Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/PnXEFKENdtbq5p28wmOuASnV_ZA.roa
File: PnXEFKENdtbq5p28wmOuASnV_ZA.roa (raw, json)
Hash identifier: aFraTbghFIAaD6K1msVGZNwZPBRPRF42GDIy4tiCCUM=
Subject key identifier: 3E:75:C4:14:A1:0D:76:D6:EA:E6:9D:BC:C2:63:AE:01:29:D5:FD:90
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 018BA8FA952E7410BD91C97F81FB8E49EA0F
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/PnXEFKENdtbq5p28wmOuASnV_ZA.roa
Signing time: Tue 07 Nov 2023 08:51:16 +0000
ROA not before: Tue 07 Nov 2023 08:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43647
IP address blocks: 82.148.0.0/21 maxlen: 24
185.76.12.0/22 maxlen: 22
89.232.184.0/22 maxlen: 24
213.232.225.0/24 maxlen: 24
213.232.245.0/24 maxlen: 24
185.228.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 24 Nov 2023 13:15:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:fa:95:2e:74:10:bd:91:c9:7f:81:fb:8e:49:ea:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Nov 7 08:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e75c414a10d76d6eae69dbcc263ae0129d5fd90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:93:84:f1:b2:a4:d5:02:96:05:b1:c2:56:2a:
68:dd:45:0e:d3:94:81:52:40:2e:6f:f1:9b:b8:71:
ba:09:be:13:ed:cf:de:e5:7f:61:28:e1:80:c0:64:
7c:2a:61:19:2a:fb:3d:6a:7f:15:29:7a:29:69:92:
6b:11:6f:11:19:9c:3d:31:17:f6:e2:a0:a2:5c:e1:
75:36:18:54:f8:6d:93:78:8f:9d:a9:f8:d3:bf:f0:
c7:4d:c3:85:62:07:82:ab:21:76:af:3d:4c:13:2e:
0b:de:64:f9:83:6f:da:11:3b:88:1f:db:f5:61:49:
72:8a:86:a8:41:02:65:fd:74:a8:1a:00:7a:5a:e4:
18:91:ec:36:9f:50:eb:4a:c0:d7:38:37:9a:fb:df:
b1:ba:57:c3:5f:6a:7f:be:5c:95:2d:45:2b:81:7c:
44:5e:c1:36:b9:4a:40:ef:07:c7:22:df:aa:3a:a5:
1b:cb:d8:c7:b4:d6:62:c3:e3:e2:20:fb:bf:8b:7e:
4d:03:96:c0:7f:ff:f8:2c:a1:e9:e1:91:ec:01:03:
a9:9b:38:ea:3e:79:89:98:16:40:68:29:dd:f0:6d:
7a:11:b8:bf:f4:83:c7:2f:b6:4f:ce:7b:42:66:ad:
c3:22:34:d3:ce:0c:6b:27:fe:ad:26:b2:d3:23:29:
90:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:75:C4:14:A1:0D:76:D6:EA:E6:9D:BC:C2:63:AE:01:29:D5:FD:90
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/PnXEFKENdtbq5p28wmOuASnV_ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.0.0/21
89.232.184.0/22
185.76.12.0/22
185.228.88.0/22
213.232.225.0/24
213.232.245.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c7:59:72:ea:da:3b:c7:68:e7:6a:1f:e8:b6:15:25:73:80:
c1:8f:71:88:f6:aa:d2:9a:e5:db:cb:9b:ac:c3:2d:ae:ab:0a:
77:3b:ea:68:a0:1f:82:42:c6:46:3c:d5:4e:b9:7a:23:18:c4:
e6:d8:45:e1:cf:38:b4:3d:f1:cd:de:76:85:c6:0a:ff:c3:83:
e1:dc:69:d1:92:3b:e8:1e:88:f2:40:aa:19:3d:d1:98:59:08:
a6:03:00:8f:8b:bf:23:71:7b:2e:0c:09:b1:c1:3f:e7:be:c9:
97:04:51:5f:b7:3e:66:8e:78:18:52:d7:53:ff:52:66:c3:31:
81:3b:39:f0:a0:91:c3:8b:77:a7:03:61:2d:ae:ae:87:aa:a4:
a3:ab:da:c3:1a:27:74:50:ea:d2:83:46:04:e6:13:27:bc:58:
56:d6:cc:56:53:a0:cd:c4:8d:4a:05:00:df:1a:89:cd:f2:83:
ee:65:fe:cf:62:83:33:7c:c7:aa:cf:bd:4b:f9:83:ea:cd:b2:
07:88:4b:0a:08:12:6a:a6:07:4d:fd:f6:f8:42:5b:13:3d:97:
c9:87:cd:8d:64:34:9c:93:7e:fa:58:91:3b:64:9a:c4:d5:e6:
7e:ab:32:99:4f:24:db:d9:fc:c6:77:f6:ee:5b:ab:cd:63:10:
4e:29:3c:bd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuo+pUudBC9kcl/gfuOSeoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjMxMTA3MDg1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc1YzQxNGExMGQ3NmQ2ZWFlNjlkYmNjMjYzYWUwMTI5ZDVmZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15OE8bKk1QKWBbHCVipo3UUO05SB
UkAub/GbuHG6Cb4T7c/e5X9hKOGAwGR8KmEZKvs9an8VKXopaZJrEW8RGZw9MRf2
4qCiXOF1NhhU+G2TeI+dqfjTv/DHTcOFYgeCqyF2rz1MEy4L3mT5g2/aETuIH9v1
YUlyioaoQQJl/XSoGgB6WuQYkew2n1DrSsDXODea+9+xulfDX2p/vlyVLUUrgXxE
XsE2uUpA7wfHIt+qOqUby9jHtNZiw+PiIPu/i35NA5bAf//4LKHp4ZHsAQOpmzjq
PnmJmBZAaCnd8G16Ebi/9IPHL7ZPzntCZq3DIjTTzgxrJ/6tJrLTIymQEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD51xBShDXbW6uadvMJjrgEp1f2QMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvUG5YRUZLRU5kdGJxNXAyOHdtT3VBU25WX1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDUpQAAwQC
Wei4AwQCuUwMAwQCueRYAwQA1ejhAwQA1ej1MA0GCSqGSIb3DQEBCwUAA4IBAQAn
x1ly6to7x2jnah/othUlc4DBj3GI9qrSmuXby5uswy2uqwp3O+pooB+CQsZGPNVO
uXojGMTm2EXhzzi0PfHN3naFxgr/w4Ph3GnRkjvoHojyQKoZPdGYWQimAwCPi78j
cXsuDAmxwT/nvsmXBFFftz5mjngYUtdT/1JmwzGBOznwoJHDi3enA2Etrq6HqqSj
q9rDGid0UOrSg0YE5hMnvFhW1sxWU6DNxI1KBQDfGonN8oPuZf7PYoMzfMeqz71L
+YPqzbIHiEsKCBJqpgdN/fb4QlsTPZfJh82NZDSck376WJE7ZJrE1eZ+qzKZTyTb
2fzGd/buW6vNYxBOKTy9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:36 2024 by rpki-client on console-fra.rpki-client.org