Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/pVGn-d7qAVBJBko73fLlqvtDASo.roa
File: pVGn-d7qAVBJBko73fLlqvtDASo.roa (raw, json)
Hash identifier: cyI8EYwKok8VVu79lpyJ3S19NDly3MCUkKYtk/DPl/A=
Subject key identifier: A5:51:A7:F9:DE:EA:01:50:49:06:4A:3B:DD:F2:E5:AA:FB:43:01:2A
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018DC78AD187E7AB2CF525A569925E1930C2
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/pVGn-d7qAVBJBko73fLlqvtDASo.roa
Signing time: Tue 20 Feb 2024 17:23:00 +0000
ROA not before: Tue 20 Feb 2024 17:23:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 91.84.0.0/18 maxlen: 18
91.84.96.0/19 maxlen: 19
91.84.128.0/17 maxlen: 17
91.85.0.0/17 maxlen: 17
91.85.128.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
194.46.32.0/19 maxlen: 19
194.46.36.0/24 maxlen: 24
194.46.37.0/24 maxlen: 24
194.46.39.0/24 maxlen: 24
194.46.40.0/24 maxlen: 24
194.46.41.0/24 maxlen: 24
194.46.43.0/24 maxlen: 24
194.46.44.0/24 maxlen: 24
194.46.45.0/24 maxlen: 24
194.46.46.0/24 maxlen: 24
194.46.48.0/21 maxlen: 21
194.46.56.0/24 maxlen: 24
194.46.61.0/24 maxlen: 24
194.46.64.0/19 maxlen: 19
194.46.64.0/22 maxlen: 22
194.46.68.0/23 maxlen: 23
194.46.72.0/22 maxlen: 22
194.46.76.0/23 maxlen: 23
194.46.78.0/23 maxlen: 23
194.46.78.0/24 maxlen: 24
194.46.80.0/20 maxlen: 20
194.46.80.0/23 maxlen: 23
194.46.81.0/24 maxlen: 24
194.46.82.0/24 maxlen: 24
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.80.0/21 maxlen: 21
212.108.84.0/24 maxlen: 24
212.108.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:8a:d1:87:e7:ab:2c:f5:25:a5:69:92:5e:19:30:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Feb 20 17:23:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a551a7f9deea015049064a3bddf2e5aafb43012a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:6b:ee:e5:87:ef:a2:a4:c4:43:2a:8a:ee:
01:8d:ae:ab:92:10:1c:ff:8b:29:ad:24:30:2d:e3:
13:2b:07:5b:31:bf:37:01:06:23:d2:4e:4e:e5:64:
ba:34:38:4c:9f:7f:14:56:5f:56:11:2a:a6:ef:9b:
c0:5e:a1:34:c7:bc:26:1a:c1:c5:ff:c5:df:da:0c:
05:ce:d2:01:ce:ed:26:70:57:e0:ff:c4:bd:48:aa:
36:6a:e5:27:8e:71:bf:70:ef:6e:d3:87:8b:04:7d:
d9:6b:48:19:a8:54:41:c0:83:58:74:56:04:42:43:
09:9c:29:6a:91:21:f8:04:49:f3:f1:cc:dc:e8:1e:
52:dd:b0:30:0f:73:33:30:42:2a:36:a8:11:f6:63:
52:e7:e3:3a:60:57:78:a9:40:38:6a:64:9a:8b:72:
f2:2f:dd:0f:e8:c0:f4:a8:60:7e:1f:43:eb:ea:8b:
cc:33:43:53:98:e4:87:e4:03:1e:e5:e5:80:a8:0d:
1b:21:85:ad:ca:89:2d:e3:e2:84:7c:0d:25:9b:28:
1c:46:cf:da:36:39:69:88:4d:fd:c1:49:4e:e7:98:
72:54:9e:77:f3:a6:cc:3b:74:da:3c:36:4f:dd:80:
a4:67:14:f9:73:40:73:29:f8:7f:02:5c:3e:85:b7:
42:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:51:A7:F9:DE:EA:01:50:49:06:4A:3B:DD:F2:E5:AA:FB:43:01:2A
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/pVGn-d7qAVBJBko73fLlqvtDASo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/18
91.84.96.0-91.85.159.255
91.85.192.0/18
194.46.32.0-194.46.95.255
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.80.0-212.108.89.255
Signature Algorithm: sha256WithRSAEncryption
2c:96:79:c3:f8:13:eb:06:38:0a:4b:7d:d8:47:e8:4c:c7:b9:
36:b9:10:a9:9c:fd:ab:f8:e6:9c:7b:b3:f1:a2:44:36:ce:5a:
11:7d:30:fa:dc:8e:92:e7:01:01:06:a5:e8:59:7c:69:9a:63:
64:e0:68:3b:84:95:28:30:94:fc:6c:a0:4a:70:32:35:2d:fd:
bf:be:e2:64:4d:64:2d:7d:47:82:e8:be:a3:3e:5c:44:da:cb:
2c:8e:cd:b6:23:64:8e:c1:0c:a1:29:97:67:e2:f3:0e:88:ac:
38:ec:63:84:ae:ef:32:8d:94:0d:18:54:26:51:8b:3c:23:5b:
6a:03:45:50:7e:3c:6f:1f:7d:48:52:c1:a5:0f:b0:16:99:00:
21:9e:3b:3d:45:b7:f7:62:95:54:dc:f0:e1:ad:35:39:76:b2:
12:ce:b9:db:36:0a:da:b3:8c:c0:09:31:13:60:48:ca:86:af:
87:16:72:c5:e1:e8:07:3d:13:fd:74:1d:64:c8:1a:d5:91:c6:
d5:a0:8f:af:5c:8c:61:b2:0b:e3:b7:0d:1c:26:dc:d2:6f:0f:
29:50:0d:84:97:5d:8c:ee:84:01:9d:4c:ff:24:2d:44:4e:89:
ea:35:2e:06:54:eb:64:b5:f1:82:77:8c:8e:5d:3d:73:b1:b1:
8e:39:4b:11
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY3HitGH56ss9SWlaZJeGTDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMjIwMTcyMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTUxYTdmOWRlZWEwMTUwNDkwNjRhM2JkZGYyZTVhYWZiNDMwMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8pr7uWH76KkxEMqiu4Bja6rkhAc
/4sprSQwLeMTKwdbMb83AQYj0k5O5WS6NDhMn38UVl9WESqm75vAXqE0x7wmGsHF
/8Xf2gwFztIBzu0mcFfg/8S9SKo2auUnjnG/cO9u04eLBH3Za0gZqFRBwINYdFYE
QkMJnClqkSH4BEnz8czc6B5S3bAwD3MzMEIqNqgR9mNS5+M6YFd4qUA4amSai3Ly
L90P6MD0qGB+H0Pr6ovMM0NTmOSH5AMe5eWAqA0bIYWtyokt4+KEfA0lmygcRs/a
NjlpiE39wUlO55hyVJ5386bMO3TaPDZP3YCkZxT5c0BzKfh/Alw+hbdC4QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKVRp/ne6gFQSQZKO93y5ar7QwEqMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvcFZHbi1kN3FBVkJKQmtvNzNmTGxxdnREQVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEBltU
ADAMAwQFW1RgAwQFW1WAAwQGW1XAMAwDBAXCLiADBAXCLkAwDAMEANRogQMEANRo
ggMEANRohAMEANRoiAMEANRojzAMAwQA1GiVAwQA1GiWAwQA1GiYMAwDBADUaJsD
BADUaJwDBADUaJ8wDAMEBNRsUAMEAdRsWDANBgkqhkiG9w0BAQsFAAOCAQEALJZ5
w/gT6wY4Ckt92EfoTMe5NrkQqZz9q/jmnHuz8aJENs5aEX0w+tyOkucBAQal6Fl8
aZpjZOBoO4SVKDCU/GygSnAyNS39v77iZE1kLX1Hgui+oz5cRNrLLI7NtiNkjsEM
oSmXZ+LzDoisOOxjhK7vMo2UDRhUJlGLPCNbagNFUH48bx99SFLBpQ+wFpkAIZ47
PUW392KVVNzw4a01OXayEs652zYK2rOMwAkxE2BIyoavhxZyxeHoBz0T/XQdZMga
1ZHG1aCPr1yMYbIL47cNHCbc0m8PKVANhJddjO6EAZ1M/yQtRE6J6jUuBlTrZLXx
gneMjl09c7GxjjlLEQ==
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:36 2024 by rpki-client on console-ams.rpki-client.org