Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/PzEjfi9dGfZXTELAF3k3TOLxA9Q.roa
File: PzEjfi9dGfZXTELAF3k3TOLxA9Q.roa (raw, json)
Hash identifier: kjqPQ1OzuEVTjEGmpkFTqAMJRsgEwtbMHPyESV/nQ8o=
Subject key identifier: 3F:31:23:7E:2F:5D:19:F6:57:4C:42:C0:17:79:37:4C:E2:F1:03:D4
Certificate issuer: /CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Certificate serial: 018755C93502B17FE96CAA1CF93F0B03B522
Authority key identifier: 74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/PzEjfi9dGfZXTELAF3k3TOLxA9Q.roa
Signing time: Thu 06 Apr 2023 08:57:42 +0000
ROA not before: Thu 06 Apr 2023 08:57:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 88.212.157.0/24 maxlen: 24
88.212.156.0/24 maxlen: 24
88.212.158.0/24 maxlen: 24
88.212.159.0/24 maxlen: 24
185.8.132.0/24 maxlen: 24
185.8.135.0/24 maxlen: 24
185.8.133.0/24 maxlen: 24
83.151.192.0/24 maxlen: 24
83.151.195.0/24 maxlen: 24
83.151.193.0/24 maxlen: 24
83.151.194.0/24 maxlen: 24
88.202.210.0/24 maxlen: 24
88.202.208.0/24 maxlen: 24
88.202.208.0/23 maxlen: 23
88.202.209.0/24 maxlen: 24
88.202.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:c9:35:02:b1:7f:e9:6c:aa:1c:f9:3f:0b:03:b5:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Validity
Not Before: Apr 6 08:57:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f31237e2f5d19f6574c42c01779374ce2f103d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:c2:4e:1f:9c:ad:21:7f:58:15:8d:e8:4c:
89:c0:10:1a:5b:86:02:c6:ab:e7:eb:f1:df:2b:ef:
21:6e:9d:5d:88:8f:d9:d7:e5:4f:1f:61:dc:6a:b5:
dc:95:73:d1:d6:7a:1c:51:87:93:3c:55:1b:8d:51:
70:db:2d:71:78:49:18:a2:ba:33:4c:ca:4c:1f:db:
2f:42:99:9b:8b:a5:af:b0:9d:25:99:b6:cf:11:9e:
d5:07:77:bf:f1:cd:e0:f4:a3:3a:18:39:9e:59:ce:
64:45:11:0a:67:ce:5d:38:0a:d3:c9:00:db:68:d5:
38:8c:45:f0:2c:65:7f:a6:ef:ed:71:92:7b:5b:9f:
44:06:55:0d:74:b5:b7:b4:9e:69:1a:06:39:f1:52:
a6:16:ea:a8:b5:21:d2:df:9f:1e:d6:77:6a:36:a9:
c5:42:3d:d9:e1:c5:f9:37:66:9c:52:ea:47:bf:cf:
c6:59:73:05:61:a8:92:a7:31:e2:0b:d6:d2:27:a9:
07:21:3b:df:99:94:65:10:50:eb:99:df:ec:5e:7e:
f2:b7:be:89:5d:dd:0d:32:bb:54:1e:c6:7f:4c:72:
f0:e3:61:0e:b6:97:6e:e0:d4:8e:d5:78:05:d9:14:
22:85:23:db:43:6b:ec:d5:53:38:78:c6:73:6d:e8:
28:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:31:23:7E:2F:5D:19:F6:57:4C:42:C0:17:79:37:4C:E2:F1:03:D4
X509v3 Authority Key Identifier:
keyid:74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/PzEjfi9dGfZXTELAF3k3TOLxA9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/dEXd7t-9ctMT6e6MzuroQDzDQUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.151.192.0/22
88.202.208.0/22
88.212.156.0/22
185.8.132.0/23
185.8.135.0/24
Signature Algorithm: sha256WithRSAEncryption
09:27:be:c8:50:75:af:9d:b5:b7:09:80:6a:18:5e:65:31:ba:
2e:9e:fa:64:d4:6f:e5:85:df:4d:88:02:22:a3:82:41:a7:e1:
d9:9e:c8:51:0b:26:f3:07:b3:3f:9d:32:c2:28:43:35:20:3a:
b0:c0:7c:60:51:34:87:c5:d8:7a:6e:91:f0:76:75:2f:50:61:
07:77:a6:52:06:ff:04:8c:cb:ff:5b:30:25:be:12:a6:40:23:
31:f0:db:1e:3a:d6:74:23:30:ec:30:85:8d:61:63:e4:2f:e8:
34:22:f5:08:a0:94:c9:a6:f0:95:57:ed:75:bc:11:8b:0a:d8:
10:62:2a:e0:6c:74:da:97:97:45:10:9e:1b:52:e9:08:90:4f:
8a:2e:1a:d8:e3:96:9c:0e:ed:ee:ab:cd:f7:73:87:98:12:0c:
b1:e4:5e:8f:de:33:93:c8:3e:3d:bc:b0:59:6a:9e:38:7d:3d:
b2:fb:b4:24:ff:5a:fb:23:9b:50:68:77:ab:73:bd:c8:18:6c:
24:e5:6e:d9:c1:c9:a8:72:2f:d3:3f:a1:19:b8:0d:f8:5d:6d:
a7:fa:cb:6a:9f:5f:82:4e:11:c2:94:b4:29:21:89:29:f7:17:
3b:ac:5c:b9:86:33:30:ae:56:05:f3:61:9e:8a:10:bc:d6:f0:
32:ea:9d:59
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdVyTUCsX/pbKoc+T8LA7UiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDVkZGVlZGZiZDcyZDMxM2U5ZWU4Y2NlZWFlODQwM2Nj
MzQxNDYwHhcNMjMwNDA2MDg1NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjMxMjM3ZTJmNWQxOWY2NTc0YzQyYzAxNzc5Mzc0Y2UyZjEwM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/7CTh+crSF/WBWN6EyJwBAaW4YC
xqvn6/HfK+8hbp1diI/Z1+VPH2HcarXclXPR1nocUYeTPFUbjVFw2y1xeEkYoroz
TMpMH9svQpmbi6WvsJ0lmbbPEZ7VB3e/8c3g9KM6GDmeWc5kRREKZ85dOArTyQDb
aNU4jEXwLGV/pu/tcZJ7W59EBlUNdLW3tJ5pGgY58VKmFuqotSHS358e1ndqNqnF
Qj3Z4cX5N2acUupHv8/GWXMFYaiSpzHiC9bSJ6kHITvfmZRlEFDrmd/sXn7yt76J
Xd0NMrtUHsZ/THLw42EOtpdu4NSO1XgF2RQihSPbQ2vs1VM4eMZzbegoHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD8xI34vXRn2V0xCwBd5N0zi8QPUMB8GA1UdIwQY
MBaAFHRF3e7fvXLTE+nujM7q6EA8w0FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMt
NmNhMzQwZmE3NDkzLzEvUHpFamZpOWRHZlpYVEVMQUYzazNUT0x4QTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMtNmNhMzQwZmE3NDkz
LzEvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5fAAwQC
WMrQAwQCWNScAwQBuQiEAwQAuQiHMA0GCSqGSIb3DQEBCwUAA4IBAQAJJ77IUHWv
nbW3CYBqGF5lMbounvpk1G/lhd9NiAIio4JBp+HZnshRCybzB7M/nTLCKEM1IDqw
wHxgUTSHxdh6bpHwdnUvUGEHd6ZSBv8EjMv/WzAlvhKmQCMx8NseOtZ0IzDsMIWN
YWPkL+g0IvUIoJTJpvCVV+11vBGLCtgQYirgbHTal5dFEJ4bUukIkE+KLhrY45ac
Du3uq833c4eYEgyx5F6P3jOTyD49vLBZap44fT2y+7Qk/1r7I5tQaHerc73IGGwk
5W7Zwcmoci/TP6EZuA34XW2n+stqn1+CThHClLQpIYkp9xc7rFy5hjMwrlYF82Ge
ihC81vAy6p1Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:41 2024 by rpki-client on console-ams.rpki-client.org