Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/pJnVRqpJ0Jhmrmj96PxmCec-9I0.roa
File: pJnVRqpJ0Jhmrmj96PxmCec-9I0.roa (raw, json)
Hash identifier: k5dLc4LfO3Ho6ildG9DoEEm/zSw9FCx627HGdQbfWKM=
Subject key identifier: A4:99:D5:46:AA:49:D0:98:66:AE:68:FD:E8:FC:66:09:E7:3E:F4:8D
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 0188499BC2F0CF08349050E2A18119F89F1D
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/pJnVRqpJ0Jhmrmj96PxmCec-9I0.roa
Signing time: Tue 23 May 2023 17:15:24 +0000
ROA not before: Tue 23 May 2023 17:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 147.189.132.0/24 maxlen: 24
147.189.131.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.134.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
147.189.138.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:49:9b:c2:f0:cf:08:34:90:50:e2:a1:81:19:f8:9f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: May 23 17:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a499d546aa49d09866ae68fde8fc6609e73ef48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:ec:57:e3:7e:ab:8c:14:3d:2e:44:07:c5:
5e:67:61:78:26:1f:e0:b6:d6:48:b8:f2:d6:70:95:
fb:5f:59:ed:47:de:b8:35:c9:54:17:65:c7:c0:1b:
96:ef:e6:12:59:d5:7b:9a:51:fe:df:80:91:d4:d3:
80:ed:b3:79:a6:f9:f5:50:da:18:98:c5:f3:d1:d1:
66:e2:27:11:06:1d:81:e6:89:e6:e5:00:0e:b3:6e:
c8:72:db:ee:09:60:d2:7f:0c:48:82:2e:ed:4d:3e:
a4:3e:6f:cb:be:f7:7a:3c:a1:25:15:71:f7:66:db:
6c:74:56:90:d8:f1:8f:ac:52:b6:74:1a:c4:59:98:
c7:44:65:43:a5:91:07:a1:8f:58:9c:58:a0:82:e7:
b4:1f:a1:71:26:42:4d:23:71:f5:c1:c9:66:47:64:
8a:93:3a:b6:8e:3f:b3:db:17:15:d0:ae:bd:b7:55:
93:3a:f4:9b:de:1e:0d:cc:d4:01:96:69:49:eb:cc:
b0:ad:c6:f0:a7:13:54:fd:2f:91:c2:c0:0c:87:47:
b0:a7:2b:c9:28:22:94:72:2a:8a:03:ac:53:d7:c5:
fb:ee:57:59:d3:32:48:f5:2d:d5:d6:87:b4:e5:d8:
b1:5d:68:37:0b:91:8f:42:b7:1c:3d:ad:98:de:21:
83:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:99:D5:46:AA:49:D0:98:66:AE:68:FD:E8:FC:66:09:E7:3E:F4:8D
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/pJnVRqpJ0Jhmrmj96PxmCec-9I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/24
45.14.113.0/24
147.189.128.0/24
147.189.131.0-147.189.132.255
147.189.134.0/23
147.189.138.0/24
176.111.217.0/24
IPv6:
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
Signature Algorithm: sha256WithRSAEncryption
9e:24:1d:82:f2:19:0f:36:5a:fa:bf:8f:4e:ab:ef:39:02:77:
21:b8:80:04:af:8f:fd:73:92:78:8e:e9:6d:6e:b6:e1:cf:b0:
7a:78:f4:11:57:d7:b6:9a:ba:53:3d:cc:c0:67:cb:42:d4:b4:
b3:59:7f:e3:9a:f8:c6:34:ca:7d:59:0a:2e:28:59:d4:32:12:
af:c1:6b:09:94:f9:ba:d5:1b:af:7c:8b:7f:fe:ba:d6:03:be:
f6:fa:60:d1:ee:3e:df:55:32:8b:81:92:0f:c7:61:44:2d:20:
0e:c6:a2:8d:90:3f:78:b7:77:59:e8:a3:44:35:3e:b4:47:85:
19:8f:4f:f1:2a:a1:12:2c:c7:1d:14:cc:55:25:dd:f1:64:dd:
51:cb:47:86:3a:e8:66:eb:3e:ff:78:8a:44:3e:8b:5a:43:79:
14:0a:8f:d6:d1:d8:db:79:15:3b:be:15:12:ff:79:09:b4:b6:
84:3c:78:b8:e2:a9:2c:8a:ae:e4:3a:65:52:c3:84:9d:c6:5b:
c1:f7:22:fe:4c:f4:ef:a9:7d:29:54:d3:87:24:60:23:9e:31:
e8:f0:7b:ff:b1:a0:b0:cb:48:7b:72:d3:b2:cb:21:ec:e8:5b:
5c:0a:a2:a2:ae:f9:56:11:55:35:db:dc:30:90:da:65:3e:8f:
c5:2d:7a:0c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYhJm8Lwzwg0kFDioYEZ+J8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwNTIzMTcxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk5ZDU0NmFhNDlkMDk4NjZhZTY4ZmRlOGZjNjYwOWU3M2VmNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDvsV+N+q4wUPS5EB8VeZ2F4Jh/g
ttZIuPLWcJX7X1ntR964NclUF2XHwBuW7+YSWdV7mlH+34CR1NOA7bN5pvn1UNoY
mMXz0dFm4icRBh2B5onm5QAOs27IctvuCWDSfwxIgi7tTT6kPm/Lvvd6PKElFXH3
ZttsdFaQ2PGPrFK2dBrEWZjHRGVDpZEHoY9YnFiggue0H6FxJkJNI3H1wclmR2SK
kzq2jj+z2xcV0K69t1WTOvSb3h4NzNQBlmlJ68ywrcbwpxNU/S+RwsAMh0ewpyvJ
KCKUciqKA6xT18X77ldZ0zJI9S3V1oe05dixXWg3C5GPQrccPa2Y3iGDKQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFKSZ1UaqSdCYZq5o/ej8ZgnnPvSNMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL3BKblZScXBKMEpobXJtajk2UHhtQ2VjLTlJMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgaMGCCsGAQUFBwEHAQH/BIGTMIGQMD4EAgABMDgDBAEC
OAgDBAAFt0wDBAAtDnEDBACTvYAwDAMEAJO9gwMEAJO9hAMEAZO9hgMEAJO9igME
ALBv2TBOBAIAAjBIAwcAKg4MgAADAwcAKg4MgAMjAwcAKg4MgAQDAwcAKg4MgAdD
AwcAKg+ZgAAGAwcAKg+ZgAGVAwcAKg+ZgAWYAwcAKg+ZgAk2MA0GCSqGSIb3DQEB
CwUAA4IBAQCeJB2C8hkPNlr6v49Oq+85AnchuIAEr4/9c5J4jultbrbhz7B6ePQR
V9e2mrpTPczAZ8tC1LSzWX/jmvjGNMp9WQouKFnUMhKvwWsJlPm61RuvfIt//rrW
A772+mDR7j7fVTKLgZIPx2FELSAOxqKNkD94t3dZ6KNENT60R4UZj0/xKqESLMcd
FMxVJd3xZN1Ry0eGOuhm6z7/eIpEPotaQ3kUCo/W0djbeRU7vhUS/3kJtLaEPHi4
4qksiq7kOmVSw4SdxlvB9yL+TPTvqX0pVNOHJGAjnjHo8Hv/saCwy0h7ctOyyyHs
6FtcCqKirvlWEVU129wwkNplPo/FLXoM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:34 2023 by rpki-client on console-ams.rpki-client.org