bTR2WXp8G6qJ4AJbs.roa (raw, json)
Hash identifier: agu8ytivTraxMJZ3gU9z+379m/8Xk7vl8rwslHa01P4=
Subject key identifier: A4:C9:AA:CA:16:01:8B:E6:D3:47:65:97:A7:C1:BA:A8:9E:00:25:BB
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018E0F8028E3759B2D43CCF5A4B71E0EDF9B
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/pMmqyhYBi-bTR2WXp8G6qJ4AJbs.roa
Signing time: Tue 05 Mar 2024 16:44:01 +0000
ROA not before: Tue 05 Mar 2024 16:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56884
IP address blocks: 62.122.188.0/24 maxlen: 24
84.246.111.0/24 maxlen: 24
91.247.178.0/24 maxlen: 24
176.97.213.0/24 maxlen: 24
178.23.188.0/24 maxlen: 24
194.26.223.0/24 maxlen: 24
213.232.252.0/24 maxlen: 24
2a13:e400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 27 Mar 2024 12:53:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:80:28:e3:75:9b:2d:43:cc:f5:a4:b7:1e:0e:df:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Mar 5 16:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4c9aaca16018be6d3476597a7c1baa89e0025bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:ec:c1:c0:b7:e4:04:6d:7c:81:c8:95:b7:
2e:ac:a9:fa:47:71:9d:1f:fe:14:a6:c4:a4:58:6e:
5a:19:58:69:a0:53:d3:61:4f:b8:f6:dc:48:9d:9f:
7d:7e:7f:46:95:94:e8:3e:ba:cd:64:b7:e4:1a:2f:
ff:9f:f0:db:59:23:f6:7d:b3:d0:90:f5:62:62:de:
5b:6d:3a:ae:05:57:b6:db:04:87:35:cc:4a:6c:d5:
79:99:b9:d4:00:2e:15:93:05:d6:33:b6:33:04:11:
1c:fd:a5:84:9c:60:37:96:6d:af:1a:b2:43:c0:72:
bf:54:c2:37:aa:3c:13:37:c8:ab:96:3d:e1:c0:c1:
b0:6a:0f:e3:b4:3c:ff:18:81:04:e4:60:8d:d4:8d:
1a:81:a1:a5:9c:e4:e1:26:be:69:2f:51:13:0e:34:
38:de:e8:06:94:fa:86:6d:4b:8e:eb:52:11:02:1d:
05:96:ea:4e:f1:a1:29:e6:bf:ad:5c:8c:09:8c:ef:
b9:2b:8f:47:32:79:49:29:25:9c:0a:3e:a1:b4:e7:
90:b0:e0:43:ba:12:97:08:0a:bf:a0:2d:29:b5:33:
e4:16:f2:1b:e2:52:06:85:0d:c3:38:a3:0f:1d:a2:
1a:7c:4a:7d:bc:c4:90:73:51:ab:13:42:bd:78:fe:
0b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C9:AA:CA:16:01:8B:E6:D3:47:65:97:A7:C1:BA:A8:9E:00:25:BB
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/pMmqyhYBi-bTR2WXp8G6qJ4AJbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.188.0/24
84.246.111.0/24
91.247.178.0/24
176.97.213.0/24
178.23.188.0/24
194.26.223.0/24
213.232.252.0/24
IPv6:
2a13:e400::/29
Signature Algorithm: sha256WithRSAEncryption
6c:d4:92:20:dc:5a:94:36:0e:29:8d:91:f0:dc:b5:3d:d5:33:
d0:aa:d0:cf:79:24:d4:0d:f5:7a:59:9f:95:2a:3d:65:b2:32:
38:27:77:41:f0:8d:be:64:90:85:2a:f5:4f:20:a2:91:f5:eb:
3f:79:7c:1b:36:b7:db:ae:7e:14:3d:51:f7:74:9a:a0:e5:91:
ae:c3:ca:e2:c5:bc:ba:0f:aa:32:e7:15:96:89:e6:8b:d5:0c:
e5:9a:b6:17:3a:61:92:1c:38:6e:ce:8f:f5:4a:c1:48:f6:af:
da:7d:3f:9a:49:17:02:d8:34:3a:50:46:48:dc:bb:95:96:28:
ad:23:77:d8:2b:bd:ff:64:46:94:ee:59:2c:61:53:a8:4b:fd:
34:0b:a4:1b:e0:84:bd:b6:0f:13:a1:7e:3c:8c:d4:71:14:f5:
46:75:c9:a5:a7:00:3e:7b:50:67:60:ed:57:76:09:23:82:ed:
a0:12:6e:2f:14:dc:fc:c2:49:9e:80:06:0b:ef:ec:98:a5:73:
d1:57:64:00:89:22:de:c9:1d:dc:bc:ca:7b:b4:09:a9:92:8a:
86:7e:87:9f:7b:3d:d3:25:65:96:50:e0:ff:4c:75:45:5f:6a:
09:82:f5:a6:ce:c7:10:93:b8:f2:b0:46:25:04:ff:9b:cc:af:
be:f9:e9:b7
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY4PgCjjdZstQ8z1pLceDt+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMzA1MTY0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGM5YWFjYTE2MDE4YmU2ZDM0NzY1OTdhN2MxYmFhODllMDAyNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVjswcC35ARtfIHIlbcurKn6R3Gd
H/4UpsSkWG5aGVhpoFPTYU+49txInZ99fn9GlZToPrrNZLfkGi//n/DbWSP2fbPQ
kPViYt5bbTquBVe22wSHNcxKbNV5mbnUAC4VkwXWM7YzBBEc/aWEnGA3lm2vGrJD
wHK/VMI3qjwTN8irlj3hwMGwag/jtDz/GIEE5GCN1I0agaGlnOThJr5pL1ETDjQ4
3ugGlPqGbUuO61IRAh0FlupO8aEp5r+tXIwJjO+5K49HMnlJKSWcCj6htOeQsOBD
uhKXCAq/oC0ptTPkFvIb4lIGhQ3DOKMPHaIafEp9vMSQc1GrE0K9eP4L8wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKTJqsoWAYvm00dll6fBuqieACW7MB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvcE1tcXloWUJpLWJUUjJXWHA4RzZxSjRBSmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAPnq8AwQA
VPZvAwQAW/eyAwQAsGHVAwQAshe8AwQAwhrfAwQA1ej8MA0EAgACMAcDBQMqE+QA
MA0GCSqGSIb3DQEBCwUAA4IBAQBs1JIg3FqUNg4pjZHw3LU91TPQqtDPeSTUDfV6
WZ+VKj1lsjI4J3dB8I2+ZJCFKvVPIKKR9es/eXwbNrfbrn4UPVH3dJqg5ZGuw8ri
xby6D6oy5xWWieaL1QzlmrYXOmGSHDhuzo/1SsFI9q/afT+aSRcC2DQ6UEZI3LuV
liitI3fYK73/ZEaU7lksYVOoS/00C6Qb4IS9tg8ToX48jNRxFPVGdcmlpwA+e1Bn
YO1Xdgkjgu2gEm4vFNz8wkmegAYL7+yYpXPRV2QAiSLeyR3cvMp7tAmpkoqGfoef
ez3TJWWWUOD/THVFX2oJgvWmzscQk7jysEYlBP+bzK+++em3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:01 2024 by rpki-client on console-fra.rpki-client.org