Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/PCQb5tlN9cYXqLVuzrZW_1DNh2c.roa
File: PCQb5tlN9cYXqLVuzrZW_1DNh2c.roa (raw, json)
Hash identifier: SjE452+nw06RfZX9bl747g7tgrx0JjQGzo8MgEMNiyk=
Subject key identifier: 3C:24:1B:E6:D9:4D:F5:C6:17:A8:B5:6E:CE:B6:56:FF:50:CD:87:67
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 0186A3810EAEA21B796C15EFE02B57998B8A
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/PCQb5tlN9cYXqLVuzrZW_1DNh2c.roa
Signing time: Thu 02 Mar 2023 18:06:29 +0000
ROA not before: Thu 02 Mar 2023 18:06:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6134
IP address blocks: 45.131.179.0/24 maxlen: 24
91.217.160.0/24 maxlen: 24
193.227.103.0/24 maxlen: 24
193.227.109.0/24 maxlen: 24
193.227.114.0/24 maxlen: 24
193.200.149.0/24 maxlen: 24
193.200.152.0/24 maxlen: 24
45.132.238.0/24 maxlen: 24
45.132.239.0/24 maxlen: 24
91.238.207.0/24 maxlen: 24
45.128.146.0/24 maxlen: 24
45.128.147.0/24 maxlen: 24
45.137.11.0/24 maxlen: 24
45.137.10.0/24 maxlen: 24
2a12:a380::/48 maxlen: 48
2a12:a380::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:81:0e:ae:a2:1b:79:6c:15:ef:e0:2b:57:99:8b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Mar 2 18:06:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c241be6d94df5c617a8b56eceb656ff50cd8767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:00:70:53:d0:c5:15:8f:c5:d5:bb:53:8e:44:
29:9b:45:9d:8c:dd:dc:e2:91:66:31:c5:08:80:96:
10:a1:3c:59:1a:6a:ff:32:81:f1:f4:7f:38:a5:fc:
a7:f0:7a:34:34:e2:4c:48:fd:27:13:e7:67:31:6e:
aa:69:6c:8c:27:18:c3:54:ed:60:91:4a:5c:1e:6d:
ec:15:96:ed:65:cc:b8:ad:04:f9:f4:d0:ea:36:db:
21:98:eb:e0:d2:92:3e:98:3c:ec:1c:c0:e4:e4:94:
44:46:40:d8:66:40:fc:27:99:51:15:ae:e3:78:46:
ca:34:40:61:d8:d8:15:50:f8:c5:2a:58:11:7f:84:
0e:80:a4:04:36:91:6f:a6:cb:35:71:86:10:67:cc:
72:2e:f6:12:40:64:c4:e3:9f:f8:ef:13:fe:7b:9d:
e5:4c:b1:81:37:98:20:da:67:e3:4e:5c:d9:ea:14:
6e:33:f9:86:09:24:58:ea:a3:38:63:e6:5e:6f:82:
2d:a8:a1:3c:9a:24:ed:5a:09:27:cf:52:de:bd:d0:
bf:aa:22:78:05:6e:8d:25:71:db:ff:09:7b:fc:d2:
86:b9:42:34:7e:10:29:a1:89:d9:9e:d7:87:5f:f6:
44:7d:65:40:1e:d8:4d:10:b1:ae:1b:1f:53:af:64:
71:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:24:1B:E6:D9:4D:F5:C6:17:A8:B5:6E:CE:B6:56:FF:50:CD:87:67
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/PCQb5tlN9cYXqLVuzrZW_1DNh2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.146.0/23
45.131.179.0/24
45.132.238.0/23
45.137.10.0/23
91.217.160.0/24
91.238.207.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
IPv6:
2a12:a380::/29
Signature Algorithm: sha256WithRSAEncryption
14:3f:41:f5:bc:70:58:59:42:57:4e:3f:3a:ee:24:b0:eb:ab:
96:28:bb:ab:ff:82:1d:cc:aa:1b:58:ab:8a:ef:6b:6b:69:e2:
e4:13:54:5b:03:b5:06:6f:5e:92:ad:1e:32:a9:1c:a7:a9:1d:
79:65:6e:4a:58:c5:f5:0f:1c:b7:5c:e4:6c:eb:71:12:ea:68:
78:ef:a2:a5:52:b2:07:b3:9c:3c:fe:19:f0:e3:3d:52:ce:19:
47:65:1d:3f:cd:b2:db:4e:5f:7c:0f:cd:e6:62:d2:63:40:39:
1b:0c:6e:a7:eb:ea:90:01:69:d4:1b:d8:4f:ec:a1:31:fd:c3:
43:0d:64:8d:b6:dc:50:0f:21:7b:9f:3f:59:ee:28:70:80:f1:
50:9a:f4:8e:48:1b:0f:61:94:b1:64:8a:c0:0f:22:0a:e1:f6:
d7:1e:78:aa:28:55:1c:32:6e:08:79:ef:d6:ee:ed:7e:4d:df:
ab:52:82:1a:b5:b5:76:e9:11:6b:e4:3e:5d:71:48:f2:ea:81:
75:eb:81:50:61:73:42:0c:c8:99:15:92:9a:be:9c:7a:3a:f6:
a2:76:e7:d0:dc:25:7c:59:8e:87:9f:99:21:17:90:af:12:6d:
bc:76:f6:22:d4:04:94:e6:0b:ac:fb:0b:4f:9a:6a:30:f0:7e:
ef:ca:d9:85
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYajgQ6uoht5bBXv4CtXmYuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMzAyMTgwNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzI0MWJlNmQ5NGRmNWM2MTdhOGI1NmVjZWI2NTZmZjUwY2Q4NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wBwU9DFFY/F1btTjkQpm0WdjN3c
4pFmMcUIgJYQoTxZGmr/MoHx9H84pfyn8Ho0NOJMSP0nE+dnMW6qaWyMJxjDVO1g
kUpcHm3sFZbtZcy4rQT59NDqNtshmOvg0pI+mDzsHMDk5JRERkDYZkD8J5lRFa7j
eEbKNEBh2NgVUPjFKlgRf4QOgKQENpFvpss1cYYQZ8xyLvYSQGTE45/47xP+e53l
TLGBN5gg2mfjTlzZ6hRuM/mGCSRY6qM4Y+Zeb4ItqKE8miTtWgknz1LevdC/qiJ4
BW6NJXHb/wl7/NKGuUI0fhApoYnZnteHX/ZEfWVAHthNELGuGx9Tr2RxzwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFDwkG+bZTfXGF6i1bs62Vv9QzYdnMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvUENRYjV0bE45Y1lYcUxWdXpyWldfMUROaDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQBLYCSAwQA
LYOzAwQBLYTuAwQBLYkKAwQAW9mgAwQAW+7PAwQAwciVAwQAwciYAwQAweNnAwQA
weNtAwQAweNyMA0EAgACMAcDBQMqEqOAMA0GCSqGSIb3DQEBCwUAA4IBAQAUP0H1
vHBYWUJXTj867iSw66uWKLur/4IdzKobWKuK72traeLkE1RbA7UGb16SrR4yqRyn
qR15ZW5KWMX1Dxy3XORs63ES6mh476KlUrIHs5w8/hnw4z1SzhlHZR0/zbLbTl98
D83mYtJjQDkbDG6n6+qQAWnUG9hP7KEx/cNDDWSNttxQDyF7nz9Z7ihwgPFQmvSO
SBsPYZSxZIrADyIK4fbXHniqKFUcMm4Iee/W7u1+Td+rUoIatbV26RFr5D5dcUjy
6oF164FQYXNCDMiZFZKavpx6OvaidufQ3CV8WY6Hn5khF5CvEm28dvYi1ASU5gus
+wtPmmow8H7vytmF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:31 2023 by rpki-client on console-fra.rpki-client.org