Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/pmn0tOSP3j5uAdH6YBlVd8t9A2I.roa
File: pmn0tOSP3j5uAdH6YBlVd8t9A2I.roa (raw, json)
Hash identifier: Q5jE6f7/PmczUL+oSAgsrE4DcxW06XX35d5if48iarA=
Subject key identifier: A6:69:F4:B4:E4:8F:DE:3E:6E:01:D1:FA:60:19:55:77:CB:7D:03:62
Certificate issuer: /CN=178235df535526d9e6d6aff6fa7ac52293a92c71
Certificate serial: 01856CCAF5DFE69CC6B2FC31EF38534381DB
Authority key identifier: 17:82:35:DF:53:55:26:D9:E6:D6:AF:F6:FA:7A:C5:22:93:A9:2C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F4I131NVJtnm1q_2-nrFIpOpLHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/pmn0tOSP3j5uAdH6YBlVd8t9A2I.roa
Signing time: Sun 01 Jan 2023 10:05:18 +0000
ROA not before: Sun 01 Jan 2023 10:05:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25467
IP address blocks: 82.214.66.0/24 maxlen: 24
82.214.76.0/24 maxlen: 24
82.214.76.0/23 maxlen: 23
82.214.77.0/24 maxlen: 24
82.214.85.0/24 maxlen: 24
82.214.84.0/24 maxlen: 24
82.214.84.0/23 maxlen: 23
82.214.108.0/22 maxlen: 22
82.214.112.0/24 maxlen: 24
82.214.111.0/24 maxlen: 24
82.214.110.0/24 maxlen: 24
82.214.114.0/24 maxlen: 24
82.214.115.0/24 maxlen: 24
82.214.112.0/21 maxlen: 21
82.214.113.0/24 maxlen: 24
82.214.118.0/24 maxlen: 24
82.214.116.0/24 maxlen: 24
82.214.117.0/24 maxlen: 24
82.214.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:f5:df:e6:9c:c6:b2:fc:31:ef:38:53:43:81:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=178235df535526d9e6d6aff6fa7ac52293a92c71
Validity
Not Before: Jan 1 10:05:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a669f4b4e48fde3e6e01d1fa60195577cb7d0362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:08:fa:78:91:c1:8d:48:4a:1c:28:f6:37:21:
82:92:71:2f:97:db:f9:a0:13:cd:55:d7:48:d7:11:
72:cc:b8:ee:28:5b:c7:09:ef:e5:ba:08:3f:c0:26:
e0:c5:f9:7a:67:4f:d8:4a:57:57:e9:e0:15:8d:82:
2b:0d:23:59:19:0c:e8:07:58:a4:84:32:bf:df:1b:
a0:6b:96:6e:85:21:d0:b5:9e:df:c3:4c:7c:21:23:
af:44:8c:c8:42:83:2e:7c:84:10:0c:dc:42:be:e5:
a4:25:4b:f3:04:92:e6:5d:65:a7:0e:dd:b8:6e:03:
9b:bb:28:01:19:ea:3c:06:10:24:45:30:88:d1:3d:
05:9d:09:dd:cb:f4:11:83:7f:de:71:a5:f6:7c:4e:
2b:62:7e:f5:0d:c9:94:59:54:bb:6f:40:99:92:f6:
e5:4b:06:69:08:d6:11:fa:eb:82:dc:6e:ca:5b:d0:
44:77:5d:45:91:98:c4:3d:b8:02:e2:ea:7c:0d:9d:
7d:1f:8f:bd:80:ac:dc:08:9b:c0:a9:9f:93:ef:bc:
84:26:4f:69:e8:7a:19:66:41:68:0d:24:58:f5:4d:
0a:37:31:de:83:16:56:95:14:d1:3d:d9:b5:97:58:
ae:29:94:17:73:02:7e:43:5b:33:c0:ba:64:f2:e1:
b5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:69:F4:B4:E4:8F:DE:3E:6E:01:D1:FA:60:19:55:77:CB:7D:03:62
X509v3 Authority Key Identifier:
keyid:17:82:35:DF:53:55:26:D9:E6:D6:AF:F6:FA:7A:C5:22:93:A9:2C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F4I131NVJtnm1q_2-nrFIpOpLHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/pmn0tOSP3j5uAdH6YBlVd8t9A2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/F4I131NVJtnm1q_2-nrFIpOpLHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.214.66.0/24
82.214.76.0/23
82.214.84.0/23
82.214.108.0-82.214.119.255
Signature Algorithm: sha256WithRSAEncryption
ce:c1:e3:1c:9f:e7:5e:ad:28:78:15:70:ad:6b:8a:bf:14:57:
bc:13:20:3d:dd:a1:fe:ec:06:1a:65:26:5b:3c:2e:c8:8b:3b:
00:b3:bd:53:19:1b:3b:a9:89:32:c3:82:cb:b2:53:5a:7c:75:
94:62:92:55:8a:4b:19:67:80:11:b2:cf:7e:ac:93:2b:de:af:
2f:d6:4e:be:cc:6c:7b:01:b9:5e:2a:9c:df:b4:97:d1:37:35:
a7:3f:0f:e1:57:62:23:58:e2:74:b3:ac:a2:7c:b1:a7:2d:7f:
b2:9b:01:85:69:d2:4f:d6:a1:84:3e:bf:e3:86:04:04:37:ec:
d2:48:5b:91:10:e7:79:03:73:55:84:d7:c0:bc:0c:f5:a9:01:
0e:05:f9:27:2b:28:67:e7:4f:5e:e4:46:4e:7c:d4:3d:1a:aa:
e6:c8:01:37:01:e6:67:44:ab:9f:41:c5:51:4b:69:f8:02:1d:
c2:eb:ae:41:3f:68:72:6f:e5:c3:d4:98:36:81:2a:e4:83:4b:
c9:a1:72:45:96:0e:24:cc:5a:3f:03:d9:e1:26:8f:35:fd:d2:
e2:e3:d0:67:22:f6:22:19:04:15:4d:2c:1b:6a:20:e0:f4:72:
a4:69:93:34:02:2e:86:64:71:b1:ae:b5:f4:30:99:1f:b9:bd:
d0:b0:4e:7b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVsyvXf5pzGsvwx7zhTQ4HbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ODIzNWRmNTM1NTI2ZDllNmQ2YWZmNmZhN2FjNTIyOTNh
OTJjNzEwHhcNMjMwMTAxMTAwNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjY5ZjRiNGU0OGZkZTNlNmUwMWQxZmE2MDE5NTU3N2NiN2QwMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQj6eJHBjUhKHCj2NyGCknEvl9v5
oBPNVddI1xFyzLjuKFvHCe/lugg/wCbgxfl6Z0/YSldX6eAVjYIrDSNZGQzoB1ik
hDK/3xuga5ZuhSHQtZ7fw0x8ISOvRIzIQoMufIQQDNxCvuWkJUvzBJLmXWWnDt24
bgObuygBGeo8BhAkRTCI0T0FnQndy/QRg3/ecaX2fE4rYn71DcmUWVS7b0CZkvbl
SwZpCNYR+uuC3G7KW9BEd11FkZjEPbgC4up8DZ19H4+9gKzcCJvAqZ+T77yEJk9p
6HoZZkFoDSRY9U0KNzHegxZWlRTRPdm1l1iuKZQXcwJ+Q1szwLpk8uG1BQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKZp9LTkj94+bgHR+mAZVXfLfQNiMB8GA1UdIwQY
MBaAFBeCNd9TVSbZ5tav9vp6xSKTqSxxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjRJMTMxTlZKdG5tMXFfMi1uckZJcE9wTEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9jMzgzYmItZTgwNi00YTZkLWEyZTgt
ZWU1Y2EzNmYxZDlhLzEvcG1uMHRPU1AzajV1QWRINllCbFZkOHQ5QTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9jMzgzYmItZTgwNi00YTZkLWEyZTgtZWU1Y2EzNmYxZDlh
LzEvRjRJMTMxTlZKdG5tMXFfMi1uckZJcE9wTEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUtZCAwQB
UtZMAwQBUtZUMAwDBAJS1mwDBANS1nAwDQYJKoZIhvcNAQELBQADggEBAM7B4xyf
516tKHgVcK1rir8UV7wTID3dof7sBhplJls8LsiLOwCzvVMZGzupiTLDgsuyU1p8
dZRiklWKSxlngBGyz36skyvery/WTr7MbHsBuV4qnN+0l9E3Nac/D+FXYiNY4nSz
rKJ8sactf7KbAYVp0k/WoYQ+v+OGBAQ37NJIW5EQ53kDc1WE18C8DPWpAQ4F+Scr
KGfnT17kRk581D0aqubIATcB5mdEq59BxVFLafgCHcLrrkE/aHJv5cPUmDaBKuSD
S8mhckWWDiTMWj8D2eEmjzX90uLj0Gci9iIZBBVNLBtqIOD0cqRpkzQCLoZkcbGu
tfQwmR+5vdCwTns=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org