Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PrkiusSAc1H9QD4R8pXiQ49_alY.roa
File: PrkiusSAc1H9QD4R8pXiQ49_alY.roa (raw, json)
Hash identifier: 5CZnnVAt76sKKilTE6Zg624JG106lB/tu0uEYgZTPDc=
Subject key identifier: 3E:B9:22:BA:C4:80:73:51:FD:40:3E:11:F2:95:E2:43:8F:7F:6A:56
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018BB026D709764D612FEC1F6A48B71EC7F3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PrkiusSAc1H9QD4R8pXiQ49_alY.roa
Signing time: Wed 08 Nov 2023 18:16:57 +0000
ROA not before: Wed 08 Nov 2023 18:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 89.40.161.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.105.0/24 maxlen: 24
85.159.117.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:26:d7:09:76:4d:61:2f:ec:1f:6a:48:b7:1e:c7:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 8 18:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eb922bac4807351fd403e11f295e2438f7f6a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:22:84:8d:84:93:fa:f3:f9:ee:c2:10:57:
ca:f9:19:15:03:69:a2:79:06:6c:25:db:94:5f:8c:
cd:3e:10:59:22:78:b0:a0:59:37:8c:08:77:03:5e:
4b:18:3a:18:c0:21:4d:bb:c6:d1:bc:3c:bd:78:4a:
81:a4:e9:82:f4:66:5b:2a:dc:5b:5a:54:8e:07:ef:
19:71:20:b5:37:9b:bd:1a:ad:1d:d5:f9:5c:1c:8f:
37:28:2a:0c:8b:45:2d:52:06:40:a3:51:7b:5b:22:
f4:a2:49:c0:b0:57:5e:c2:bb:72:6b:08:31:27:96:
de:e5:74:2d:1a:4a:cf:3d:38:0e:59:ea:dd:4f:80:
e9:7b:27:a4:f5:18:20:70:fb:24:67:cf:a6:9a:de:
c4:f9:83:ae:1d:95:97:86:01:28:22:ea:bf:a9:df:
55:20:bf:92:07:65:b4:d1:d5:a4:e5:ae:99:57:1b:
69:65:d1:22:f0:b4:f3:b8:84:c2:b1:4e:71:48:1f:
4c:ba:4e:cc:c0:3f:26:dd:55:ec:c3:66:a0:4e:c5:
27:60:f1:3a:2f:08:c9:de:f6:fb:ad:f9:ba:c5:51:
9a:49:02:56:5e:f1:63:3f:6a:15:86:fd:10:36:3f:
5b:73:0c:97:db:3f:53:bf:93:39:e9:a1:71:c9:3c:
49:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B9:22:BA:C4:80:73:51:FD:40:3E:11:F2:95:E2:43:8F:7F:6A:56
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PrkiusSAc1H9QD4R8pXiQ49_alY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0/24
91.242.72.0/22
91.242.103.0/24
94.231.198.0/24
185.40.105.0/24
194.50.200.0/23
194.50.206.0/23
195.138.105.0-195.138.106.255
195.138.108.0/24
195.138.116.0/24
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
0c:c3:7b:c4:4c:aa:5f:a3:a4:c8:fc:93:c4:d9:0c:ba:9d:11:
9e:b0:e0:37:91:2f:c7:5b:4f:23:5c:ae:75:d6:e1:dc:8e:f1:
87:61:02:57:b6:a6:52:d6:d1:80:08:3b:15:72:b9:18:27:d5:
08:50:32:11:fb:d5:bb:6a:54:33:55:1f:a2:0f:ce:41:23:e1:
46:f3:06:04:1c:bb:c9:b3:4d:f5:fd:d2:c8:a6:dc:d8:90:e5:
02:47:d9:eb:f7:14:ac:50:e2:57:62:c0:3e:79:92:26:42:20:
06:b6:07:8b:3b:3f:1a:05:64:5c:07:58:ca:f7:fb:69:b8:4f:
47:8b:0e:35:cd:a3:17:fa:d5:31:8e:bb:06:ac:02:36:e7:41:
d5:9a:fb:29:b7:ba:1f:f1:ab:56:3d:11:65:c8:cb:7a:67:0f:
fe:94:e3:b0:e5:92:32:1e:da:b3:b2:0e:33:22:81:0e:a0:0f:
cf:1a:de:d4:fd:1f:5b:1c:59:5e:4a:6c:b0:a1:08:06:eb:82:
99:92:56:54:16:8f:f5:d6:70:b0:a3:db:a1:e7:ef:d0:4a:1a:
f7:59:c6:71:90:7a:84:38:30:42:cb:69:3a:15:79:0f:43:09:
6d:94:6e:53:ee:26:74:79:f1:75:7e:ff:96:51:4a:75:6b:f8:
b5:1f:4a:4a
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYuwJtcJdk1hL+wfaki3HsfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTA4MTgxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI5MjJiYWM0ODA3MzUxZmQ0MDNlMTFmMjk1ZTI0MzhmN2Y2YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW0ihI2Ek/rz+e7CEFfK+RkVA2mi
eQZsJduUX4zNPhBZIniwoFk3jAh3A15LGDoYwCFNu8bRvDy9eEqBpOmC9GZbKtxb
WlSOB+8ZcSC1N5u9Gq0d1flcHI83KCoMi0UtUgZAo1F7WyL0oknAsFdewrtyawgx
J5be5XQtGkrPPTgOWerdT4Dpeyek9RggcPskZ8+mmt7E+YOuHZWXhgEoIuq/qd9V
IL+SB2W00dWk5a6ZVxtpZdEi8LTzuITCsU5xSB9Muk7MwD8m3VXsw2agTsUnYPE6
LwjJ3vb7rfm6xVGaSQJWXvFjP2oVhv0QNj9bcwyX2z9Tv5M56aFxyTxJHwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFD65IrrEgHNR/UA+EfKV4kOPf2pWMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUHJraXVzU0FjMUg5UUQ0UjhwWGlRNDlfYWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAC1DdQME
AFWfdQMEAFkn8gMEAFkooQMEAFvyRgMEAlvySAMEAFvyZwMEAF7nxgMEALkoaQME
AcIyyAMEAcIyzjAMAwQAw4ppAwQAw4pqAwQAw4psAwQAw4p0MAwDBAHDinoDBAfD
igAwDQYJKoZIhvcNAQELBQADggEBAAzDe8RMql+jpMj8k8TZDLqdEZ6w4DeRL8db
TyNcrnXW4dyO8YdhAle2plLW0YAIOxVyuRgn1QhQMhH71btqVDNVH6IPzkEj4Ubz
BgQcu8mzTfX90sim3NiQ5QJH2ev3FKxQ4ldiwD55kiZCIAa2B4s7PxoFZFwHWMr3
+2m4T0eLDjXNoxf61TGOuwasAjbnQdWa+ym3uh/xq1Y9EWXIy3pnD/6U47DlkjIe
2rOyDjMigQ6gD88a3tT9H1scWV5KbLChCAbrgpmSVlQWj/XWcLCj26Hn79BKGvdZ
xnGQeoQ4MELLaToVeQ9DCW2UblPuJnR58XV+/5ZRSnVr+LUfSko=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org