Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/1-PNBKHpHFOftcfc1MN98vUwhdxQ.roa
File: 1-PNBKHpHFOftcfc1MN98vUwhdxQ.roa (raw, json)
Hash identifier: D4RCkntbXqkaoQchlGhQWC959Teyc4Jo7FqHyNjbhyk=
Subject key identifier: F8:F3:41:28:7A:47:14:E7:ED:71:F7:35:30:DF:7C:BD:4C:21:77:14
Certificate issuer: /CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Certificate serial: 01860BF023B92EA02210359BBDCC788308B9
Authority key identifier: ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/1-PNBKHpHFOftcfc1MN98vUwhdxQ.roa
Signing time: Wed 01 Feb 2023 07:45:32 +0000
ROA not before: Wed 01 Feb 2023 07:45:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208498
IP address blocks: 178.19.68.0/24 maxlen: 24
109.71.30.0/24 maxlen: 24
46.253.119.0/24 maxlen: 24
82.149.236.0/24 maxlen: 24
83.141.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0b:f0:23:b9:2e:a0:22:10:35:9b:bd:cc:78:83:08:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Validity
Not Before: Feb 1 07:45:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8f341287a4714e7ed71f73530df7cbd4c217714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a8:b4:a9:0c:c2:cd:82:2f:a7:b7:61:2e:3b:
18:6a:b8:c6:c3:5a:22:aa:34:d0:0b:1f:a9:19:7e:
a4:f1:e4:b9:2c:46:f7:82:d2:44:32:0f:ed:98:46:
11:76:ee:a2:20:47:f6:2c:39:b8:7b:ed:7d:77:14:
e9:8f:8a:4b:56:60:e7:c0:7c:fc:1d:56:a4:7a:cf:
a3:a2:86:8e:25:37:27:49:8e:53:b2:31:b0:c2:e0:
a7:04:a3:03:40:1e:c0:ac:5e:39:b9:45:0f:ec:a3:
53:8b:42:e0:3c:66:00:14:13:b0:f0:be:c1:80:9e:
61:f1:d5:fe:ac:71:99:1b:28:f0:ee:2b:7e:90:e6:
85:66:95:de:86:00:e2:ef:04:79:ac:57:a4:8f:da:
a3:0c:af:44:aa:3c:c1:81:4d:61:49:a5:3e:0c:35:
71:97:1f:7c:60:b8:02:9b:3f:34:f8:a9:2e:9b:1a:
00:54:2f:4e:3e:c5:17:eb:76:26:87:89:11:bf:f8:
cc:c3:c1:fe:ab:f2:2d:2f:52:5e:d2:8c:4c:31:36:
ff:5a:04:57:a1:6d:5d:29:a4:0f:9a:4b:64:49:2b:
88:7c:94:ff:d0:8a:11:36:5a:45:6f:08:74:e6:d8:
41:12:65:ef:a7:85:2e:f2:a6:76:b5:45:96:5d:89:
20:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F3:41:28:7A:47:14:E7:ED:71:F7:35:30:DF:7C:BD:4C:21:77:14
X509v3 Authority Key Identifier:
keyid:ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/1-PNBKHpHFOftcfc1MN98vUwhdxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.119.0/24
82.149.236.0/24
83.141.30.0/24
109.71.30.0/24
178.19.68.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c2:f3:d3:e0:02:10:be:f9:70:61:e8:82:e2:67:45:7c:40:
1e:2a:38:8f:5f:fb:4f:c2:71:05:20:50:37:52:88:38:a2:af:
b4:a8:34:da:ef:9d:05:87:06:f3:db:c8:15:c4:f6:17:45:e6:
f4:ba:44:45:a8:a9:cd:dc:87:45:d3:4a:26:90:17:5f:49:f7:
dd:46:a3:2f:e0:02:91:14:5d:a7:3a:1e:c0:65:08:0e:99:7c:
15:f9:18:90:62:72:dd:d9:c4:05:4f:e6:f8:27:7d:2b:5c:81:
9d:04:12:11:6e:a7:08:5f:42:7b:1c:65:17:f4:fc:40:10:6e:
56:99:8b:46:ee:e4:a5:e0:4f:b4:10:ae:2a:45:0a:8d:9b:e9:
7a:14:39:8a:7d:f7:c6:60:9d:db:85:c4:7d:18:98:1e:12:8a:
a6:66:5e:b3:42:72:ff:97:cb:09:d0:76:70:3d:43:ca:ea:12:
7a:4f:73:f1:49:10:c2:e6:a5:6a:4a:96:02:e1:45:ed:f5:66:
6a:22:b0:73:29:7c:87:27:c6:b4:cc:8e:ba:5c:28:ad:32:a8:
30:4c:4d:35:b9:3e:46:57:07:eb:b9:ed:2d:4d:44:71:cf:30:
72:ef:73:15:ad:52:7b:3b:74:e8:63:e4:10:8c:f1:76:26:b8:
46:27:a2:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYYL8CO5LqAiEDWbvcx4gwi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhODJkYmM3ZDdlMjgxOGY5NjY4MGI2NmVmY2VkYjEw
ODc5NDcwHhcNMjMwMjAxMDc0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGYzNDEyODdhNDcxNGU3ZWQ3MWY3MzUzMGRmN2NiZDRjMjE3NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKi0qQzCzYIvp7dhLjsYarjGw1oi
qjTQCx+pGX6k8eS5LEb3gtJEMg/tmEYRdu6iIEf2LDm4e+19dxTpj4pLVmDnwHz8
HVakes+jooaOJTcnSY5TsjGwwuCnBKMDQB7ArF45uUUP7KNTi0LgPGYAFBOw8L7B
gJ5h8dX+rHGZGyjw7it+kOaFZpXehgDi7wR5rFekj9qjDK9EqjzBgU1hSaU+DDVx
lx98YLgCmz80+KkumxoAVC9OPsUX63Ymh4kRv/jMw8H+q/ItL1Je0oxMMTb/WgRX
oW1dKaQPmktkSSuIfJT/0IoRNlpFbwh05thBEmXvp4Uu8qZ2tUWWXYkgYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjzQSh6RxTn7XH3NTDffL1MIXcUMB8GA1UdIwQY
MBaAFO1tqC28fX4oGPlmgLZu/O2xCHlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAt
NTk5NTc3ODdiMDE1LzEvMS1QTkJLSHBIRk9mdGNmYzFNTjk4dlV3aGR4US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvMzU0OWZiLWUzYTMtNDEyNC1iM2IwLTU5OTU3Nzg3YjAx
NS8xLzdXMm9MYng5ZmlnWS1XYUF0bTc4N2JFSWVVYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC79dwME
AFKV7AMEAFONHgMEAG1HHgMEALITRDANBgkqhkiG9w0BAQsFAAOCAQEAUsLz0+AC
EL75cGHoguJnRXxAHio4j1/7T8JxBSBQN1KIOKKvtKg02u+dBYcG89vIFcT2F0Xm
9LpERaipzdyHRdNKJpAXX0n33UajL+ACkRRdpzoewGUIDpl8FfkYkGJy3dnEBU/m
+Cd9K1yBnQQSEW6nCF9CexxlF/T8QBBuVpmLRu7kpeBPtBCuKkUKjZvpehQ5in33
xmCd24XEfRiYHhKKpmZes0Jy/5fLCdB2cD1DyuoSek9z8UkQwualakqWAuFF7fVm
aiKwcyl8hyfGtMyOulworTKoMExNNbk+RlcH67ntLU1Ecc8wcu9zFa1Sezt06GPk
EIzxdia4Riei5Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org