Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Pwn3NbbQFesHA6i1MAUkPqNmRNc.roa
File: Pwn3NbbQFesHA6i1MAUkPqNmRNc.roa (raw, json)
Hash identifier: jnoUh0rkkkPtZPU+jVml8Yc8vGON1ec3K5ENv0l9gAQ=
Subject key identifier: 3F:09:F7:35:B6:D0:15:EB:07:03:A8:B5:30:05:24:3E:A3:66:44:D7
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D3A78308E943DB53FBED35FC5D5B530F3
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Pwn3NbbQFesHA6i1MAUkPqNmRNc.roa
Signing time: Wed 24 Jan 2024 07:56:11 +0000
ROA not before: Wed 24 Jan 2024 07:56:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 89.251.18.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
146.19.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Mar 2024 19:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:78:30:8e:94:3d:b5:3f:be:d3:5f:c5:d5:b5:30:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 24 07:56:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f09f735b6d015eb0703a8b53005243ea36644d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d5:a8:b1:6f:ed:c8:1f:38:06:57:eb:ac:1a:
99:0b:1b:8f:70:d9:0b:08:5c:eb:96:f4:06:50:b4:
56:14:6b:83:3e:d0:a5:8a:05:12:1b:18:3f:cd:85:
d5:bd:9f:85:ae:cd:a1:a4:0b:3f:0e:8a:29:9d:98:
17:ca:60:79:a6:de:1b:10:1d:b0:f4:44:b6:c4:28:
93:0e:02:e4:48:b9:57:78:3e:47:d5:5f:e7:11:12:
25:ce:ac:36:3e:30:c6:66:3d:95:78:bc:70:09:56:
a4:16:b6:9e:74:2d:09:59:94:3a:b2:75:01:96:79:
e8:7f:0d:cf:e4:28:00:3e:6e:2a:92:11:03:50:e7:
e0:10:a4:f1:a4:7c:47:b9:a7:a2:21:38:3e:da:72:
f3:d5:e6:7c:b8:d2:4f:a2:48:dc:72:74:be:ee:97:
c9:36:b5:57:aa:e5:20:04:d4:02:f0:9f:1d:df:cb:
13:87:8e:2e:7e:97:52:77:f5:af:f3:e4:01:be:8f:
3f:9d:9c:df:ac:10:e8:7b:3a:4b:9f:03:2e:79:81:
cf:0f:86:66:10:f6:38:ee:bd:fb:29:ce:ba:53:a2:
85:87:98:25:98:aa:9f:d2:1a:69:e1:ef:9d:48:c5:
c7:02:bf:fe:7a:96:a7:a9:39:05:56:7c:9f:c2:94:
cb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:09:F7:35:B6:D0:15:EB:07:03:A8:B5:30:05:24:3E:A3:66:44:D7
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Pwn3NbbQFesHA6i1MAUkPqNmRNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.20.0/24
89.251.31.0/24
109.122.44.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
36:60:f1:74:46:45:8d:de:fb:b9:cb:9c:26:5d:a3:58:40:2d:
de:e2:0b:c9:9c:d4:ad:22:24:f5:19:b4:52:08:03:17:bc:ef:
16:c2:2d:e0:51:fd:b6:ca:4d:5f:54:da:d5:9f:27:3f:b1:ec:
03:89:97:9b:27:78:b2:e3:ca:67:49:51:be:42:51:db:d6:db:
cb:18:57:ec:7b:d1:8b:d9:41:59:62:da:9b:ba:84:de:7d:44:
3b:b0:a4:53:67:c4:e0:75:7f:75:0f:5e:f1:21:85:0b:1f:89:
36:ed:90:b4:03:8f:37:ea:65:0f:c3:07:c6:bd:03:ed:d4:2b:
28:05:bd:f9:21:ec:26:c3:26:07:a3:cf:87:76:03:0e:ac:23:
e9:7b:d8:ae:30:18:cb:4d:10:56:e3:c8:7a:dc:6a:77:1e:a8:
5f:10:bc:2b:bc:90:54:e6:6f:25:28:4c:91:05:be:36:f1:ec:
3f:7f:29:66:16:73:8b:f0:8d:10:93:e1:d5:89:61:85:9d:1c:
2b:15:90:e1:28:31:de:93:e0:9d:7b:ef:1d:5e:ae:e6:d6:92:
b1:34:c9:3f:08:e4:5a:4a:fd:db:77:4e:bf:16:7a:b5:ab:26:
65:69:fa:c5:b6:e3:f9:8e:d7:3a:49:51:71:cd:55:ea:d9:1b:
48:50:4f:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY06eDCOlD21P77TX8XVtTDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTI0MDc1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA5ZjczNWI2ZDAxNWViMDcwM2E4YjUzMDA1MjQzZWEzNjY0NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9WosW/tyB84BlfrrBqZCxuPcNkL
CFzrlvQGULRWFGuDPtCligUSGxg/zYXVvZ+Frs2hpAs/DoopnZgXymB5pt4bEB2w
9ES2xCiTDgLkSLlXeD5H1V/nERIlzqw2PjDGZj2VeLxwCVakFraedC0JWZQ6snUB
lnnofw3P5CgAPm4qkhEDUOfgEKTxpHxHuaeiITg+2nLz1eZ8uNJPokjccnS+7pfJ
NrVXquUgBNQC8J8d38sTh44ufpdSd/Wv8+QBvo8/nZzfrBDoezpLnwMueYHPD4Zm
EPY47r37Kc66U6KFh5glmKqf0hpp4e+dSMXHAr/+epanqTkFVnyfwpTLxwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD8J9zW20BXrBwOotTAFJD6jZkTXMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUHduM05iYlFGZXNIQTZpMU1BVWtQcU5tUk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfsSAwQA
WfsUAwQAWfsfAwQAbXosAwQAkhM4MA0GCSqGSIb3DQEBCwUAA4IBAQA2YPF0RkWN
3vu5y5wmXaNYQC3e4gvJnNStIiT1GbRSCAMXvO8Wwi3gUf22yk1fVNrVnyc/sewD
iZebJ3iy48pnSVG+QlHb1tvLGFfse9GL2UFZYtqbuoTefUQ7sKRTZ8TgdX91D17x
IYULH4k27ZC0A4836mUPwwfGvQPt1CsoBb35IewmwyYHo8+HdgMOrCPpe9iuMBjL
TRBW48h63Gp3HqhfELwrvJBU5m8lKEyRBb428ew/fylmFnOL8I0Qk+HViWGFnRwr
FZDhKDHek+Cde+8dXq7m1pKxNMk/CORaSv3bd06/Fnq1qyZlafrFtuP5jtc6SVFx
zVXq2RtIUE/N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org