Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PzpLVcIOcrD_BFzbPSkcQrcCF5A.roa
File: PzpLVcIOcrD_BFzbPSkcQrcCF5A.roa (raw, json)
Hash identifier: WXkLqOSFF0RQSzQvMot4IaWtr5tj2/REkdf/kL45SdE=
Subject key identifier: 3F:3A:4B:55:C2:0E:72:B0:FF:04:5C:DB:3D:29:1C:42:B7:02:17:90
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018C7877A76126EF1FB039181C6BDA55D9BB
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PzpLVcIOcrD_BFzbPSkcQrcCF5A.roa
Signing time: Sun 17 Dec 2023 15:49:16 +0000
ROA not before: Sun 17 Dec 2023 15:49:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.3.174.0/24 maxlen: 24
91.213.17.0/24 maxlen: 24
146.19.112.0/24 maxlen: 24
185.255.54.0/24 maxlen: 24
213.232.238.0/24 maxlen: 24
178.212.76.0/24 maxlen: 24
62.133.34.0/24 maxlen: 24
79.110.231.0/24 maxlen: 24
212.23.197.0/24 maxlen: 24
2a0b:4080::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:77:a7:61:26:ef:1f:b0:39:18:1c:6b:da:55:d9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Dec 17 15:49:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f3a4b55c20e72b0ff045cdb3d291c42b7021790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:62:71:2e:80:66:e9:ee:2a:00:2d:01:d4:f2:
06:5d:3e:c8:b3:a8:ad:4d:1e:d2:61:33:6c:34:63:
36:cb:0c:e0:f2:c6:0f:65:2d:45:07:b9:1d:eb:29:
63:76:a9:8b:54:cd:52:65:5a:be:ed:fb:51:89:c9:
8f:70:db:62:e8:91:e3:e5:31:67:91:2b:6d:51:28:
53:67:72:b0:74:37:ab:aa:69:67:98:b2:e4:4f:68:
00:82:10:3d:9c:c6:9e:fb:aa:6a:c3:bd:0f:d3:d6:
7f:e6:8a:2b:31:57:73:e4:7f:fb:3f:60:60:e8:16:
e8:f8:0a:a5:6a:dd:f6:ef:8e:95:ce:4c:d3:4d:ee:
a9:91:68:ea:c2:03:34:da:58:c3:8b:81:8e:17:f1:
49:94:68:ed:9d:b4:b9:27:dd:6a:b2:01:9c:1f:28:
15:2a:dc:93:1a:3b:4a:18:4c:05:5a:ec:66:1b:36:
3b:c8:55:9e:ee:0f:79:33:25:70:e8:9b:0e:35:52:
f0:0e:bb:4a:be:3e:7f:e1:aa:48:60:ed:72:54:b0:
c3:f1:ce:7e:0e:49:69:22:f6:ca:0d:df:0f:c8:81:
85:9c:ec:93:f9:1e:24:f0:ac:51:89:94:0e:40:e5:
89:e6:b5:9a:c5:82:54:5b:60:06:b6:60:16:4a:28:
39:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3A:4B:55:C2:0E:72:B0:FF:04:5C:DB:3D:29:1C:42:B7:02:17:90
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PzpLVcIOcrD_BFzbPSkcQrcCF5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.34.0/24
79.110.231.0/24
91.213.17.0/24
146.19.112.0/24
178.212.76.0/24
185.255.54.0/24
193.3.174.0/24
212.23.197.0/24
213.232.238.0/24
IPv6:
2a0b:4080::/32
Signature Algorithm: sha256WithRSAEncryption
54:f0:36:cf:dd:63:fe:c9:f4:1f:69:48:35:ae:5a:df:3e:55:
30:25:42:3f:36:3f:07:45:bd:18:25:3d:54:c2:11:2e:5a:0c:
05:88:db:e5:3b:46:fc:37:c1:ac:c9:82:38:b0:4b:65:d3:19:
0f:36:39:ba:e4:31:5d:82:d1:73:63:f5:77:20:5a:0d:62:5d:
81:e3:b2:4b:3f:1b:1b:5e:94:0e:23:35:54:47:fa:42:7a:bc:
33:74:56:0c:d4:78:7e:e6:24:61:d9:04:d5:94:ce:d6:4f:d0:
24:f9:3c:7f:64:27:56:4d:eb:1c:c3:dc:ba:fd:06:73:ea:b8:
74:17:d3:ab:1f:86:78:eb:35:ce:91:5b:66:da:0b:65:51:a4:
bb:b2:4f:e4:03:31:34:2b:88:0a:1f:97:07:6c:d0:a7:16:3b:
8f:6c:0c:e0:99:91:7e:ac:90:76:1e:b7:30:6f:92:ba:96:7a:
57:06:e6:ef:46:5f:02:ee:71:17:3e:d5:b0:15:23:2b:89:e0:
54:bc:e3:43:74:4f:79:af:c8:98:50:7b:d7:8a:54:b7:ab:f4:
a1:4b:86:d7:73:c4:b8:96:5c:65:e3:6a:11:cd:b2:f2:93:d2:
3b:a8:a8:5e:4c:6c:a7:28:11:ee:9d:91:9d:88:d9:c5:4d:11:
b8:6e:90:1a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYx4d6dhJu8fsDkYHGvaVdm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMjE3MTU0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNhNGI1NWMyMGU3MmIwZmYwNDVjZGIzZDI5MWM0MmI3MDIxNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmJxLoBm6e4qAC0B1PIGXT7Is6it
TR7SYTNsNGM2ywzg8sYPZS1FB7kd6yljdqmLVM1SZVq+7ftRicmPcNti6JHj5TFn
kSttUShTZ3KwdDerqmlnmLLkT2gAghA9nMae+6pqw70P09Z/5oorMVdz5H/7P2Bg
6Bbo+Aqlat32746VzkzTTe6pkWjqwgM02ljDi4GOF/FJlGjtnbS5J91qsgGcHygV
KtyTGjtKGEwFWuxmGzY7yFWe7g95MyVw6JsONVLwDrtKvj5/4apIYO1yVLDD8c5+
DklpIvbKDd8PyIGFnOyT+R4k8KxRiZQOQOWJ5rWaxYJUW2AGtmAWSig5+QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFD86S1XCDnKw/wRc2z0pHEK3AheQMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvUHpwTFZjSU9jckRfQkZ6YlBTa2NRcmNDRjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAPoUiAwQA
T27nAwQAW9URAwQAkhNwAwQAstRMAwQAuf82AwQAwQOuAwQA1BfFAwQA1ejuMA0E
AgACMAcDBQAqC0CAMA0GCSqGSIb3DQEBCwUAA4IBAQBU8DbP3WP+yfQfaUg1rlrf
PlUwJUI/Nj8HRb0YJT1UwhEuWgwFiNvlO0b8N8GsyYI4sEtl0xkPNjm65DFdgtFz
Y/V3IFoNYl2B47JLPxsbXpQOIzVUR/pCerwzdFYM1Hh+5iRh2QTVlM7WT9Ak+Tx/
ZCdWTescw9y6/QZz6rh0F9OrH4Z46zXOkVtm2gtlUaS7sk/kAzE0K4gKH5cHbNCn
FjuPbAzgmZF+rJB2Hrcwb5K6lnpXBubvRl8C7nEXPtWwFSMrieBUvONDdE95r8iY
UHvXilS3q/ShS4bXc8S4llxl42oRzbLyk9I7qKheTGynKBHunZGdiNnFTRG4bpAa
-----END CERTIFICATE-----
Generated at Fri Dec 22 01:45:18 2023 by rpki-client on console-fra.rpki-client.org