Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Pon1okJH3DurIsZsL2h_9_I1g_s.roa
File: Pon1okJH3DurIsZsL2h_9_I1g_s.roa (raw, json)
Hash identifier: e2oAnnI1urLSGYngUSSrphy/KPNti5RKMotgbpMxl24=
Subject key identifier: 3E:89:F5:A2:42:47:DC:3B:AB:22:C6:6C:2F:68:7F:F7:F2:35:83:FB
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018CC26CF52EFBC6082B3C86F2B2317462A7
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Pon1okJH3DurIsZsL2h_9_I1g_s.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
185.83.132.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
37.122.219.0/24 maxlen: 24
89.40.84.0/22 maxlen: 24
194.156.72.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
91.242.148.0/22 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
2a09:eac0::/29 maxlen: 29
2a05:9b00::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
2a02:5fc0::/32 maxlen: 48
2a05:a800::/29 maxlen: 29
2a02:5dc0::/32 maxlen: 32
2a06:3c00::/29 maxlen: 29
2a03:440::/32 maxlen: 32
2a0a:1280::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:37:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f5:2e:fb:c6:08:2b:3c:86:f2:b2:31:74:62:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e89f5a24247dc3bab22c66c2f687ff7f23583fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:83:54:67:88:9b:18:9f:93:73:3e:9b:72:17:
fa:9d:7f:50:8c:a0:b3:dc:77:6a:f1:34:5f:2b:2d:
57:7a:ea:4a:c7:13:aa:c3:1f:24:cb:2f:f2:30:ea:
b6:04:b8:2b:0e:48:9b:6e:bd:0a:7a:c4:38:83:ea:
5a:59:2a:80:f5:3f:9e:77:ee:67:63:b0:2c:a0:1b:
ca:47:1f:56:16:11:d8:a9:31:e7:93:d4:f6:72:18:
cb:32:3e:e6:4d:6c:f7:dd:06:a8:0a:c0:1f:ff:3c:
2b:fe:6d:2e:7b:8a:a7:c3:fc:61:5a:95:42:a5:e3:
6f:db:c4:39:41:07:13:e9:15:fb:55:2b:6e:2c:52:
58:0d:e8:64:12:36:a2:96:4b:86:24:e0:35:cb:17:
4c:fb:11:8b:76:8d:82:91:cd:cc:b0:dd:a2:ce:d1:
a7:47:6a:75:ba:30:b3:cf:1b:dc:22:b8:9a:bb:87:
ae:95:1a:fa:c9:71:ed:67:ef:a5:3e:22:4a:f0:16:
7c:dd:62:b7:d4:6d:6f:7d:e3:1e:31:ea:22:b2:15:
1f:c5:01:a2:74:60:6b:4a:f0:4a:ff:4e:14:53:90:
05:59:ae:b0:46:ec:14:72:b1:73:09:a3:81:fb:3d:
6d:c3:73:1c:9e:7f:09:62:15:3e:32:7c:6c:f0:cc:
67:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:89:F5:A2:42:47:DC:3B:AB:22:C6:6C:2F:68:7F:F7:F2:35:83:FB
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Pon1okJH3DurIsZsL2h_9_I1g_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
37.122.219.0/24
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
35:95:ea:0a:df:c0:60:20:d8:09:f2:96:aa:73:da:3a:bb:ee:
71:6c:2f:17:f0:30:94:e2:a0:b6:a5:dc:ae:70:6c:5a:57:77:
82:79:38:bb:0f:3b:d7:7e:e0:b4:45:22:34:e1:71:60:04:92:
54:10:f0:2b:86:2e:b3:fb:18:7f:b6:3c:02:6d:33:fb:06:68:
83:7c:7b:d3:b1:11:f1:b2:7a:63:0c:e1:06:e1:f9:25:c0:9f:
66:4e:a1:70:d4:ab:ff:0f:a4:7c:80:fc:cc:97:3a:47:82:8b:
1f:00:94:df:14:cb:8d:9f:a6:9f:32:38:6d:e6:58:31:51:ea:
45:f0:ae:9f:e8:ed:d9:fd:fc:81:e2:65:45:23:53:93:88:ae:
16:09:99:aa:65:a3:16:67:46:84:07:9d:c1:37:03:85:e8:ef:
15:16:ca:d0:ff:c4:19:fe:d2:18:12:96:c9:ab:51:06:20:ab:
dd:ed:6f:b2:aa:4d:fe:f2:3c:06:bd:b6:9f:15:dd:22:d4:15:
fc:b8:fb:d7:f2:f5:f8:1d:24:e2:f2:80:be:b9:0c:32:9b:91:
a8:06:68:1f:eb:77:e6:5f:ae:c7:a0:7e:31:27:f8:e3:fb:ce:
c0:a0:b3:46:c0:cb:90:ac:c0:54:dd:75:40:d3:44:5e:cd:c5:
14:0f:55:80
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAYzCbPUu+8YIKzyG8rIxdGKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTg5ZjVhMjQyNDdkYzNiYWIyMmM2NmMyZjY4N2ZmN2YyMzU4M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYNUZ4ibGJ+Tcz6bchf6nX9QjKCz
3Hdq8TRfKy1XeupKxxOqwx8kyy/yMOq2BLgrDkibbr0KesQ4g+paWSqA9T+ed+5n
Y7AsoBvKRx9WFhHYqTHnk9T2chjLMj7mTWz33QaoCsAf/zwr/m0ue4qnw/xhWpVC
peNv28Q5QQcT6RX7VStuLFJYDehkEjailkuGJOA1yxdM+xGLdo2Ckc3MsN2iztGn
R2p1ujCzzxvcIriau4eulRr6yXHtZ++lPiJK8BZ83WK31G1vfeMeMeoishUfxQGi
dGBrSvBK/04UU5AFWa6wRuwUcrFzCaOB+z1tw3Mcnn8JYhU+Mnxs8MxnFwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFD6J9aJCR9w7qyLGbC9of/fyNYP7MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvUG9uMW9rSkgzRHVySXNac0wyaF85X0kxZ19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBiQQCAAEwgYIDBAMf
GbADBAAletsDBAMuHKADBAJZKFQDBAJb8pQDBANt6xADBAWwOEADBAK5BCADBAK5
BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAK5mRADBAK5sGgwDAMEALnN/QMEALnN/gME
ArnkfAMEArnvoDAMAwQBwfaaAwQBwfacAwQCwpxIMEUEAgACMD8DBQAqAl3AAwUA
KgJfwAMFACoDBEADBQMqBZsAAwUDKgWoAAMFAyoGPAADBQMqCerAAwUDKgoSgAMF
AyoLDEAwDQYJKoZIhvcNAQELBQADggEBADWV6grfwGAg2Anylqpz2jq77nFsLxfw
MJTioLal3K5wbFpXd4J5OLsPO9d+4LRFIjThcWAEklQQ8CuGLrP7GH+2PAJtM/sG
aIN8e9OxEfGyemMM4Qbh+SXAn2ZOoXDUq/8PpHyA/MyXOkeCix8AlN8Uy42fpp8y
OG3mWDFR6kXwrp/o7dn9/IHiZUUjU5OIrhYJmaploxZnRoQHncE3A4Xo7xUWytD/
xBn+0hgSlsmrUQYgq93tb7KqTf7yPAa9tp8V3SLUFfy4+9fy9fgdJOLygL65DDKb
kagGaB/rd+ZfrsegfjEn+OP7zsCgs0bAy5CswFTddUDTRF7NxRQPVYA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org