Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/pLuKLQHpzhw01NQGerOYhoYjl_0.roa
File: pLuKLQHpzhw01NQGerOYhoYjl_0.roa (raw, json)
Hash identifier: c8QYEnv9xYwHFSGtQ3r2iXmoFKKMjWJV9GIqXC9bkks=
Subject key identifier: A4:BB:8A:2D:01:E9:CE:1C:34:D4:D4:06:7A:B3:98:86:86:23:97:FD
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018A50E3BD6D294B49F963BF35EAA75F9582
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/pLuKLQHpzhw01NQGerOYhoYjl_0.roa
Signing time: Fri 01 Sep 2023 13:16:57 +0000
ROA not before: Fri 01 Sep 2023 13:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 195.149.87.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
2a09:7c41::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:e3:bd:6d:29:4b:49:f9:63:bf:35:ea:a7:5f:95:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Sep 1 13:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4bb8a2d01e9ce1c34d4d4067ab39886862397fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:10:cf:b8:ae:f5:4c:b8:c9:38:b6:40:7e:
d5:9c:10:b5:4a:c2:a7:50:3c:14:84:ea:3c:c6:62:
2b:f8:21:9e:cc:09:0d:3a:64:2f:d7:01:9f:12:d7:
48:f9:c8:7b:cd:c8:47:f3:cc:3a:b4:fa:a5:d5:3d:
63:bd:16:5a:0d:e4:8e:7d:48:5d:f7:80:4b:39:6f:
74:0b:d1:07:37:80:c6:2e:b3:0a:b8:74:b7:98:4b:
5f:ee:ad:a5:62:0f:af:70:f9:b3:0f:36:1a:a4:bc:
13:4f:bf:aa:74:3f:68:3f:6c:75:04:45:8a:64:75:
9a:c9:d7:72:85:41:e0:72:9c:97:e2:b3:b5:65:ce:
9d:81:cf:10:b2:ea:05:28:d1:64:f9:8d:e0:28:99:
0b:ef:ad:0d:77:53:9c:2f:de:c7:e7:96:96:65:18:
d2:9a:65:53:98:05:51:e9:6a:19:2c:4e:5a:49:da:
dd:72:f9:dd:b4:e4:07:da:7e:6c:61:7a:ae:14:10:
78:d3:5c:dd:f6:51:77:70:8e:a1:01:94:fb:52:d9:
d5:01:87:14:64:1d:62:6a:2e:84:57:65:c3:3f:7e:
68:d6:9e:4b:f1:4f:3b:13:c6:25:57:84:f3:b0:c4:
8a:15:58:56:af:63:f1:54:89:23:e3:28:a9:89:b1:
67:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BB:8A:2D:01:E9:CE:1C:34:D4:D4:06:7A:B3:98:86:86:23:97:FD
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/pLuKLQHpzhw01NQGerOYhoYjl_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.119.192.0/24
74.119.194.0/24
80.92.204.0/23
185.250.151.0/24
195.149.87.0/24
IPv6:
2a09:7c41::/32
Signature Algorithm: sha256WithRSAEncryption
63:0b:63:8c:69:3a:61:f9:cf:44:2f:85:1d:71:df:eb:3c:ca:
3a:ad:f5:9b:63:8b:c0:97:5f:d9:d1:b4:42:af:b4:2d:7b:7e:
bf:6a:bf:1f:83:da:d0:c6:6a:ca:28:13:47:a0:1f:29:cd:9c:
68:ef:13:bc:1a:53:67:65:b5:ca:ba:aa:4a:0b:1d:d6:f3:02:
fe:69:0d:08:2f:23:16:9c:0b:1e:41:53:b1:38:57:c8:34:12:
d1:8e:7b:2f:ed:ee:45:17:d1:eb:45:f0:18:12:06:59:db:06:
47:6d:3a:43:87:1e:99:75:04:7a:47:01:f5:20:1d:db:a5:29:
04:37:2d:35:75:5b:a5:35:41:f1:85:c6:c9:ac:8f:69:cb:3f:
7a:56:10:8a:6b:c7:8b:5e:d6:d5:47:d7:94:9b:e4:d0:a0:af:
b4:ea:f9:bf:75:68:a6:8f:ae:a7:3d:b3:dd:a9:34:5f:68:45:
bb:47:0a:44:0e:fb:b0:13:5e:af:b8:a2:83:6e:05:82:7a:e2:
35:9a:b3:6b:0e:f7:37:30:5f:a5:e2:9d:36:d7:eb:f2:b4:2e:
b2:f9:a4:4a:5d:c6:a5:90:36:ea:34:cd:65:6d:52:b3:53:e6:
07:73:2d:0c:56:c7:6c:3b:d6:f3:2f:02:ad:db:8d:14:41:96:
aa:09:19:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYpQ471tKUtJ+WO/NeqnX5WCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwOTAxMTMxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJiOGEyZDAxZTljZTFjMzRkNGQ0MDY3YWIzOTg4Njg2MjM5N2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQUQz7iu9Uy4yTi2QH7VnBC1SsKn
UDwUhOo8xmIr+CGezAkNOmQv1wGfEtdI+ch7zchH88w6tPql1T1jvRZaDeSOfUhd
94BLOW90C9EHN4DGLrMKuHS3mEtf7q2lYg+vcPmzDzYapLwTT7+qdD9oP2x1BEWK
ZHWayddyhUHgcpyX4rO1Zc6dgc8QsuoFKNFk+Y3gKJkL760Nd1OcL97H55aWZRjS
mmVTmAVR6WoZLE5aSdrdcvndtOQH2n5sYXquFBB401zd9lF3cI6hAZT7UtnVAYcU
ZB1iai6EV2XDP35o1p5L8U87E8YlV4TzsMSKFVhWr2PxVIkj4yipibFnGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKS7ii0B6c4cNNTUBnqzmIaGI5f9MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvcEx1S0xRSHB6aHcwMU5RR2VyT1lob1lqbF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQASnfAAwQA
SnfCAwQBUFzMAwQAufqXAwQAw5VXMA0EAgACMAcDBQAqCXxBMA0GCSqGSIb3DQEB
CwUAA4IBAQBjC2OMaTph+c9EL4Udcd/rPMo6rfWbY4vAl1/Z0bRCr7Qte36/ar8f
g9rQxmrKKBNHoB8pzZxo7xO8GlNnZbXKuqpKCx3W8wL+aQ0ILyMWnAseQVOxOFfI
NBLRjnsv7e5FF9HrRfAYEgZZ2wZHbTpDhx6ZdQR6RwH1IB3bpSkENy01dVulNUHx
hcbJrI9pyz96VhCKa8eLXtbVR9eUm+TQoK+06vm/dWimj66nPbPdqTRfaEW7RwpE
DvuwE16vuKKDbgWCeuI1mrNrDvc3MF+l4p021+vytC6y+aRKXcalkDbqNM1lbVKz
U+YHcy0MVsdsO9bzLwKt240UQZaqCRnj
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:55 2024 by rpki-client on console-fra.rpki-client.org