Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/PKHDjdIGuL8djQL8ItvJDyDV5Jo.roa
File: PKHDjdIGuL8djQL8ItvJDyDV5Jo.roa (raw, json)
Hash identifier: HWEQsu6Xk/GSGL5bFC2EmNQMhTostL3s1Sr1nzsCQR8=
Subject key identifier: 3C:A1:C3:8D:D2:06:B8:BF:1D:8D:02:FC:22:DB:C9:0F:20:D5:E4:9A
Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial: 018572559AAE3191F482AB9B4231873F7719
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/PKHDjdIGuL8djQL8ItvJDyDV5Jo.roa
Signing time: Mon 02 Jan 2023 11:54:50 +0000
ROA not before: Mon 02 Jan 2023 11:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 178.20.215.0/24 maxlen: 24
178.20.214.0/24 maxlen: 24
77.243.89.0/24 maxlen: 24
77.243.88.0/24 maxlen: 24
77.243.91.0/24 maxlen: 24
77.243.90.0/24 maxlen: 24
185.101.21.0/24 maxlen: 24
185.101.20.0/24 maxlen: 24
178.20.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 17:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:9a:ae:31:91:f4:82:ab:9b:42:31:87:3f:77:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
Validity
Not Before: Jan 2 11:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ca1c38dd206b8bf1d8d02fc22dbc90f20d5e49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:3e:b9:b0:13:be:78:84:3b:8c:cd:17:95:a6:
e4:9b:a0:39:64:00:39:34:c4:8e:44:f0:c1:50:25:
f1:75:29:ae:57:d3:b0:4d:43:f3:b1:7e:8e:20:fc:
5a:e2:4a:1a:aa:a0:e8:fc:96:35:57:56:10:52:4e:
12:ad:52:fb:59:01:a1:dd:6e:b7:92:61:75:29:b5:
11:6e:cf:df:d7:50:05:78:d4:36:2d:71:ba:8e:b1:
7c:7b:c2:7b:ac:71:81:32:28:53:cf:dc:00:73:aa:
f0:9d:e8:62:f8:b8:cc:03:68:85:5e:04:f6:95:6b:
65:6d:f8:3a:c5:64:24:14:8d:ed:3e:a3:29:ae:12:
e2:54:66:99:ef:c1:fd:c1:d1:54:3c:ff:79:53:89:
42:2a:02:ec:29:37:d6:3a:c1:40:e5:36:33:5f:59:
75:45:2e:f9:be:e9:16:4c:49:73:e0:07:73:89:75:
63:0a:b1:ef:45:86:63:c4:98:d0:c2:f4:fe:07:b7:
09:a0:ac:b9:29:de:89:df:54:5c:ec:eb:f1:b1:1a:
f4:5f:71:f6:7b:8f:99:28:e5:07:48:ff:1d:49:c0:
6e:38:41:cc:a5:6e:f5:94:78:df:06:70:0d:92:8d:
40:97:84:fe:01:98:d1:71:0d:bf:47:9b:e4:46:1f:
97:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A1:C3:8D:D2:06:B8:BF:1D:8D:02:FC:22:DB:C9:0F:20:D5:E4:9A
X509v3 Authority Key Identifier:
keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/PKHDjdIGuL8djQL8ItvJDyDV5Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.88.0/22
178.20.213.0-178.20.215.255
185.101.20.0/23
Signature Algorithm: sha256WithRSAEncryption
81:a5:ec:2f:5b:84:cb:43:bc:23:bf:ee:d2:9e:42:ea:64:b3:
c2:f6:44:ff:75:c2:16:cf:f3:2e:e0:db:f9:80:67:00:ef:e3:
50:f8:fc:59:4c:09:38:ef:ed:8d:57:82:76:08:45:67:59:53:
af:ac:9c:29:6c:74:56:1b:c9:1a:a7:c4:92:21:de:05:d7:20:
89:28:ea:cb:61:61:99:e0:4d:98:9f:39:fe:32:8f:ab:9a:f0:
0b:56:03:9b:42:06:d6:b4:05:70:0d:34:39:09:c1:04:10:7e:
29:35:ef:14:a5:3b:61:bf:23:4f:7a:37:78:52:87:bd:5e:d8:
d7:11:80:dd:f7:6f:89:ab:d7:bb:f3:98:b0:95:be:11:86:67:
ef:d1:25:f9:6a:e8:a2:b2:d5:ba:f2:31:f9:61:fe:d6:65:4b:
59:2d:35:23:6f:b3:1b:42:28:fd:2e:7c:02:9e:b9:25:2e:08:
59:c3:2f:5b:1f:60:1f:a5:81:27:9d:14:d0:6d:e4:a2:a5:7f:
fb:6d:7c:e1:a3:26:74:97:e5:05:e9:72:35:68:07:d4:f8:32:
be:75:d4:30:53:0b:00:ba:99:c9:f6:3f:4d:34:53:1b:7d:97:
b0:cb:af:26:4d:6b:66:61:e3:43:d7:79:9d:02:34:60:06:b4:
2e:66:c3:e0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVyVZquMZH0gqubQjGHP3cZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjMwMTAyMTE1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ExYzM4ZGQyMDZiOGJmMWQ4ZDAyZmMyMmRiYzkwZjIwZDVlNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9D65sBO+eIQ7jM0Xlabkm6A5ZAA5
NMSORPDBUCXxdSmuV9OwTUPzsX6OIPxa4koaqqDo/JY1V1YQUk4SrVL7WQGh3W63
kmF1KbURbs/f11AFeNQ2LXG6jrF8e8J7rHGBMihTz9wAc6rwnehi+LjMA2iFXgT2
lWtlbfg6xWQkFI3tPqMprhLiVGaZ78H9wdFUPP95U4lCKgLsKTfWOsFA5TYzX1l1
RS75vukWTElz4AdziXVjCrHvRYZjxJjQwvT+B7cJoKy5Kd6J31Rc7OvxsRr0X3H2
e4+ZKOUHSP8dScBuOEHMpW71lHjfBnANko1Al4T+AZjRcQ2/R5vkRh+XRwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDyhw43SBri/HY0C/CLbyQ8g1eSaMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvUEtIRGpkSUd1TDhkalFMOEl0dkpEeURWNUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTfNYMAwD
BACyFNUDBAOyFNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBAIGl7C9bhMtDvCO/
7tKeQupks8L2RP91whbP8y7g2/mAZwDv41D4/FlMCTjv7Y1XgnYIRWdZU6+snCls
dFYbyRqnxJIh3gXXIIko6sthYZngTZifOf4yj6ua8AtWA5tCBta0BXANNDkJwQQQ
fik17xSlO2G/I096N3hSh71e2NcRgN33b4mr17vzmLCVvhGGZ+/RJflq6KKy1bry
Mflh/tZlS1ktNSNvsxtCKP0ufAKeuSUuCFnDL1sfYB+lgSedFNBt5KKlf/ttfOGj
JnSX5QXpcjVoB9T4Mr511DBTCwC6mcn2P000Uxt9l7DLryZNa2Zh40PXeZ0CNGAG
tC5mw+A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:57 2024 by rpki-client on console-ams.rpki-client.org