Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/PYv8goowpaV4YE1_xhJex8xYBFE.roa
File: PYv8goowpaV4YE1_xhJex8xYBFE.roa (raw, json)
Hash identifier: TMpVS2gy5tKl00JF8OpZuBADxRVqwUsKZK3wI7y4UtE=
Subject key identifier: 3D:8B:FC:82:8A:30:A5:A5:78:60:4D:7F:C6:12:5E:C7:CC:58:04:51
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 018BD6D7032DBF0358752F37C719D40A9C7E
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/PYv8goowpaV4YE1_xhJex8xYBFE.roa
Signing time: Thu 16 Nov 2023 06:34:57 +0000
ROA not before: Thu 16 Nov 2023 06:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22822
IP address blocks: 95.140.224.0/22 maxlen: 22
95.140.224.0/20 maxlen: 24
87.248.192.0/19 maxlen: 24
46.228.144.0/20 maxlen: 24
87.248.210.0/23 maxlen: 23
87.248.212.0/23 maxlen: 23
216.247.120.0/21 maxlen: 24
185.178.52.0/24 maxlen: 24
185.178.52.0/22 maxlen: 22
46.183.88.0/21 maxlen: 24
178.249.105.0/24 maxlen: 24
178.249.104.0/21 maxlen: 24
185.116.100.0/22 maxlen: 22
178.79.203.0/24 maxlen: 24
178.79.214.0/23 maxlen: 23
178.79.228.0/23 maxlen: 23
178.79.230.0/23 maxlen: 23
178.79.232.0/22 maxlen: 22
178.79.236.0/22 maxlen: 22
178.79.240.0/21 maxlen: 21
178.79.248.0/21 maxlen: 21
178.79.196.0/23 maxlen: 23
178.79.192.0/18 maxlen: 24
2a02:3d0:601::/48 maxlen: 48
2a02:3d0:621::/48 maxlen: 48
2a02:3d0::/32 maxlen: 48
2a02:3d0:600::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Nov 2023 10:16:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:d7:03:2d:bf:03:58:75:2f:37:c7:19:d4:0a:9c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Nov 16 06:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d8bfc828a30a5a578604d7fc6125ec7cc580451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fd:7f:c9:3b:27:68:54:ee:97:44:91:01:f4:
a1:fc:8d:49:50:36:b1:89:10:1a:cb:3f:91:32:f3:
39:e9:61:e6:88:1b:64:7d:2d:65:44:ed:02:a5:ba:
19:5b:1d:cf:8b:ae:3e:b0:66:c5:dc:ff:01:40:e8:
b6:0c:07:5f:c6:3a:58:a1:b1:fa:c2:d0:24:0f:c4:
c1:6c:58:60:0d:15:6d:93:c7:25:33:14:0f:c9:57:
ba:ad:d1:9e:df:75:c3:47:a5:70:8f:dc:64:fc:e0:
23:08:de:e5:6e:ef:78:9b:d9:1b:61:00:00:03:83:
70:c9:ae:42:09:de:26:b9:c5:b3:76:9a:36:42:6f:
b3:af:29:80:31:e8:9b:a6:cb:41:55:86:d9:6d:e9:
1e:e8:a7:39:80:d3:50:cf:43:27:b1:fc:d3:a2:a1:
50:fc:75:00:80:98:dd:56:e7:7b:15:a3:2e:7d:7c:
e4:94:b8:72:52:c1:9f:f8:b8:4b:06:75:ab:60:21:
83:98:4c:1b:63:2b:a2:0a:10:b7:2d:31:20:55:37:
66:66:f4:d3:35:99:8f:bd:a9:93:58:72:62:48:67:
cc:5e:90:17:1d:d5:45:9a:0d:67:cb:b6:be:4b:c5:
3b:b3:1e:16:dc:11:64:46:39:f9:11:81:e1:cf:f0:
e8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:FC:82:8A:30:A5:A5:78:60:4D:7F:C6:12:5E:C7:CC:58:04:51
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/PYv8goowpaV4YE1_xhJex8xYBFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.88.0/21
46.228.144.0/20
87.248.192.0/19
95.140.224.0/20
178.79.192.0/18
178.249.104.0/21
185.116.100.0/22
185.178.52.0/22
216.247.120.0/21
IPv6:
2a02:3d0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:8f:12:43:b6:8c:bb:b6:f9:c9:72:6b:27:02:73:d0:96:f0:
d0:db:74:90:a7:9f:93:1f:51:28:97:0c:18:50:81:5d:ad:be:
62:ce:8c:d9:14:df:76:46:16:3c:bb:1c:cb:97:5f:94:d7:67:
b1:a0:7b:d1:4e:9e:71:25:53:b3:10:fb:11:87:cb:ba:5b:03:
b1:ea:10:1d:64:8e:03:9d:1b:b0:64:66:b8:69:23:cc:01:a1:
66:64:56:ea:64:5d:cf:3a:31:3a:bb:b7:fe:a8:8d:93:80:cf:
2a:30:af:24:af:d6:40:45:ac:57:0e:4b:67:e8:97:40:26:7e:
17:da:84:3e:ff:13:d8:c6:31:76:6f:ff:ad:9d:c3:23:a6:ec:
04:4f:b0:bc:4c:6c:81:4b:1e:88:3e:cd:08:8a:69:31:49:30:
14:f3:0b:58:00:e4:f1:7c:22:f3:b5:66:b1:35:e2:eb:52:5c:
6d:30:15:db:80:2e:b4:c0:05:70:3c:ac:43:91:69:70:4c:0b:
16:b1:ca:29:21:1a:8c:ad:9b:96:a0:8b:d1:3d:2c:89:f9:9a:
f4:8a:7f:0a:5c:a2:cf:82:ee:2d:b8:4e:fb:d4:91:ba:dc:34:
ec:75:c6:0b:55:ae:21:ba:5a:cd:ac:0c:89:81:89:83:fc:38:
e3:0b:c9:13
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYvW1wMtvwNYdS83xxnUCpx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjMxMTE2MDYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhiZmM4MjhhMzBhNWE1Nzg2MDRkN2ZjNjEyNWVjN2NjNTgwNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0f1/yTsnaFTul0SRAfSh/I1JUDax
iRAayz+RMvM56WHmiBtkfS1lRO0CpboZWx3Pi64+sGbF3P8BQOi2DAdfxjpYobH6
wtAkD8TBbFhgDRVtk8clMxQPyVe6rdGe33XDR6Vwj9xk/OAjCN7lbu94m9kbYQAA
A4Nwya5CCd4mucWzdpo2Qm+zrymAMeibpstBVYbZbeke6Kc5gNNQz0MnsfzToqFQ
/HUAgJjdVud7FaMufXzklLhyUsGf+LhLBnWrYCGDmEwbYyuiChC3LTEgVTdmZvTT
NZmPvamTWHJiSGfMXpAXHdVFmg1ny7a+S8U7sx4W3BFkRjn5EYHhz/DoVwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFD2L/IKKMKWleGBNf8YSXsfMWARRMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvUFl2OGdvb3dwYVY0WUUxX3hoSmV4OHhZQkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLrdYAwQE
LuSQAwQFV/jAAwQEX4zgAwQGsk/AAwQDsvloAwQCuXRkAwQCubI0AwQD2Pd4MA0E
AgACMAcDBQAqAgPQMA0GCSqGSIb3DQEBCwUAA4IBAQAcjxJDtoy7tvnJcmsnAnPQ
lvDQ23SQp5+TH1EolwwYUIFdrb5izozZFN92RhY8uxzLl1+U12exoHvRTp5xJVOz
EPsRh8u6WwOx6hAdZI4DnRuwZGa4aSPMAaFmZFbqZF3POjE6u7f+qI2TgM8qMK8k
r9ZARaxXDktn6JdAJn4X2oQ+/xPYxjF2b/+tncMjpuwET7C8TGyBSx6IPs0Iimkx
STAU8wtYAOTxfCLztWaxNeLrUlxtMBXbgC60wAVwPKxDkWlwTAsWscopIRqMrZuW
oIvRPSyJ+Zr0in8KXKLPgu4tuE771JG63DTsdcYLVa4hulrNrAyJgYmD/DjjC8kT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:18 2024 by rpki-client on console-fra.rpki-client.org