Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/pRytdz4r6KbNwhEX-yEhCu-XKGk.roa
File: pRytdz4r6KbNwhEX-yEhCu-XKGk.roa (raw, json)
Hash identifier: g5NNpeRRyvT/COag9x/Js46SPcMYrUOXduV0ApnkGPs=
Subject key identifier: A5:1C:AD:77:3E:2B:E8:A6:CD:C2:11:17:FB:21:21:0A:EF:97:28:69
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 01857321C7C8130E8A68F7070263DD325DCC
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/pRytdz4r6KbNwhEX-yEhCu-XKGk.roa
Signing time: Mon 02 Jan 2023 15:37:51 +0000
ROA not before: Mon 02 Jan 2023 15:37:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208905
IP address blocks: 147.235.40.0/24 maxlen: 24
147.235.49.0/24 maxlen: 24
147.235.50.0/23 maxlen: 24
147.235.46.0/23 maxlen: 24
147.235.45.0/24 maxlen: 24
147.235.61.0/24 maxlen: 24
147.235.60.0/23 maxlen: 23
147.235.60.0/22 maxlen: 22
147.235.62.0/24 maxlen: 24
147.235.62.0/23 maxlen: 23
147.235.60.0/24 maxlen: 24
147.235.63.0/24 maxlen: 24
147.235.76.0/22 maxlen: 22
147.235.78.0/23 maxlen: 23
147.235.77.0/24 maxlen: 24
147.235.78.0/24 maxlen: 24
147.235.74.0/23 maxlen: 23
147.235.74.0/24 maxlen: 24
147.235.75.0/24 maxlen: 24
147.235.76.0/24 maxlen: 24
147.235.73.0/24 maxlen: 24
147.235.72.0/23 maxlen: 23
147.235.72.0/24 maxlen: 24
147.235.72.0/22 maxlen: 22
147.235.76.0/23 maxlen: 23
147.235.80.0/24 maxlen: 24
147.235.79.0/24 maxlen: 24
147.235.26.0/23 maxlen: 24
147.235.25.0/24 maxlen: 24
147.235.36.0/24 maxlen: 24
147.235.152.0/23 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.180.0/23 maxlen: 24
147.235.94.0/23 maxlen: 23
147.235.94.0/24 maxlen: 24
147.235.95.0/24 maxlen: 24
147.235.93.0/24 maxlen: 24
147.235.254.0/23 maxlen: 24
147.235.224.0/23 maxlen: 24
147.235.232.0/23 maxlen: 24
147.235.234.0/24 maxlen: 24
147.235.240.0/23 maxlen: 24
147.235.248.0/23 maxlen: 24
185.130.84.0/22 maxlen: 22
2a06:c702::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:c7:c8:13:0e:8a:68:f7:07:02:63:dd:32:5d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Jan 2 15:37:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a51cad773e2be8a6cdc21117fb21210aef972869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b5:12:c5:e2:48:01:f4:04:aa:9d:8b:4f:25:
df:a8:90:8b:bc:2a:7e:a4:50:0b:1e:19:c8:bb:9f:
10:8d:9c:21:43:a4:20:16:72:ef:b5:0d:7c:27:db:
6f:c8:69:9f:65:03:4d:06:b7:24:1f:ac:aa:4c:f9:
62:72:26:b8:0c:c4:d0:38:a3:ab:17:ba:18:ac:12:
f9:d3:6f:1e:aa:50:a4:5e:b0:45:82:5a:f7:84:58:
20:d0:67:e9:12:4f:e5:38:84:f6:ff:43:ab:5f:4f:
1e:bf:65:7c:09:38:f5:4c:dc:7d:0a:19:7a:9d:62:
df:7b:6a:6d:83:fc:1f:6a:31:19:0d:05:04:24:a8:
0b:48:d1:95:33:30:f8:fa:ac:d3:67:80:5c:91:b3:
b5:f2:b9:72:73:b8:c7:0d:f2:b0:c4:0e:62:21:08:
29:c2:df:bb:36:a1:d8:1a:c9:28:1f:d0:5e:1d:f7:
b4:94:00:b0:28:f3:88:92:77:83:e2:09:24:2f:0a:
74:8e:b1:3f:4d:23:0b:45:17:05:97:49:fd:42:ed:
47:8e:28:63:6c:e9:47:f6:91:cc:4d:23:a5:72:16:
3d:fe:9a:b1:e7:83:21:04:1e:11:f5:a2:87:64:df:
8e:7f:61:6d:27:33:3e:f5:33:e7:37:1a:23:7f:92:
9e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1C:AD:77:3E:2B:E8:A6:CD:C2:11:17:FB:21:21:0A:EF:97:28:69
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/pRytdz4r6KbNwhEX-yEhCu-XKGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.25.0-147.235.27.255
147.235.36.0/24
147.235.40.0/24
147.235.45.0-147.235.47.255
147.235.49.0-147.235.51.255
147.235.60.0/22
147.235.72.0-147.235.80.255
147.235.93.0-147.235.95.255
147.235.152.0-147.235.154.255
147.235.180.0/23
147.235.224.0/23
147.235.232.0-147.235.234.255
147.235.240.0/23
147.235.248.0/23
147.235.254.0/23
185.130.84.0/22
IPv6:
2a06:c702::/48
Signature Algorithm: sha256WithRSAEncryption
84:a5:40:d2:47:4c:70:7c:d9:ab:24:c9:fd:6f:4b:89:88:3b:
71:ce:b1:a0:0f:d9:e2:e9:5a:55:44:ae:42:d8:21:87:73:a8:
19:42:9c:fe:ce:51:4d:b7:ec:8f:e1:1d:88:e6:32:0e:c0:bc:
31:43:29:44:a5:e8:f4:f8:29:71:79:43:10:01:8e:14:78:9a:
52:b7:f6:1c:51:f7:05:85:35:e7:fd:23:a9:1b:03:5f:f4:86:
67:83:cc:eb:3b:a8:0c:12:9f:da:b3:38:c7:45:84:eb:c5:c7:
61:3a:c8:c7:25:86:bd:d2:4c:4a:79:11:9c:49:70:5f:23:84:
4d:f9:3f:66:95:a9:a2:22:2b:ce:82:6c:25:03:f8:b6:c4:01:
32:a6:be:b5:a3:1e:46:05:91:60:78:d2:c6:df:bb:c8:83:cf:
50:cb:e7:5e:58:05:2d:0e:9a:fe:68:e4:29:e0:ac:a6:55:91:
7f:34:79:53:17:2b:b2:bc:95:bc:28:a8:39:5c:32:39:3b:49:
41:86:bb:80:84:a7:ad:a3:78:e0:3d:2f:89:c2:a3:91:25:04:
c9:70:3d:32:42:9a:19:a4:72:f6:30:cb:6b:79:2e:68:16:d3:
b0:7f:51:7c:5a:0a:68:5d:96:77:90:5d:1b:70:f0:f5:14:27:
4c:ec:e1:c1
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYVzIcfIEw6KaPcHAmPdMl3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjMwMTAyMTUzNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTFjYWQ3NzNlMmJlOGE2Y2RjMjExMTdmYjIxMjEwYWVmOTcyODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLUSxeJIAfQEqp2LTyXfqJCLvCp+
pFALHhnIu58QjZwhQ6QgFnLvtQ18J9tvyGmfZQNNBrckH6yqTPlicia4DMTQOKOr
F7oYrBL5028eqlCkXrBFglr3hFgg0GfpEk/lOIT2/0OrX08ev2V8CTj1TNx9Chl6
nWLfe2ptg/wfajEZDQUEJKgLSNGVMzD4+qzTZ4BckbO18rlyc7jHDfKwxA5iIQgp
wt+7NqHYGskoH9BeHfe0lACwKPOIkneD4gkkLwp0jrE/TSMLRRcFl0n9Qu1Hjihj
bOlH9pHMTSOlchY9/pqx54MhBB4R9aKHZN+Of2FtJzM+9TPnNxojf5KedQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFKUcrXc+K+imzcIRF/shIQrvlyhpMB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvcFJ5dGR6NHI2S2JOd2hFWC15RWhDdS1YS0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBnwQCAAEwgZgwDAME
AJPrGQMEApPrGAMEAJPrJAMEAJPrKDAMAwQAk+stAwQEk+sgMAwDBACT6zEDBAKT
6zADBAKT6zwwDAMEA5PrSAMEAJPrUDAMAwQAk+tdAwQFk+tAMAwDBAOT65gDBACT
65oDBAGT67QDBAGT6+AwDAMEA5Pr6AMEAJPr6gMEAZPr8AMEAZPr+AMEAZPr/gME
ArmCVDAPBAIAAjAJAwcAKgbHAgAAMA0GCSqGSIb3DQEBCwUAA4IBAQCEpUDSR0xw
fNmrJMn9b0uJiDtxzrGgD9ni6VpVRK5C2CGHc6gZQpz+zlFNt+yP4R2I5jIOwLwx
QylEpej0+ClxeUMQAY4UeJpSt/YcUfcFhTXn/SOpGwNf9IZng8zrO6gMEp/aszjH
RYTrxcdhOsjHJYa90kxKeRGcSXBfI4RN+T9mlamiIivOgmwlA/i2xAEypr61ox5G
BZFgeNLG37vIg89Qy+deWAUtDpr+aOQp4KymVZF/NHlTFyuyvJW8KKg5XDI5O0lB
hruAhKeto3jgPS+JwqORJQTJcD0yQpoZpHL2MMtreS5oFtOwf1F8WgpoXZZ3kF0b
cPD1FCdM7OHB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:18 2024 by rpki-client on console-fra.rpki-client.org