Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/PDA0ArWXXryvXeAesMhGF9karJk.roa
File: PDA0ArWXXryvXeAesMhGF9karJk.roa (raw, json)
Hash identifier: criVkwUzbRSdMDkqpeHH0ctvf/wzFXDvKRyuJTKWl2U=
Subject key identifier: 3C:30:34:02:B5:97:5E:BC:AF:5D:E0:1E:B0:C8:46:17:D9:1A:AC:99
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 018CCA999FEB29972E0A67F412E7173D451D
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/PDA0ArWXXryvXeAesMhGF9karJk.roa
Signing time: Tue 02 Jan 2024 14:35:14 +0000
ROA not before: Tue 02 Jan 2024 14:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200555
IP address blocks: 46.24.73.0/24 maxlen: 24
212.145.48.0/24 maxlen: 24
212.145.58.0/24 maxlen: 24
212.145.62.0/24 maxlen: 24
77.228.197.0/24 maxlen: 24
77.228.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:9f:eb:29:97:2e:0a:67:f4:12:e7:17:3d:45:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 2 14:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c303402b5975ebcaf5de01eb0c84617d91aac99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3e:e3:ac:a7:2a:34:ca:83:e0:a0:bc:c6:91:
8e:29:55:7c:82:c4:06:ad:ed:c4:e7:82:27:95:d5:
f5:da:56:10:ce:4f:23:25:b0:af:a3:f8:f7:7b:fa:
b3:40:ca:51:b4:36:b4:88:75:28:6f:46:a8:f2:a0:
2c:62:09:87:7c:78:39:f4:5e:5f:0c:44:79:1d:93:
cf:81:c3:fa:1e:2c:e0:f3:1c:ca:2e:0d:d0:bf:1d:
f9:c1:88:a9:9b:e8:23:23:23:36:dd:29:b3:38:12:
8c:b8:91:9d:a9:76:21:dc:74:19:6a:cd:7d:87:c9:
30:10:64:cd:95:b1:76:ea:27:6e:08:22:d5:ba:60:
5b:84:cd:51:99:f7:cd:f9:9b:98:bf:6a:d0:1f:ec:
5e:18:42:6d:74:1d:63:15:38:92:b5:03:af:a3:8d:
b0:4d:fc:14:e8:d6:4d:bf:cb:44:60:46:f8:33:78:
17:de:52:a3:b8:fa:6f:14:f3:7a:0d:2b:8d:3d:e7:
df:94:56:31:d9:94:c0:38:a9:62:0a:a4:fb:02:cc:
7b:8c:3b:b2:09:11:f1:58:5e:71:69:a3:ad:09:f7:
61:b0:1c:2a:15:b3:65:2c:3f:fe:12:17:45:d6:e5:
07:57:02:97:5f:db:5d:54:ff:a8:62:95:69:95:a6:
ad:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:30:34:02:B5:97:5E:BC:AF:5D:E0:1E:B0:C8:46:17:D9:1A:AC:99
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/PDA0ArWXXryvXeAesMhGF9karJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.24.73.0/24
77.228.196.0/23
212.145.48.0/24
212.145.58.0/24
212.145.62.0/24
Signature Algorithm: sha256WithRSAEncryption
00:60:60:7e:59:ee:c8:77:a8:43:88:06:01:9f:ea:8c:9a:e9:
e4:79:77:c0:0b:79:53:8d:ad:ab:7f:ad:ad:f3:62:c8:95:05:
06:1c:4a:4d:44:d2:0f:be:24:20:33:f7:7e:4a:3d:20:e0:a1:
97:bc:30:a3:cf:3e:63:35:d9:f4:23:74:5f:1d:c2:6b:e9:4b:
9c:48:c8:81:24:be:50:87:cb:8c:26:6b:a2:82:51:5b:09:93:
86:a5:53:82:a0:b7:e3:b4:19:08:eb:00:11:fe:db:36:b3:ad:
71:db:0f:bd:f8:e0:82:2f:a5:61:26:89:b5:14:4b:69:06:31:
12:05:ec:42:87:22:87:c6:21:0c:2c:54:ea:b8:4f:2f:79:31:
a8:c0:8b:5a:53:8c:12:ec:45:24:b2:a9:19:65:b1:51:e9:f8:
b0:c5:32:6f:cf:c9:4d:43:08:b9:18:2e:60:6a:1f:fe:2e:7a:
e8:ac:fd:ef:17:c1:60:0a:77:b6:a9:4f:bb:e2:8b:3c:7d:5d:
78:23:3c:86:a1:86:58:65:d2:83:ee:22:58:f7:55:25:e1:d2:
b9:e8:d6:df:8a:48:21:07:ed:50:8d:e8:7c:be:a8:be:39:ff:
3f:e4:09:c1:ac:ad:2a:fc:67:a5:e4:e2:90:c0:89:da:39:60:
11:be:09:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKmZ/rKZcuCmf0EucXPUUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjQwMTAyMTQzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMwMzQwMmI1OTc1ZWJjYWY1ZGUwMWViMGM4NDYxN2Q5MWFhYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj7jrKcqNMqD4KC8xpGOKVV8gsQG
re3E54InldX12lYQzk8jJbCvo/j3e/qzQMpRtDa0iHUob0ao8qAsYgmHfHg59F5f
DER5HZPPgcP6Hizg8xzKLg3Qvx35wYipm+gjIyM23SmzOBKMuJGdqXYh3HQZas19
h8kwEGTNlbF26iduCCLVumBbhM1RmffN+ZuYv2rQH+xeGEJtdB1jFTiStQOvo42w
TfwU6NZNv8tEYEb4M3gX3lKjuPpvFPN6DSuNPefflFYx2ZTAOKliCqT7Asx7jDuy
CRHxWF5xaaOtCfdhsBwqFbNlLD/+EhdF1uUHVwKXX9tdVP+oYpVplaat9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDwwNAK1l168r13gHrDIRhfZGqyZMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvUERBMEFyV1hYcnl2WGVBZXNNaEdGOWthckprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhhJAwQB
TeTEAwQA1JEwAwQA1JE6AwQA1JE+MA0GCSqGSIb3DQEBCwUAA4IBAQAAYGB+We7I
d6hDiAYBn+qMmunkeXfAC3lTja2rf62t82LIlQUGHEpNRNIPviQgM/d+Sj0g4KGX
vDCjzz5jNdn0I3RfHcJr6UucSMiBJL5Qh8uMJmuiglFbCZOGpVOCoLfjtBkI6wAR
/ts2s61x2w+9+OCCL6VhJom1FEtpBjESBexChyKHxiEMLFTquE8veTGowItaU4wS
7EUksqkZZbFR6fiwxTJvz8lNQwi5GC5gah/+LnrorP3vF8FgCne2qU+74os8fV14
IzyGoYZYZdKD7iJY91Ul4dK56NbfikghB+1Qjeh8vqi+Of8/5AnBrK0q/Gel5OKQ
wInaOWARvgnn
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:15:30 2025 by rpki-client