Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa
File: pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa (raw, json)
Hash identifier: mjkda2alGp6Wm22oKkLEKqCRHsi04JLhk/bgRYtXZr4=
Subject key identifier: A6:F4:03:19:2F:C5:1A:EC:54:CB:B7:8A:E3:FE:8A:76:61:FD:A5:26
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E1E1DEE38E49CD9A25D46664F9850D230
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa
Signing time: Fri 08 Mar 2024 12:51:01 +0000
ROA not before: Fri 08 Mar 2024 12:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
82.153.245.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.178.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 11:27:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:1d:ee:38:e4:9c:d9:a2:5d:46:66:4f:98:50:d2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 8 12:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6f403192fc51aec54cbb78ae3fe8a7661fda526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e8:03:4e:b2:9e:60:62:6c:b3:64:bd:c9:23:
98:91:4c:19:f3:df:7d:23:3d:19:62:0a:67:37:c5:
90:64:7a:38:66:2b:29:32:d5:92:bd:7a:d4:14:ac:
be:50:db:b5:f2:38:45:34:77:34:43:2e:4c:63:5e:
a2:5f:05:ac:74:83:75:aa:42:c7:85:36:3c:f6:24:
4a:64:de:cf:52:58:af:a9:4a:58:5a:59:b8:0e:5d:
a8:6e:43:df:3f:80:af:fc:5c:14:35:8f:19:42:49:
d7:89:63:d7:45:50:b5:d9:ae:b4:d9:11:13:d4:b1:
67:22:9c:73:92:3e:53:e9:23:6b:39:3f:17:32:32:
f3:0e:3f:3d:35:89:80:fa:09:b2:86:5d:12:75:df:
61:5f:a8:ba:77:ee:cb:a5:36:2c:6f:ed:99:eb:bf:
34:f0:ad:cb:2c:f0:9a:50:a9:3a:50:32:66:ee:ef:
c0:8d:39:82:3a:c0:9b:d8:7d:b1:b9:ba:97:8d:3f:
a4:2a:bc:89:5d:ba:ba:00:02:b1:af:7f:b5:86:53:
de:b3:49:09:52:68:78:3c:b4:9f:cc:48:90:92:0f:
7e:32:0d:9b:f0:5e:25:62:5f:69:f0:f7:c2:a1:39:
8d:ac:f2:8c:a7:3a:65:9b:87:96:d1:d1:73:c1:97:
bf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F4:03:19:2F:C5:1A:EC:54:CB:B7:8A:E3:FE:8A:76:61:FD:A5:26
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
82.153.245.0/24
89.213.4.0/24
89.213.6.0/23
89.213.130.0/24
89.213.178.0/24
89.213.190.0/24
109.176.244.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:6e:ee:83:28:46:a8:dc:e2:dc:58:ef:fe:98:ae:7f:45:6b:
f8:0d:76:b8:dd:f9:7a:63:91:a6:91:5e:45:90:80:31:b9:b6:
67:a7:36:92:0b:de:a3:2c:b5:fe:a7:85:b5:3d:20:b0:e7:9f:
60:3b:eb:a0:21:23:14:98:41:78:88:fa:8a:3f:7e:5b:3c:13:
5b:82:c8:64:ad:c5:bc:4b:cf:04:81:1f:f6:90:01:c3:96:67:
21:db:5d:41:14:0c:b1:81:7b:94:81:1c:a5:07:44:22:ff:2c:
2f:44:81:9a:b4:df:eb:8f:97:f5:52:2a:d9:7d:73:0a:45:21:
7e:63:50:4f:db:5f:6c:9e:00:15:6f:f1:88:f5:d6:be:27:76:
64:5b:6e:e7:d7:f9:c7:03:77:4e:0b:77:91:c0:15:d4:53:db:
8d:72:ba:65:e5:6e:b4:1e:33:eb:1e:56:8c:91:01:24:fa:35:
f2:a4:11:91:18:47:23:2a:57:cb:ea:94:b9:82:50:ce:12:92:
ff:8b:a4:c1:e6:cc:26:07:26:f8:a1:dc:78:b0:d4:29:ed:40:
88:10:0c:7f:d4:e0:80:5b:12:d2:5b:fb:c3:86:e6:00:e4:4f:
a2:6e:e8:82:58:cd:d9:d2:fd:0b:3c:c8:df:f2:4e:4d:d1:3a:
51:b1:56:ed
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY4eHe445JzZol1GZk+YUNIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzA4MTI1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY0MDMxOTJmYzUxYWVjNTRjYmI3OGFlM2ZlOGE3NjYxZmRhNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOgDTrKeYGJss2S9ySOYkUwZ8999
Iz0ZYgpnN8WQZHo4ZispMtWSvXrUFKy+UNu18jhFNHc0Qy5MY16iXwWsdIN1qkLH
hTY89iRKZN7PUlivqUpYWlm4Dl2obkPfP4Cv/FwUNY8ZQknXiWPXRVC12a602RET
1LFnIpxzkj5T6SNrOT8XMjLzDj89NYmA+gmyhl0Sdd9hX6i6d+7LpTYsb+2Z6780
8K3LLPCaUKk6UDJm7u/AjTmCOsCb2H2xubqXjT+kKryJXbq6AAKxr3+1hlPes0kJ
Umh4PLSfzEiQkg9+Mg2b8F4lYl9p8PfCoTmNrPKMpzplm4eW0dFzwZe/dwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFKb0AxkvxRrsVMu3iuP+inZh/aUmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcHZRREdTX0ZHdXhVeTdlSzRfNktkbUg5cFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFGoeAME
AFKY+AMEAFKY+wMEAFKY/gMEAFKZRQMEAFKZSAMEAFKZTwMEAFKZhAMEAFKZ4AME
AFKZ9QMEAFnVBAMEAVnVBgMEAFnVggMEAFnVsgMEAFnVvgMEAG2w9AMEAG2w9wME
AG2w+wMEALkxfDANBgkqhkiG9w0BAQsFAAOCAQEALG7ugyhGqNzi3Fjv/piuf0Vr
+A12uN35emORppFeRZCAMbm2Z6c2kgveoyy1/qeFtT0gsOefYDvroCEjFJhBeIj6
ij9+WzwTW4LIZK3FvEvPBIEf9pABw5ZnIdtdQRQMsYF7lIEcpQdEIv8sL0SBmrTf
64+X9VIq2X1zCkUhfmNQT9tfbJ4AFW/xiPXWvid2ZFtu59f5xwN3Tgt3kcAV1FPb
jXK6ZeVutB4z6x5WjJEBJPo18qQRkRhHIypXy+qUuYJQzhKS/4ukwebMJgcm+KHc
eLDUKe1AiBAMf9TggFsS0lv7w4bmAORPom7ogljN2dL9CzzI3/JOTdE6UbFW7Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:11 2025 by rpki-client