Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/pcMAu_0QtcrkY3mGDPj97T7VeaM.roa
File: pcMAu_0QtcrkY3mGDPj97T7VeaM.roa (raw, json)
Hash identifier: 2715pVBWy+fBAbuxuwofVjz2wFazcXPV7QYayz6rQck=
Subject key identifier: A5:C3:00:BB:FD:10:B5:CA:E4:63:79:86:0C:F8:FD:ED:3E:D5:79:A3
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 018570675D7BC9FC5EBE93987B87AFFE953E
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/pcMAu_0QtcrkY3mGDPj97T7VeaM.roa
Signing time: Mon 02 Jan 2023 02:55:00 +0000
ROA not before: Mon 02 Jan 2023 02:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22822
IP address blocks: 95.140.224.0/22 maxlen: 22
95.140.224.0/20 maxlen: 24
87.248.192.0/19 maxlen: 24
46.228.144.0/20 maxlen: 24
87.248.210.0/23 maxlen: 23
87.248.212.0/23 maxlen: 23
216.247.120.0/21 maxlen: 24
185.178.52.0/22 maxlen: 22
46.183.88.0/21 maxlen: 24
178.249.105.0/24 maxlen: 24
178.249.104.0/21 maxlen: 24
185.116.100.0/22 maxlen: 22
178.79.203.0/24 maxlen: 24
178.79.214.0/23 maxlen: 23
178.79.228.0/23 maxlen: 23
178.79.230.0/23 maxlen: 23
178.79.232.0/22 maxlen: 22
178.79.236.0/22 maxlen: 22
178.79.240.0/21 maxlen: 21
178.79.248.0/21 maxlen: 21
178.79.196.0/23 maxlen: 23
178.79.192.0/18 maxlen: 24
2a02:3d0:621::/48 maxlen: 48
2a02:3d0:601::/48 maxlen: 48
2a02:3d0::/32 maxlen: 48
2a02:3d0:600::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Nov 2023 06:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:5d:7b:c9:fc:5e:be:93:98:7b:87:af:fe:95:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Jan 2 02:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5c300bbfd10b5cae46379860cf8fded3ed579a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0c:fd:59:ad:6d:e5:3b:71:7b:3e:78:09:19:
08:cb:be:12:0c:1b:bf:68:ab:18:92:d1:22:58:58:
d9:d5:84:3a:47:3c:80:7b:91:14:09:fe:b4:2a:4f:
ef:be:51:af:68:81:f4:8a:ba:51:ba:f1:7f:d1:dd:
e8:a8:0a:cd:6e:51:13:93:48:ac:2a:43:2e:fb:83:
6a:8d:13:43:3f:7b:93:2f:36:67:f3:08:b3:c5:fc:
fe:a6:a5:65:f7:8f:98:53:b3:88:57:8a:ca:fa:5e:
2a:f6:81:84:51:7c:ae:6b:42:b8:06:5e:40:9d:e2:
ea:a1:c8:2c:a0:1a:b9:15:1c:d6:c7:2d:15:3e:1b:
61:3c:af:d0:5b:ee:87:0f:27:2e:4e:80:1c:b3:2e:
7c:21:bc:7c:56:8f:2b:17:6c:5d:fb:b7:e2:a3:63:
89:d1:1f:b0:5b:e8:58:2a:4c:7a:4f:2f:35:09:e5:
52:a3:0e:b4:c4:9d:5a:91:42:33:64:4f:41:72:c9:
fd:65:56:5a:b0:b8:71:e9:2a:44:fe:9f:c2:ff:9a:
55:00:eb:81:e3:6f:b9:f9:6e:92:dc:55:74:3c:b8:
af:c8:e6:3f:af:bc:64:1e:53:8b:fc:cc:10:f8:60:
17:1a:05:e0:a1:0e:2a:0d:1a:da:76:bb:f8:c6:e3:
75:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C3:00:BB:FD:10:B5:CA:E4:63:79:86:0C:F8:FD:ED:3E:D5:79:A3
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/pcMAu_0QtcrkY3mGDPj97T7VeaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.88.0/21
46.228.144.0/20
87.248.192.0/19
95.140.224.0/20
178.79.192.0/18
178.249.104.0/21
185.116.100.0/22
185.178.52.0/22
216.247.120.0/21
IPv6:
2a02:3d0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:d0:f7:57:08:da:a6:01:42:1a:11:30:dc:71:ae:24:d4:f6:
cd:cc:01:06:7f:29:01:4e:dd:6b:86:1e:d8:75:61:32:79:b4:
69:f6:17:48:91:3f:6c:09:92:ab:4f:c1:b5:17:fc:ce:38:f7:
80:45:8e:38:cf:23:a0:5a:9d:b5:4b:bd:e2:9a:cf:4a:aa:c2:
ed:40:0f:30:6b:8e:47:2c:5a:a6:e2:75:3a:67:0f:4a:2a:88:
7d:2e:db:5c:dc:8b:0a:42:e3:3c:e4:53:d9:02:37:bf:90:7e:
96:cd:e6:02:3a:17:39:51:d4:58:33:3a:89:d3:cd:02:69:4e:
ad:c9:24:49:ad:7f:72:01:a3:6e:7e:a7:fb:bc:ed:0a:6d:a9:
ee:b1:8c:c7:4e:bd:a0:66:8b:76:69:83:fd:24:8f:a1:a7:5e:
43:f4:06:02:9a:b7:2d:2e:4c:c1:c9:36:ae:fb:3f:1b:54:a9:
cd:1c:18:d8:df:5e:b7:58:60:2d:cf:e8:d1:1a:1d:1b:51:0d:
0a:1c:d1:14:0c:1c:f9:ee:8f:39:0a:dc:f5:ec:a9:56:79:f5:
0e:d4:8f:41:2a:e1:a1:5a:a4:ce:ca:01:5a:51:e7:c2:85:55:
12:ee:04:bc:67:7f:43:8f:24:55:82:8e:9d:74:02:14:e8:a6:
c6:42:00:1b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVwZ117yfxevpOYe4ev/pU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjMwMTAyMDI1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWMzMDBiYmZkMTBiNWNhZTQ2Mzc5ODYwY2Y4ZmRlZDNlZDU3OWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQz9Wa1t5Ttxez54CRkIy74SDBu/
aKsYktEiWFjZ1YQ6RzyAe5EUCf60Kk/vvlGvaIH0irpRuvF/0d3oqArNblETk0is
KkMu+4NqjRNDP3uTLzZn8wizxfz+pqVl94+YU7OIV4rK+l4q9oGEUXyua0K4Bl5A
neLqocgsoBq5FRzWxy0VPhthPK/QW+6HDycuToAcsy58Ibx8Vo8rF2xd+7fio2OJ
0R+wW+hYKkx6Ty81CeVSow60xJ1akUIzZE9Bcsn9ZVZasLhx6SpE/p/C/5pVAOuB
42+5+W6S3FV0PLivyOY/r7xkHlOL/MwQ+GAXGgXgoQ4qDRradrv4xuN14wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKXDALv9ELXK5GN5hgz4/e0+1XmjMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvcGNNQXVfMFF0Y3JrWTNtR0RQajk3VDdWZWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLrdYAwQE
LuSQAwQFV/jAAwQEX4zgAwQGsk/AAwQDsvloAwQCuXRkAwQCubI0AwQD2Pd4MA0E
AgACMAcDBQAqAgPQMA0GCSqGSIb3DQEBCwUAA4IBAQBL0PdXCNqmAUIaETDcca4k
1PbNzAEGfykBTt1rhh7YdWEyebRp9hdIkT9sCZKrT8G1F/zOOPeARY44zyOgWp21
S73ims9KqsLtQA8wa45HLFqm4nU6Zw9KKoh9Lttc3IsKQuM85FPZAje/kH6WzeYC
Ohc5UdRYMzqJ080CaU6tySRJrX9yAaNufqf7vO0KbanusYzHTr2gZot2aYP9JI+h
p15D9AYCmrctLkzByTau+z8bVKnNHBjY3163WGAtz+jRGh0bUQ0KHNEUDBz57o85
Ctz17KlWefUO1I9BKuGhWqTOygFaUefChVUS7gS8Z39DjyRVgo6ddAIU6KbGQgAb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:01 2024 by rpki-client on console-ams.rpki-client.org