Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pfWTR6IDcbY2YkYzlQv-COZ8EAQ.roa
File: pfWTR6IDcbY2YkYzlQv-COZ8EAQ.roa (raw, json)
Hash identifier: ziW7x17erY6rvUDqdCqZVe4gA2WUIp3iTYIb0etOaqo=
Subject key identifier: A5:F5:93:47:A2:03:71:B6:36:62:46:33:95:0B:FE:08:E6:7C:10:04
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCA8CA0F514245ACB759EF91EA099F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pfWTR6IDcbY2YkYzlQv-COZ8EAQ.roa
Signing time: Sun 01 Jan 2023 05:45:01 +0000
ROA not before: Sun 01 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
91.246.192.0/22 maxlen: 24
77.36.57.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
91.246.203.0/24 maxlen: 24
176.110.112.0/23 maxlen: 23
91.246.217.0/24 maxlen: 24
81.161.8.0/22 maxlen: 22
192.162.184.0/23 maxlen: 23
37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
193.36.220.0/22 maxlen: 22
194.33.66.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
91.233.200.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
193.36.203.0/24 maxlen: 24
109.207.129.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.229.18.0/23 maxlen: 23
91.200.132.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
176.116.228.0/24 maxlen: 24
91.238.39.0/24 maxlen: 24
91.239.222.0/23 maxlen: 23
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
91.236.76.0/24 maxlen: 24
46.173.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 04 May 2023 13:18:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a8:ca:0f:51:42:45:ac:b7:59:ef:91:ea:09:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5f59347a20371b636624633950bfe08e67c1004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:10:7f:31:d1:c4:59:78:01:55:28:d0:1a:81:
68:c8:09:b3:eb:1f:85:6e:f8:1c:27:93:38:39:a7:
5f:a1:90:64:f4:36:3d:7e:11:55:f6:c5:fd:b6:8c:
a5:08:68:ce:cb:91:e4:02:94:ce:e5:cc:ff:8a:9e:
ac:7f:a4:92:b4:2d:2f:2e:24:4f:62:9d:1a:ff:d8:
f5:db:50:8f:a4:dc:c5:4d:90:ee:02:aa:12:6c:f7:
d5:91:45:d0:1b:55:dc:7d:32:da:e9:6c:7f:5a:5b:
08:40:ac:02:b9:28:99:99:b2:73:24:6d:bd:3f:fe:
e3:a4:20:4a:79:89:71:61:5a:ed:15:89:bf:79:58:
18:36:9e:2a:32:85:7b:91:56:60:8f:5e:35:ec:49:
2c:73:e3:c3:a6:34:cc:0f:6f:15:9a:83:08:00:3b:
50:ba:8c:1d:1c:10:c3:08:90:92:05:13:05:24:7e:
90:90:e8:0e:de:bc:9d:74:3b:74:58:e9:a4:62:bf:
bf:f4:c8:65:cb:e2:06:f9:b6:3c:8c:9d:38:43:76:
ed:82:a8:a0:95:c2:db:d8:2e:7d:c8:8e:c7:86:e0:
98:9a:d9:ab:30:c2:c9:30:f6:db:7e:f3:e5:9c:f5:
59:1a:7d:bb:1c:7f:36:e6:99:41:e0:04:6b:c9:fb:
a1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F5:93:47:A2:03:71:B6:36:62:46:33:95:0B:FE:08:E6:7C:10:04
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pfWTR6IDcbY2YkYzlQv-COZ8EAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
64.43.120.0/22
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.132.0/24
91.200.134.0/23
91.224.212.0/24
91.229.18.0/23
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.222.0/23
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
91.246.217.0/24
109.207.129.0-109.207.130.255
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.228.0/24
176.116.236.0/24
176.121.108.0/22
192.162.184.0/23
193.36.203.0/24
193.36.220.0/22
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:e4:8d:33:d9:06:a1:0e:50:7a:7a:8b:d7:d4:ef:92:63:98:
45:ec:68:73:4c:44:d5:25:e0:3c:d1:22:e3:a8:4b:d8:2f:79:
e5:43:83:3c:7f:b0:a0:3b:fe:23:49:9c:b4:ca:ee:5a:8c:e2:
9c:0e:17:37:b5:03:3b:df:d3:39:d2:a9:8a:9c:f7:57:22:2e:
b1:a9:1e:f1:d3:46:72:fe:c2:98:62:37:ff:30:72:5a:de:39:
d4:b2:e6:84:01:74:50:57:77:e0:06:da:7b:c4:cd:1f:9b:9f:
9d:eb:46:4b:d8:c5:0b:46:f3:94:63:43:8b:a4:48:29:40:b7:
d8:00:0a:7a:25:cc:84:c7:1d:ec:92:4a:93:8e:67:bd:e6:c3:
d0:80:58:e2:b6:26:98:7a:e6:d3:e1:6c:a5:b9:04:b8:4f:b3:
62:fe:dd:c1:35:33:e5:d8:7d:8a:5a:1e:69:9c:22:15:e2:24:
10:c0:1a:0a:09:36:40:a2:66:2d:8f:3d:51:df:75:d5:8b:1f:
cb:f0:0e:48:62:db:6c:ab:a8:52:38:d6:64:e7:78:b3:43:2e:
67:e2:a1:6f:bd:f2:33:6b:53:29:60:ae:8b:ae:2d:d1:18:aa:
d9:68:14:3f:46:7f:61:3e:a9:83:bb:a2:bb:ed:01:4c:2f:1b:
3c:f0:94:c3
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAYVr3KjKD1FCRay3We+R6gmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWY1OTM0N2EyMDM3MWI2MzY2MjQ2MzM5NTBiZmUwOGU2N2MxMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hB/MdHEWXgBVSjQGoFoyAmz6x+F
bvgcJ5M4OadfoZBk9DY9fhFV9sX9toylCGjOy5HkApTO5cz/ip6sf6SStC0vLiRP
Yp0a/9j121CPpNzFTZDuAqoSbPfVkUXQG1XcfTLa6Wx/WlsIQKwCuSiZmbJzJG29
P/7jpCBKeYlxYVrtFYm/eVgYNp4qMoV7kVZgj1417Eksc+PDpjTMD28VmoMIADtQ
uowdHBDDCJCSBRMFJH6QkOgO3ryddDt0WOmkYr+/9Mhly+IG+bY8jJ04Q3btgqig
lcLb2C59yI7HhuCYmtmrMMLJMPbbfvPlnPVZGn27HH825plB4ARryfuhLQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFKX1k0eiA3G2NmJGM5UL/gjmfBAEMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcGZXVFI2SURjYlkyWWtZemxRdi1DT1o4RUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQB
JWF4AwQCLq34AwQBLq3+AwQCQCt4AwQATSQ5AwQATSQ8AwQATSRBAwQCUaEIAwQC
UaEwAwQBW8EeAwQAW8iEAwQBW8iGAwQAW+DUAwQBW+USAwQBW+g4AwQAW+jiAwQA
W+nIAwQAW+xMAwQAW+4nAwQBW+/eAwQAW+/iAwQCW/bAAwQAW/bLAwQAW/bZMAwD
BABtz4EDBABtz4IDBABtz4QDBACwYF4DBAGwbnADBAKwcbQDBAKwc+wDBACwdOQD
BACwdOwDBAKweWwDBAHAorgDBADBJMsDBALBJNwDBAHCIUIwDQYJKoZIhvcNAQEL
BQADggEBAH3kjTPZBqEOUHp6i9fU75JjmEXsaHNMRNUl4DzRIuOoS9gveeVDgzx/
sKA7/iNJnLTK7lqM4pwOFze1Azvf0znSqYqc91ciLrGpHvHTRnL+wphiN/8wclre
OdSy5oQBdFBXd+AG2nvEzR+bn53rRkvYxQtG85RjQ4ukSClAt9gACnolzITHHeyS
SpOOZ73mw9CAWOK2Jph65tPhbKW5BLhPs2L+3cE1M+XYfYpaHmmcIhXiJBDAGgoJ
NkCiZi2PPVHfddWLH8vwDkhi22yrqFI41mTneLNDLmfioW+98jNrUylgrouuLdEY
qtloFD9Gf2E+qYO7orvtAUwvGzzwlMM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org