Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/PGLUZIl325xZJpjOt3dGzmb5c7o.roa
File: PGLUZIl325xZJpjOt3dGzmb5c7o.roa (raw, json)
Hash identifier: rvveefemCl1VUYv0oahpNhq8dZnQHWiWozmGC9vdTg4=
Subject key identifier: 3C:62:D4:64:89:77:DB:9C:59:26:98:CE:B7:77:46:CE:66:F9:73:BA
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018C5280C880158BFF456FC4455607A9F9F7
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/PGLUZIl325xZJpjOt3dGzmb5c7o.roa
Signing time: Sun 10 Dec 2023 06:53:40 +0000
ROA not before: Sun 10 Dec 2023 06:53:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49556
IP address blocks: 185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:80:c8:80:15:8b:ff:45:6f:c4:45:56:07:a9:f9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Dec 10 06:53:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c62d4648977db9c592698ceb77746ce66f973ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b7:e7:5e:21:e4:cb:f4:32:25:67:87:f8:02:
7d:7e:b9:7c:15:20:7a:66:0a:ee:13:64:ce:71:91:
8a:ec:e8:0a:50:70:e3:70:10:a8:d6:c8:36:3d:fe:
0f:c0:9d:34:3a:f4:af:d8:53:02:34:23:61:d2:1f:
cc:7b:60:83:55:20:96:7d:c5:19:f6:41:23:c2:fd:
2a:1c:11:b8:b9:19:87:93:e1:df:6b:b4:89:0e:1a:
6b:85:ba:90:e6:05:6a:43:3a:78:e5:25:ae:27:dc:
23:6b:ca:93:2f:15:78:12:ff:7f:d5:c9:cd:2c:90:
44:01:24:65:c3:13:07:d2:96:5f:80:b4:12:37:5a:
80:07:4d:9a:ef:fc:29:8a:08:10:cb:3c:5f:31:25:
50:6e:b6:61:07:1c:11:09:ba:ba:05:0e:7a:dc:02:
f0:b7:37:9d:94:31:74:0a:45:b8:10:08:db:69:77:
a3:a3:76:c8:21:40:ea:c9:1d:b3:a8:4b:29:2c:f7:
d4:13:fa:42:a9:b6:3c:f9:43:2f:46:90:c4:91:5a:
33:25:dd:ce:c4:ed:05:13:9d:d4:89:8f:b2:d1:2e:
f9:30:1d:c1:89:63:4e:7d:ec:fd:bd:a0:6d:86:90:
68:cb:76:27:63:72:55:82:c2:cb:4a:d0:0c:d7:f0:
9d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:62:D4:64:89:77:DB:9C:59:26:98:CE:B7:77:46:CE:66:F9:73:BA
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/PGLUZIl325xZJpjOt3dGzmb5c7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
185.239.0.0/24
185.239.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:5a:d2:b8:48:48:35:5e:48:54:78:e5:0d:a1:39:70:22:6c:
14:8c:1d:e9:fc:98:2e:99:af:38:67:fb:da:cb:55:1d:43:5b:
ee:a4:5b:84:95:d6:21:89:f7:a1:6e:ee:91:dd:c4:ab:c7:5e:
8e:bd:94:9d:7d:9d:e8:87:dd:2d:79:4d:e1:41:00:f5:4d:b9:
64:d0:d1:fd:34:70:0b:bc:02:05:28:49:c6:57:90:5a:1f:6f:
72:69:25:23:95:37:2d:48:5a:65:7d:14:69:bf:6d:05:d2:8f:
ba:f0:3c:43:49:93:30:b1:fe:cb:93:bb:59:af:69:cc:29:e5:
b9:fe:e3:5f:93:ca:a3:3a:f3:d3:67:e1:9a:56:b0:04:64:d4:
c6:85:85:c5:54:bf:34:82:dd:99:ee:11:7c:36:b3:08:5a:5e:
68:8e:e8:ea:f6:07:e8:e1:1f:3b:8e:cc:61:02:fd:79:ea:ce:
3f:e1:aa:df:36:c7:8e:90:0f:96:04:30:cc:00:42:0a:9b:12:
9b:4d:66:d1:1d:71:75:37:f5:ee:ff:62:e6:8b:2a:da:a6:0a:
4c:9f:7b:4b:cd:57:48:db:7a:8d:31:37:f4:63:51:38:1c:e1:
a5:f1:18:1e:4f:f7:53:2b:16:e3:eb:e4:47:7c:81:b5:92:71:
93:37:1d:fa
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxSgMiAFYv/RW/ERVYHqfn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMjEwMDY1MzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzYyZDQ2NDg5NzdkYjljNTkyNjk4Y2ViNzc3NDZjZTY2Zjk3M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLfnXiHky/QyJWeH+AJ9frl8FSB6
ZgruE2TOcZGK7OgKUHDjcBCo1sg2Pf4PwJ00OvSv2FMCNCNh0h/Me2CDVSCWfcUZ
9kEjwv0qHBG4uRmHk+Hfa7SJDhprhbqQ5gVqQzp45SWuJ9wja8qTLxV4Ev9/1cnN
LJBEASRlwxMH0pZfgLQSN1qAB02a7/wpiggQyzxfMSVQbrZhBxwRCbq6BQ563ALw
tzedlDF0CkW4EAjbaXejo3bIIUDqyR2zqEspLPfUE/pCqbY8+UMvRpDEkVozJd3O
xO0FE53UiY+y0S75MB3BiWNOfez9vaBthpBoy3YnY3JVgsLLStAM1/CdjwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDxi1GSJd9ucWSaYzrd3Rs5m+XO6MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvUEdMVVpJbDMyNXhaSnBqT3QzZEd6bWI1YzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZ8xAwQA
BZ82AwQALV7VAwQAue8AAwQAue8CMA0GCSqGSIb3DQEBCwUAA4IBAQB6WtK4SEg1
XkhUeOUNoTlwImwUjB3p/Jguma84Z/vay1UdQ1vupFuEldYhifehbu6R3cSrx16O
vZSdfZ3oh90teU3hQQD1Tblk0NH9NHALvAIFKEnGV5BaH29yaSUjlTctSFplfRRp
v20F0o+68DxDSZMwsf7Lk7tZr2nMKeW5/uNfk8qjOvPTZ+GaVrAEZNTGhYXFVL80
gt2Z7hF8NrMIWl5ojujq9gfo4R87jsxhAv156s4/4arfNseOkA+WBDDMAEIKmxKb
TWbRHXF1N/Xu/2LmiyrapgpMn3tLzVdI23qNMTf0Y1E4HOGl8RgeT/dTKxbj6+RH
fIG1knGTNx36
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org