Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/PAfwVDKqk_mfNbw1Sky6gkdQIdo.roa
File: PAfwVDKqk_mfNbw1Sky6gkdQIdo.roa (raw, json)
Hash identifier: rc0vYma/GtIKFZw4BdKFEGkNhGdj3iJgBR30Zz6rpb0=
Subject key identifier: 3C:07:F0:54:32:AA:93:F9:9F:35:BC:35:4A:4C:BA:82:47:50:21:DA
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 018E2E55975C5B2FD26B11218A16896ABF39
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/PAfwVDKqk_mfNbw1Sky6gkdQIdo.roa
Signing time: Mon 11 Mar 2024 16:25:44 +0000
ROA not before: Mon 11 Mar 2024 16:25:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
103.246.249.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 16 May 2024 12:03:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:55:97:5c:5b:2f:d2:6b:11:21:8a:16:89:6a:bf:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Mar 11 16:25:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c07f05432aa93f99f35bc354a4cba82475021da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bf:f2:9c:17:75:f0:0e:d9:fb:7c:0d:04:24:
39:79:1a:02:3e:11:21:dd:2f:95:24:5b:2a:f7:09:
b4:c8:24:5d:aa:8e:29:44:33:9b:42:7f:44:f3:72:
cc:c2:b0:e5:50:00:ec:aa:7d:29:40:76:9a:d8:fd:
e6:44:f6:5f:f5:4f:c4:f7:f0:1d:73:7d:63:33:aa:
18:4a:33:3f:95:6d:ee:6e:b7:8a:2d:f8:98:77:f0:
16:c7:9a:2d:cd:34:ea:2d:21:11:23:a8:75:28:3c:
c0:d3:ff:51:ba:d6:65:89:cc:82:6e:fd:d3:bc:45:
91:b0:91:fc:bc:53:a0:3b:0c:5b:60:ed:49:67:e3:
90:6a:76:d4:ea:18:6c:22:28:b1:da:51:12:1c:89:
6c:86:fa:c6:00:ac:4a:19:94:b5:42:16:65:76:a9:
9b:7d:fd:09:2a:f8:51:ce:96:35:db:29:3e:91:0d:
6f:de:a5:69:5c:3b:63:31:13:66:d1:5c:ed:22:0e:
1e:f7:f5:ec:9a:74:fb:4a:d8:f8:9e:0d:a3:f3:45:
cc:3c:81:3d:79:58:3d:a1:bf:ab:1e:32:66:52:9d:
db:02:fb:16:93:2f:6f:d5:10:f4:3d:43:17:00:00:
5f:a8:db:99:7d:c3:fd:ef:ef:47:eb:60:ab:81:f2:
85:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:07:F0:54:32:AA:93:F9:9F:35:BC:35:4A:4C:BA:82:47:50:21:DA
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/PAfwVDKqk_mfNbw1Sky6gkdQIdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.244.144.0/23
103.246.248.0/23
185.104.63.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:5fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
e9:fd:c6:11:fc:6f:9e:d9:a6:5e:cf:25:a1:5c:85:59:97:5c:
79:6f:c2:8f:43:71:42:b6:35:63:7f:b1:23:3f:43:c2:8a:21:
33:da:a6:df:01:69:da:de:79:43:49:d4:4f:af:27:e7:91:6c:
8e:b8:73:a1:f7:26:e1:b7:f5:5e:ea:76:94:a7:24:e2:fc:5c:
0c:f1:82:5d:47:6c:7b:2c:f3:3f:bc:df:c4:d7:2e:9b:33:1a:
73:75:5e:48:6d:61:32:43:c0:79:14:e7:40:cc:d9:ec:19:80:
fa:83:71:45:4d:a9:e9:75:a8:db:36:ec:9d:32:1e:10:1d:33:
68:fb:51:ed:1a:33:c1:cb:9c:61:8b:a2:74:dd:d1:2e:6f:d2:
e7:fd:93:29:d7:2c:dc:65:30:87:60:02:de:1c:65:f6:40:85:
84:17:c6:e0:6d:f1:cf:fd:4d:ff:f4:23:d5:1e:cb:f9:88:e5:
4d:38:4c:6e:b5:13:e4:fb:bc:00:41:57:de:3c:7c:58:a1:de:
28:13:65:6b:c1:05:8e:0a:60:76:cb:44:28:73:77:0a:a1:fe:
16:10:75:88:ae:49:9e:74:8c:ea:b9:f1:f0:59:96:a2:7c:e3:
1e:b7:85:a9:36:f2:65:9c:61:91:7c:1d:04:d7:86:05:68:bd:
98:e0:09:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY4uVZdcWy/SaxEhihaJar85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjQwMzExMTYyNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA3ZjA1NDMyYWE5M2Y5OWYzNWJjMzU0YTRjYmE4MjQ3NTAyMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr/ynBd18A7Z+3wNBCQ5eRoCPhEh
3S+VJFsq9wm0yCRdqo4pRDObQn9E83LMwrDlUADsqn0pQHaa2P3mRPZf9U/E9/Ad
c31jM6oYSjM/lW3ubreKLfiYd/AWx5otzTTqLSERI6h1KDzA0/9RutZlicyCbv3T
vEWRsJH8vFOgOwxbYO1JZ+OQanbU6hhsIiix2lESHIlshvrGAKxKGZS1QhZldqmb
ff0JKvhRzpY12yk+kQ1v3qVpXDtjMRNm0VztIg4e9/XsmnT7Stj4ng2j80XMPIE9
eVg9ob+rHjJmUp3bAvsWky9v1RD0PUMXAABfqNuZfcP97+9H62CrgfKFmQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDwH8FQyqpP5nzW8NUpMuoJHUCHaMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvUEFmd1ZES3FrX21mTmJ3MVNreTZna2RRSWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBUBAIAATBOAwQALuXzAwQA
LuX7AwQALuX9AwQATUp7AwQAU+U9AwQAVcxrAwQAXCpkAwQAZ3CrAwQBZ3kwAwQB
Z/SQAwQBZ/b4AwQAuWg/AwQAw0pdMBYEAgACMBAwDgMEASoSMgMGBSoSMgBAMA0G
CSqGSIb3DQEBCwUAA4IBAQDp/cYR/G+e2aZezyWhXIVZl1x5b8KPQ3FCtjVjf7Ej
P0PCiiEz2qbfAWna3nlDSdRPryfnkWyOuHOh9ybht/Ve6naUpyTi/FwM8YJdR2x7
LPM/vN/E1y6bMxpzdV5IbWEyQ8B5FOdAzNnsGYD6g3FFTanpdajbNuydMh4QHTNo
+1HtGjPBy5xhi6J03dEub9Ln/ZMp1yzcZTCHYALeHGX2QIWEF8bgbfHP/U3/9CPV
Hsv5iOVNOExutRPk+7wAQVfePHxYod4oE2VrwQWOCmB2y0Qoc3cKof4WEHWIrkme
dIzqufHwWZaifOMet4WpNvJlnGGRfB0E14YFaL2Y4AkJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:19 2024 by rpki-client on console-fra.rpki-client.org