Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Pcwfrnuem12GW7HVEu0Mlu_fZ5o.roa
File: Pcwfrnuem12GW7HVEu0Mlu_fZ5o.roa (raw, json)
Hash identifier: 4OiZPXMViY94kvH9DBrLZfXXPvB8MDamX/igkT9rDqs=
Subject key identifier: 3D:CC:1F:AE:7B:9E:9B:5D:86:5B:B1:D5:12:ED:0C:96:EF:DF:67:9A
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 019112EC0B75F818FDE507D6013CBCFF8F28
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Pcwfrnuem12GW7HVEu0Mlu_fZ5o.roa
Signing time: Fri 02 Aug 2024 11:49:04 +0000
ROA not before: Fri 02 Aug 2024 11:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 21
37.98.232.0/22 maxlen: 22
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 22
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.100.0/22 maxlen: 22
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.120.0/22 maxlen: 22
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.136.0/22 maxlen: 22
148.139.140.0/24 maxlen: 24
148.139.142.0/24 maxlen: 24
148.139.143.0/24 maxlen: 24
148.139.144.0/22 maxlen: 22
148.139.148.0/22 maxlen: 22
148.139.152.0/22 maxlen: 22
148.139.156.0/22 maxlen: 22
148.139.160.0/20 maxlen: 20
148.139.176.0/20 maxlen: 20
157.5.128.0/17 maxlen: 17
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
2a04:37c0::/29 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:3910::/48 maxlen: 48
2a04:37c0:3920::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Aug 2024 23:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:ec:0b:75:f8:18:fd:e5:07:d6:01:3c:bc:ff:8f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Aug 2 11:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dcc1fae7b9e9b5d865bb1d512ed0c96efdf679a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:88:da:eb:15:9d:d9:81:e1:32:65:3b:88:9c:
57:7c:45:84:5b:45:21:0c:49:84:15:98:87:76:55:
cc:57:70:86:73:f4:59:d7:00:41:07:c8:92:ed:bb:
9e:f2:75:20:db:b0:45:d4:d7:3e:e1:47:14:c9:96:
fe:7e:a7:5b:cf:33:fc:b0:28:aa:4b:2a:23:4a:71:
ff:68:05:e4:8f:86:98:a0:79:b2:90:35:04:66:19:
32:36:ac:e3:3c:aa:6f:cb:31:43:2f:0f:c9:d1:90:
9d:4a:17:fa:57:95:52:7d:19:7f:c3:01:6d:b8:24:
fe:39:6c:81:a6:e3:1e:34:96:20:84:e4:a8:4e:ba:
10:4c:a3:22:3f:1e:ec:46:66:2d:ee:a4:f9:74:75:
9e:99:59:d0:39:5f:91:33:2a:b2:61:ef:9f:ac:3b:
48:f4:0b:78:8e:63:a0:22:c3:d4:70:4d:85:52:cd:
85:40:25:83:6f:06:52:6d:99:82:90:76:7e:29:b5:
bd:63:dd:0c:60:13:58:4b:f8:6d:16:98:86:17:48:
71:19:8e:ad:ff:43:b5:f2:98:7a:06:ba:57:56:41:
82:44:05:f8:05:7a:5f:61:16:22:ed:f3:9b:7a:30:
c9:39:98:ee:e1:9b:2b:a1:cc:03:b3:07:95:fb:d4:
9b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CC:1F:AE:7B:9E:9B:5D:86:5B:B1:D5:12:ED:0C:96:EF:DF:67:9A
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Pcwfrnuem12GW7HVEu0Mlu_fZ5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:0f:c7:66:3d:16:06:cc:f1:2f:69:9c:b0:72:f5:1b:79:f7:
07:b2:ee:6f:ca:70:4a:a2:78:2a:7a:08:38:8c:db:fc:b1:79:
f9:cb:7e:91:e4:2f:f4:df:5d:6b:56:0a:d6:ed:24:4f:ac:50:
ed:f3:61:58:42:71:81:59:b4:9f:37:c1:c0:e1:d9:ff:32:c4:
75:af:f4:b6:f5:20:99:64:5f:9a:e5:c4:0a:7e:71:d2:78:d4:
46:20:20:6f:c5:d8:73:00:29:0a:5b:61:bd:7c:95:5b:ec:60:
be:19:fc:f3:87:45:eb:6c:49:3d:11:f0:37:40:0e:bc:74:68:
06:81:93:7f:47:bf:70:4f:e3:cc:03:70:c7:d7:13:0d:07:98:
61:5f:c4:95:d6:c5:46:b0:01:00:a9:dc:86:9b:23:1d:c7:c6:
a0:1f:7b:64:31:d6:4b:19:70:5f:a0:23:16:8c:8e:d1:89:63:
ee:11:f4:15:71:53:54:f8:49:bd:d2:18:94:08:74:41:a0:d3:
90:8e:d4:c6:ff:dd:ab:88:e9:75:de:ea:6c:12:29:17:b1:57:
0c:a0:f2:bc:19:e9:6d:17:cf:35:5b:47:ff:ff:93:fd:26:90:
08:54:81:9d:2a:55:17:f9:36:ba:ae:bc:25:cc:9a:8b:c7:be:
75:9e:84:58
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZES7At1+Bj95QfWATy8/48oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwODAyMTE0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNjMWZhZTdiOWU5YjVkODY1YmIxZDUxMmVkMGM5NmVmZGY2NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4ja6xWd2YHhMmU7iJxXfEWEW0Uh
DEmEFZiHdlXMV3CGc/RZ1wBBB8iS7bue8nUg27BF1Nc+4UcUyZb+fqdbzzP8sCiq
SyojSnH/aAXkj4aYoHmykDUEZhkyNqzjPKpvyzFDLw/J0ZCdShf6V5VSfRl/wwFt
uCT+OWyBpuMeNJYghOSoTroQTKMiPx7sRmYt7qT5dHWemVnQOV+RMyqyYe+frDtI
9At4jmOgIsPUcE2FUs2FQCWDbwZSbZmCkHZ+KbW9Y90MYBNYS/htFpiGF0hxGY6t
/0O18ph6BrpXVkGCRAX4BXpfYRYi7fObejDJOZju4ZsrocwDsweV+9SbEwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFD3MH657nptdhlux1RLtDJbv32eaMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvUGN3ZnJudWVtMTJHVzdIVkV1ME1sdV9mWjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBACYPx2Y9FgbM8S9pnLBy9Rt59wey7m/K
cEqieCp6CDiM2/yxefnLfpHkL/TfXWtWCtbtJE+sUO3zYVhCcYFZtJ83wcDh2f8y
xHWv9Lb1IJlkX5rlxAp+cdJ41EYgIG/F2HMAKQpbYb18lVvsYL4Z/POHRetsST0R
8DdADrx0aAaBk39Hv3BP48wDcMfXEw0HmGFfxJXWxUawAQCp3IabIx3HxqAfe2Qx
1ksZcF+gIxaMjtGJY+4R9BVxU1T4Sb3SGJQIdEGg05CO1Mb/3auI6XXe6mwSKRex
Vwyg8rwZ6W0XzzVbR///k/0mkAhUgZ0qVRf5NrquvCXMmovHvnWehFg=
-----END CERTIFICATE-----
Generated at Tue Aug 20 01:15:46 2024 by rpki-client on console-fra.rpki-client.org