Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/P4NNHsq_YyFTDd2nCGmzDtTtfJY.roa
File: P4NNHsq_YyFTDd2nCGmzDtTtfJY.roa (raw, json)
Hash identifier: EaBRlhXgEd4GX1aso32w9HN+ksfi88PoZd8k2pDA+tM=
Subject key identifier: 3F:83:4D:1E:CA:BF:63:21:53:0D:DD:A7:08:69:B3:0E:D4:ED:7C:96
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 018A8AA73BE03A8875C26188F1A042C25F46
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/P4NNHsq_YyFTDd2nCGmzDtTtfJY.roa
Signing time: Tue 12 Sep 2023 18:28:50 +0000
ROA not before: Tue 12 Sep 2023 18:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49121
IP address blocks: 37.221.71.0/24 maxlen: 24
37.221.68.0/24 maxlen: 24
185.232.166.0/24 maxlen: 24
37.221.69.0/24 maxlen: 24
37.221.70.0/24 maxlen: 24
45.87.118.0/24 maxlen: 24
45.87.117.0/24 maxlen: 24
45.87.119.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
5.57.209.0/24 maxlen: 24
2a09:e200:e200::/48 maxlen: 48
2a09:e200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:a7:3b:e0:3a:88:75:c2:61:88:f1:a0:42:c2:5f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Sep 12 18:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f834d1ecabf6321530ddda70869b30ed4ed7c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:22:ef:d2:c4:db:24:df:d0:ec:a7:93:b8:ac:
9a:13:6e:bc:d0:bd:ea:14:32:7b:db:92:fe:06:8e:
1b:b3:18:4d:26:87:bf:8b:11:e8:2d:c7:5d:16:ca:
b2:66:c0:50:78:25:6d:01:ca:39:55:52:27:71:bd:
b0:ac:42:c2:57:27:49:d1:ba:be:82:32:70:a5:45:
6f:bc:19:1d:97:93:ca:e0:53:26:b7:6e:55:1b:8f:
54:a7:89:66:12:67:90:65:8e:cb:90:c8:a2:19:1d:
a0:3d:68:b4:af:37:70:d5:c6:98:56:79:6d:a8:50:
af:ce:be:b1:e7:bd:bb:2e:c4:c4:b6:23:4f:4b:84:
ea:e3:83:03:89:f1:87:32:c6:ae:de:16:16:d3:7f:
f5:b7:88:c7:55:b1:19:31:d7:85:1b:e6:8d:6c:73:
8b:1d:7a:13:ee:d5:d7:fa:1c:3b:97:48:18:42:c1:
c6:66:71:14:c3:fe:87:2f:39:1d:12:04:ed:e4:17:
c1:05:62:b9:b4:6a:9a:76:22:b6:5b:a4:dd:f4:b6:
6a:10:34:f4:97:5a:1a:b9:c5:38:dc:18:e3:5d:09:
a6:c4:8a:ee:37:65:51:a3:f2:6b:3e:86:38:9f:29:
44:05:5c:84:38:f5:0e:89:2f:d4:20:da:09:b6:a9:
04:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:83:4D:1E:CA:BF:63:21:53:0D:DD:A7:08:69:B3:0E:D4:ED:7C:96
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/P4NNHsq_YyFTDd2nCGmzDtTtfJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.209.0/24
37.221.68.0/22
45.87.117.0-45.87.119.255
185.186.0.0/24
185.232.166.0/24
IPv6:
2a09:e200::/48
2a09:e200:e200::/48
Signature Algorithm: sha256WithRSAEncryption
8f:a0:c6:5d:78:9c:f8:dc:b4:82:34:16:bd:3e:a0:3e:bf:e9:
7d:cf:e5:89:e7:5c:3b:9a:47:d9:00:99:5e:0b:ab:3a:cc:49:
9f:c5:3b:a6:e2:65:ba:61:75:c1:4c:3b:ca:b1:79:ab:76:32:
06:48:33:f7:26:52:5b:16:80:03:df:9e:56:c9:1c:fb:0d:ad:
92:1b:d3:4a:19:f2:dd:5c:55:23:3c:48:6d:70:f0:d3:8e:b5:
02:a8:d8:24:38:01:8e:d0:5a:15:c5:11:2c:67:0b:6e:85:63:
10:fb:22:a8:14:b6:3c:39:bc:1c:69:99:62:d6:1c:00:e5:3f:
66:c0:4f:be:65:ed:bb:c3:e7:ad:8a:06:c3:af:59:a3:98:96:
e6:42:8e:7b:3f:a1:61:7e:83:5e:0d:00:15:9f:09:46:02:10:
43:2f:ac:94:2b:0f:84:95:aa:34:10:bc:b6:05:ec:72:5b:a7:
c2:05:e0:a9:5c:05:89:82:c5:b1:fc:1a:22:75:0a:8f:c1:75:
a2:14:7c:5a:b2:a3:0b:07:f3:0e:43:b8:cd:cb:40:2e:7d:00:
11:4f:8d:ef:b6:d2:47:af:3d:72:65:65:47:5f:b3:f1:e2:76:
6e:85:fc:fd:a2:d8:a0:b7:aa:cb:f0:af:f5:34:8e:d4:30:7c:
a1:bf:0a:79
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYqKpzvgOoh1wmGI8aBCwl9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjMwOTEyMTgyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjgzNGQxZWNhYmY2MzIxNTMwZGRkYTcwODY5YjMwZWQ0ZWQ3Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLv0sTbJN/Q7KeTuKyaE2680L3q
FDJ725L+Bo4bsxhNJoe/ixHoLcddFsqyZsBQeCVtAco5VVIncb2wrELCVydJ0bq+
gjJwpUVvvBkdl5PK4FMmt25VG49Up4lmEmeQZY7LkMiiGR2gPWi0rzdw1caYVnlt
qFCvzr6x5727LsTEtiNPS4Tq44MDifGHMsau3hYW03/1t4jHVbEZMdeFG+aNbHOL
HXoT7tXX+hw7l0gYQsHGZnEUw/6HLzkdEgTt5BfBBWK5tGqadiK2W6Td9LZqEDT0
l1oaucU43BjjXQmmxIruN2VRo/JrPoY4nylEBVyEOPUOiS/UINoJtqkE4QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFD+DTR7Kv2MhUw3dpwhpsw7U7XyWMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvUDROTkhzcV9ZeUZURGQybkNHbXpEdFR0ZkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAsBAIAATAmAwQABTnRAwQC
Jd1EMAwDBAAtV3UDBAMtV3ADBAC5ugADBAC56KYwGAQCAAIwEgMHACoJ4gAAAAMH
ACoJ4gDiADANBgkqhkiG9w0BAQsFAAOCAQEAj6DGXXic+Ny0gjQWvT6gPr/pfc/l
iedcO5pH2QCZXgurOsxJn8U7puJlumF1wUw7yrF5q3YyBkgz9yZSWxaAA9+eVskc
+w2tkhvTShny3VxVIzxIbXDw0461AqjYJDgBjtBaFcURLGcLboVjEPsiqBS2PDm8
HGmZYtYcAOU/ZsBPvmXtu8PnrYoGw69Zo5iW5kKOez+hYX6DXg0AFZ8JRgIQQy+s
lCsPhJWqNBC8tgXsclunwgXgqVwFiYLFsfwaInUKj8F1ohR8WrKjCwfzDkO4zctA
Ln0AEU+N77bSR689cmVlR1+z8eJ2boX8/aLYoLeqy/Cv9TSO1DB8ob8KeQ==
-----END CERTIFICATE-----
Generated at Tue Oct 17 11:17:20 2023 by rpki-client on console-fra.rpki-client.org