Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/pn2ppEJMt3pbt8UA0aFzeU82PBI.roa
File: pn2ppEJMt3pbt8UA0aFzeU82PBI.roa (raw, json)
Hash identifier: M/zpncAgHTcOgMlypR55WRYOT2GmBeyl0K45K/M8dFQ=
Subject key identifier: A6:7D:A9:A4:42:4C:B7:7A:5B:B7:C5:00:D1:A1:73:79:4F:36:3C:12
Certificate issuer: /CN=19622650048107918adf1b22cdf087c8a834f79c
Certificate serial: 018BBD8B7CC0E0EFF605DD606DF7B8BECCC1
Authority key identifier: 19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/pn2ppEJMt3pbt8UA0aFzeU82PBI.roa
Signing time: Sat 11 Nov 2023 08:41:57 +0000
ROA not before: Sat 11 Nov 2023 08:41:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206170
IP address blocks: 185.132.127.0/24 maxlen: 24
86.106.25.0/24 maxlen: 24
195.85.54.0/24 maxlen: 24
86.107.103.0/24 maxlen: 24
109.205.246.0/24 maxlen: 24
188.66.60.0/22 maxlen: 22
188.66.62.0/24 maxlen: 24
188.66.60.0/24 maxlen: 24
185.189.48.0/22 maxlen: 22
188.66.61.0/24 maxlen: 24
188.66.63.0/24 maxlen: 24
2a0b:dc80::/29 maxlen: 29
2a0d:5f47:ffff::/48 maxlen: 48
2001:67c:750::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:8b:7c:c0:e0:ef:f6:05:dd:60:6d:f7:b8:be:cc:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19622650048107918adf1b22cdf087c8a834f79c
Validity
Not Before: Nov 11 08:41:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a67da9a4424cb77a5bb7c500d1a173794f363c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:de:90:76:8c:42:88:37:22:73:0f:3e:22:4e:
10:cb:2c:4b:57:03:d6:38:09:d5:bf:d5:b2:c8:ca:
7a:01:95:47:5e:da:7c:dd:61:1b:59:70:d5:e8:cf:
b6:6c:d5:a1:2f:5a:1b:37:3f:0b:8c:d3:23:3c:c0:
e3:51:e7:fc:94:41:ea:dd:a5:58:16:5d:be:0e:31:
58:6a:76:f9:35:67:61:9b:f1:f9:ce:cf:bf:9f:e8:
a1:1a:5a:c1:e5:55:53:a7:22:8c:22:fd:4c:fd:44:
0b:fc:76:4e:08:b2:e1:87:83:d7:fa:7d:e0:fc:55:
8a:d7:58:b8:95:82:ec:ee:d6:d2:a1:6c:05:28:4f:
a3:4e:82:f9:30:bd:b9:5a:27:f4:f8:87:65:e7:ee:
b2:6d:74:4a:ee:a8:ac:43:13:5a:8e:49:41:bd:45:
d5:6c:76:14:9a:b0:a9:3f:0d:66:30:69:74:0f:a1:
60:89:4b:fe:45:ca:51:61:a8:c3:e7:97:66:d5:71:
a8:f0:77:69:00:75:f4:05:71:bc:68:1f:b2:a2:18:
96:cd:9a:c2:84:0a:14:b6:83:56:fb:d4:a6:1d:54:
bb:df:38:27:ea:ba:95:63:99:e2:96:37:8a:77:ad:
8c:ff:11:13:bb:36:08:8f:78:1f:5b:7f:54:04:63:
62:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7D:A9:A4:42:4C:B7:7A:5B:B7:C5:00:D1:A1:73:79:4F:36:3C:12
X509v3 Authority Key Identifier:
keyid:19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/pn2ppEJMt3pbt8UA0aFzeU82PBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/GWImUASBB5GK3xsizfCHyKg095w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.25.0/24
86.107.103.0/24
109.205.246.0/24
185.132.127.0/24
185.189.48.0/22
188.66.60.0/22
195.85.54.0/24
IPv6:
2001:67c:750::/48
2a0b:dc80::/29
2a0d:5f47:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
93:3f:0e:86:d4:8e:14:1b:56:fb:28:1b:8a:c3:87:8e:e0:cf:
a8:30:89:e4:3c:c1:de:bc:44:5d:4f:69:ba:fe:7c:5d:ad:c3:
4c:5d:60:da:ef:58:9d:b4:01:d1:ac:52:b6:e7:cd:92:96:15:
0c:47:b0:bb:fa:9f:9c:ab:52:14:54:20:c0:00:3f:6a:85:19:
2c:c0:a0:d7:2b:34:dd:3f:8e:81:2a:ab:85:65:0f:3f:11:43:
97:1f:7f:28:f7:fe:68:28:69:a9:0b:30:83:be:ea:05:14:62:
cd:80:3d:12:66:1d:d7:1b:fe:a9:9b:e0:73:d7:f1:1c:46:1d:
81:50:78:e5:c9:b0:82:a8:f4:3c:b3:dd:e5:55:35:91:37:5d:
c3:d0:5b:f5:78:c0:2d:12:7c:a8:bb:03:20:4a:00:01:4b:7b:
cf:1e:8a:de:ff:a0:8b:d2:d0:6b:a2:a4:05:b4:54:9d:32:78:
9f:e2:43:4e:b8:87:14:91:d5:b6:21:38:c1:43:b5:47:f0:0f:
2d:a7:83:af:df:ca:1b:d8:5f:2f:b7:f0:f0:fc:7c:31:52:ee:
c4:0d:d3:39:84:e4:65:78:30:f2:df:3b:3c:3d:23:88:16:3a:
b3:e8:a2:d9:27:36:ae:20:ea:b2:92:05:62:81:46:13:2f:fe:
4f:ea:4d:66
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYu9i3zA4O/2Bd1gbfe4vszBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjIyNjUwMDQ4MTA3OTE4YWRmMWIyMmNkZjA4N2M4YTgz
NGY3OWMwHhcNMjMxMTExMDg0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdkYTlhNDQyNGNiNzdhNWJiN2M1MDBkMWExNzM3OTRmMzYzYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt6QdoxCiDcicw8+Ik4QyyxLVwPW
OAnVv9WyyMp6AZVHXtp83WEbWXDV6M+2bNWhL1obNz8LjNMjPMDjUef8lEHq3aVY
Fl2+DjFYanb5NWdhm/H5zs+/n+ihGlrB5VVTpyKMIv1M/UQL/HZOCLLhh4PX+n3g
/FWK11i4lYLs7tbSoWwFKE+jToL5ML25Wif0+Idl5+6ybXRK7qisQxNajklBvUXV
bHYUmrCpPw1mMGl0D6FgiUv+RcpRYajD55dm1XGo8HdpAHX0BXG8aB+yohiWzZrC
hAoUtoNW+9SmHVS73zgn6rqVY5niljeKd62M/xETuzYIj3gfW39UBGNiawIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFKZ9qaRCTLd6W7fFANGhc3lPNjwSMB8GA1UdIwQY
MBaAFBliJlAEgQeRit8bIs3wh8ioNPecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQt
OGQxMGZlZTU4NGZlLzEvcG4ycHBFSk10M3BidDhVQTBhRnplVTgyUEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQtOGQxMGZlZTU4NGZl
LzEvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAwBAIAATAqAwQAVmoZAwQA
VmtnAwQAbc32AwQAuYR/AwQCub0wAwQCvEI8AwQAw1U2MB8EAgACMBkDBwAgAQZ8
B1ADBQMqC9yAAwcAKg1fR///MA0GCSqGSIb3DQEBCwUAA4IBAQCTPw6G1I4UG1b7
KBuKw4eO4M+oMInkPMHevERdT2m6/nxdrcNMXWDa71idtAHRrFK2582SlhUMR7C7
+p+cq1IUVCDAAD9qhRkswKDXKzTdP46BKquFZQ8/EUOXH38o9/5oKGmpCzCDvuoF
FGLNgD0SZh3XG/6pm+Bz1/EcRh2BUHjlybCCqPQ8s93lVTWRN13D0Fv1eMAtEnyo
uwMgSgABS3vPHore/6CL0tBroqQFtFSdMnif4kNOuIcUkdW2ITjBQ7VH8A8tp4Ov
38ob2F8vt/Dw/HwxUu7EDdM5hORleDDy3zs8PSOIFjqz6KLZJzauIOqykgVigUYT
L/5P6k1m
-----END CERTIFICATE-----
Generated at Mon Dec 18 17:47:43 2023 by rpki-client on console-ams.rpki-client.org