Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/PwzCDysejwd0lwfr_Z51mG7_4Zs.roa
File: PwzCDysejwd0lwfr_Z51mG7_4Zs.roa (raw, json)
Hash identifier: 2aaOzz8n22VT9jsMpFF6Q01erE7K7YZ80Oq0Bow43Y4=
Subject key identifier: 3F:0C:C2:0F:2B:1E:8F:07:74:97:07:EB:FD:9E:75:98:6E:FF:E1:9B
Certificate issuer: /CN=de51c3c5ddc4fb61381c3bea24c1ba4f74998eab
Certificate serial: 018CC8010F19DB4A2881A1B59DB9B581EBA6
Authority key identifier: DE:51:C3:C5:DD:C4:FB:61:38:1C:3B:EA:24:C1:BA:4F:74:99:8E:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3lHDxd3E-2E4HDvqJMG6T3SZjqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/PwzCDysejwd0lwfr_Z51mG7_4Zs.roa
Signing time: Tue 02 Jan 2024 02:29:21 +0000
ROA not before: Tue 02 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200773
IP address blocks: 185.71.200.0/22 maxlen: 24
194.38.44.0/22 maxlen: 24
185.242.96.0/22 maxlen: 24
188.247.136.0/21 maxlen: 24
89.38.176.0/21 maxlen: 24
188.247.144.0/20 maxlen: 24
2a03:3ba0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0f:19:db:4a:28:81:a1:b5:9d:b9:b5:81:eb:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de51c3c5ddc4fb61381c3bea24c1ba4f74998eab
Validity
Not Before: Jan 2 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f0cc20f2b1e8f07749707ebfd9e75986effe19b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:42:85:11:5b:0b:d2:f2:69:0d:68:1a:44:f6:
0e:56:7a:0f:9a:4a:44:d4:6d:31:b9:a4:e8:af:e7:
cd:01:c3:34:57:06:3f:a9:68:ca:e9:1d:5d:d9:0d:
5a:8d:45:e6:41:95:49:1f:c0:c4:f5:ce:8f:81:ac:
42:d2:54:10:3a:0f:db:70:17:f1:1e:a6:7a:7f:5f:
c1:bf:1e:f3:60:01:35:87:8c:7d:f8:6e:49:02:6a:
80:ec:e4:0b:d1:19:e2:7e:38:f2:15:e4:5c:d7:0f:
1a:1a:cc:d2:0b:23:eb:9c:3e:53:c6:cf:38:ed:5c:
5b:53:ac:65:90:5f:61:92:f8:07:9e:e0:34:52:c6:
c5:55:a0:28:6f:05:bf:07:c8:86:38:b3:63:de:01:
29:9c:c6:7c:a6:79:58:f1:23:10:e8:39:e6:b7:86:
72:bf:c0:84:c9:fa:e0:bc:36:67:5f:89:f8:3d:4a:
13:40:c3:f0:1a:c8:06:04:02:40:8a:0a:df:b2:ab:
d3:67:fc:91:3d:9c:cb:e1:d2:0d:7a:62:9f:cc:1d:
12:61:79:2f:dd:a3:4d:b6:07:45:77:01:87:bd:ee:
11:51:fd:6c:c8:4e:48:f7:b7:28:b0:53:9e:d1:7e:
b3:32:d1:8d:07:a0:e0:c4:2a:c5:6e:f7:c3:27:64:
bf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0C:C2:0F:2B:1E:8F:07:74:97:07:EB:FD:9E:75:98:6E:FF:E1:9B
X509v3 Authority Key Identifier:
keyid:DE:51:C3:C5:DD:C4:FB:61:38:1C:3B:EA:24:C1:BA:4F:74:99:8E:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3lHDxd3E-2E4HDvqJMG6T3SZjqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/PwzCDysejwd0lwfr_Z51mG7_4Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6de65e-04bd-4346-85b1-a5325d441702/1/3lHDxd3E-2E4HDvqJMG6T3SZjqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.176.0/21
185.71.200.0/22
185.242.96.0/22
188.247.136.0-188.247.159.255
194.38.44.0/22
IPv6:
2a03:3ba0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:2a:0b:9e:2d:a4:20:87:b7:54:46:34:b2:2a:07:6a:fb:6e:
9d:e9:8c:7a:d0:f7:4b:c7:58:19:28:40:50:9d:25:d4:da:04:
37:9d:f5:dc:c0:e2:64:af:e8:c4:7f:45:1c:17:62:4f:81:ce:
be:e3:bf:9a:9a:82:bf:a4:bc:5c:f5:6c:81:b0:54:ee:68:2a:
f7:1a:ed:f3:13:ae:b9:65:fc:54:03:51:e1:29:f9:12:d4:4e:
38:71:85:31:49:1d:25:75:41:24:ba:5b:48:21:dc:bd:68:68:
c0:ad:a7:bb:b2:0f:d6:75:f7:ee:9f:db:aa:a7:58:3e:ef:f2:
f6:35:3b:f8:16:42:02:e4:24:80:a9:80:70:48:ca:01:de:45:
a3:b4:12:5b:7e:c2:74:09:ad:24:17:53:27:52:13:eb:03:3b:
28:36:2a:be:52:e7:9c:d1:a9:48:dc:05:a9:80:72:fd:15:93:
24:8d:61:69:a4:71:8e:e3:b6:ba:2f:10:97:52:ab:aa:23:de:
1e:f0:c7:3e:85:83:f4:8d:3a:38:11:88:e5:c9:93:2e:52:0b:
d3:88:8f:c1:52:83:25:82:f0:33:d3:6e:fe:81:55:e9:02:05:
04:7e:95:d4:7e:15:2e:e1:3f:47:6c:06:f7:e0:ce:bb:e4:81:
2f:0d:8c:9d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzIAQ8Z20oogaG1nbm1geumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNTFjM2M1ZGRjNGZiNjEzODFjM2JlYTI0YzFiYTRmNzQ5
OThlYWIwHhcNMjQwMTAyMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBjYzIwZjJiMWU4ZjA3NzQ5NzA3ZWJmZDllNzU5ODZlZmZlMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkKFEVsL0vJpDWgaRPYOVnoPmkpE
1G0xuaTor+fNAcM0VwY/qWjK6R1d2Q1ajUXmQZVJH8DE9c6PgaxC0lQQOg/bcBfx
HqZ6f1/Bvx7zYAE1h4x9+G5JAmqA7OQL0RnifjjyFeRc1w8aGszSCyPrnD5Txs84
7VxbU6xlkF9hkvgHnuA0UsbFVaAobwW/B8iGOLNj3gEpnMZ8pnlY8SMQ6Dnmt4Zy
v8CEyfrgvDZnX4n4PUoTQMPwGsgGBAJAigrfsqvTZ/yRPZzL4dINemKfzB0SYXkv
3aNNtgdFdwGHve4RUf1syE5I97cosFOe0X6zMtGNB6DgxCrFbvfDJ2S/TwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFD8Mwg8rHo8HdJcH6/2edZhu/+GbMB8GA1UdIwQY
MBaAFN5Rw8XdxPthOBw76iTBuk90mY6rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2xIRHhkM0UtMkU0SER2cUpNRzZUM1NaanFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82ZGU2NWUtMDRiZC00MzQ2LTg1YjEt
YTUzMjVkNDQxNzAyLzEvUHd6Q0R5c2Vqd2QwbHdmcl9aNTFtRzdfNFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82ZGU2NWUtMDRiZC00MzQ2LTg1YjEtYTUzMjVkNDQxNzAy
LzEvM2xIRHhkM0UtMkU0SER2cUpNRzZUM1NaanFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDWSawAwQC
uUfIAwQCufJgMAwDBAO894gDBAW894ADBALCJiwwDQQCAAIwBwMFACoDO6AwDQYJ
KoZIhvcNAQELBQADggEBAF8qC54tpCCHt1RGNLIqB2r7bp3pjHrQ90vHWBkoQFCd
JdTaBDed9dzA4mSv6MR/RRwXYk+Bzr7jv5qagr+kvFz1bIGwVO5oKvca7fMTrrll
/FQDUeEp+RLUTjhxhTFJHSV1QSS6W0gh3L1oaMCtp7uyD9Z19+6f26qnWD7v8vY1
O/gWQgLkJICpgHBIygHeRaO0Elt+wnQJrSQXUydSE+sDOyg2Kr5S55zRqUjcBamA
cv0VkySNYWmkcY7jtrovEJdSq6oj3h7wxz6Fg/SNOjgRiOXJky5SC9OIj8FSgyWC
8DPTbv6BVekCBQR+ldR+FS7hP0dsBvfgzrvkgS8NjJ0=
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:02:43 2025 by rpki-client