Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/pnK-uWZ9Qx9rEIjW1VoNglT7Ksk.roa
File: pnK-uWZ9Qx9rEIjW1VoNglT7Ksk.roa (raw, json)
Hash identifier: Rp4n+CFFtK+5BxazR5jrC112XzzANVbdj5Wx9ih/YvY=
Subject key identifier: A6:72:BE:B9:66:7D:43:1F:6B:10:88:D6:D5:5A:0D:82:54:FB:2A:C9
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 018B8B9A6FB7A2597FAAF3170B7E80793DE0
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/pnK-uWZ9Qx9rEIjW1VoNglT7Ksk.roa
Signing time: Wed 01 Nov 2023 15:57:15 +0000
ROA not before: Wed 01 Nov 2023 15:57:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 137.174.192.0/19 maxlen: 22
155.204.64.0/20 maxlen: 20
137.174.0.0/17 maxlen: 22
155.204.80.0/21 maxlen: 21
155.204.88.0/21 maxlen: 21
155.204.96.0/21 maxlen: 21
155.204.104.0/21 maxlen: 21
147.123.36.0/22 maxlen: 24
137.174.128.0/18 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:9a:6f:b7:a2:59:7f:aa:f3:17:0b:7e:80:79:3d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Nov 1 15:57:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a672beb9667d431f6b1088d6d55a0d8254fb2ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:49:c7:e8:9e:73:5d:50:03:ca:b4:64:c7:a7:
d6:f1:b8:60:b1:62:ea:7f:84:4c:90:87:f5:68:61:
67:db:00:99:af:99:5a:d9:ce:dd:4d:e2:ff:ea:e7:
af:25:fc:23:cd:13:13:5a:d1:3e:b5:a4:fa:8d:76:
d9:34:71:fc:43:2d:2b:75:06:f8:7a:7f:5f:a8:1a:
7f:c4:da:f6:ee:47:7a:c0:0f:c0:c1:01:e3:c7:cb:
0f:c1:ac:e6:8f:98:47:0b:1b:d3:48:5d:1d:61:0d:
84:25:4c:b5:47:d2:12:70:7d:fb:73:ec:7d:9c:45:
dd:d7:49:b0:0d:92:90:d6:bf:a0:a6:63:6a:67:4f:
f4:49:e8:41:ba:1e:1b:6a:a3:13:21:47:03:34:69:
0d:61:0b:ee:da:d6:8b:20:8b:6b:06:8f:f9:a3:58:
8c:c1:90:11:cb:fb:0b:3e:c9:be:da:cd:77:d7:0d:
6c:0e:57:47:cb:6e:55:ba:57:f2:f9:3f:64:b1:38:
cd:cd:13:94:7e:19:09:bc:3f:b7:97:7a:cf:f6:d3:
7f:87:1e:ae:56:41:b3:b2:2e:ea:50:32:f1:33:75:
f5:86:cd:ae:d5:db:a6:eb:34:75:87:28:cc:2a:a0:
1d:cd:4a:82:f3:ca:24:41:d7:61:bb:2f:72:c7:26:
01:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:72:BE:B9:66:7D:43:1F:6B:10:88:D6:D5:5A:0D:82:54:FB:2A:C9
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/pnK-uWZ9Qx9rEIjW1VoNglT7Ksk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.0.0-137.174.223.255
147.123.36.0/22
155.204.64.0-155.204.111.255
Signature Algorithm: sha256WithRSAEncryption
0f:1a:6a:4f:4d:0e:8d:71:ef:ad:21:d1:12:93:0f:36:99:e5:
ea:ef:0e:53:0e:34:f3:cd:87:92:f4:a8:c7:08:ae:b1:ae:46:
75:15:ad:4e:b6:0f:04:95:18:9a:ad:b3:ba:14:33:6d:4b:03:
6d:a7:12:d3:f0:33:ca:42:80:a7:82:0f:e8:3f:df:a0:13:44:
04:3a:1d:5c:30:82:13:23:a1:ab:de:97:99:1b:c3:fe:f8:70:
38:c5:e9:d0:47:fe:10:5e:90:16:8b:ff:d0:f3:07:e0:1e:af:
2e:84:b1:41:72:25:b4:ed:76:5e:49:5c:b1:15:03:90:be:35:
6b:00:36:7a:75:54:50:d6:ed:87:ab:51:cf:04:de:c7:d5:18:
60:65:7d:da:5a:f2:1a:36:e4:c9:e1:b1:17:ac:13:85:46:37:
8e:92:7b:37:1a:37:72:04:df:ee:48:72:48:83:1b:2d:36:ca:
c9:09:ae:53:fb:6b:40:44:45:3f:64:65:70:19:f7:01:8f:ea:
15:71:7d:2e:11:ee:f7:f3:95:23:e6:ae:a3:9a:bc:d8:d6:71:
94:9f:5a:e4:ca:26:c9:70:5d:7c:d5:85:23:95:2c:f5:14:3e:
c9:30:5c:55:1b:ff:f7:73:10:e3:82:a9:fd:65:04:a4:6d:96:
64:8c:c5:28
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYuLmm+3oll/qvMXC36AeT3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjMxMTAxMTU1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjcyYmViOTY2N2Q0MzFmNmIxMDg4ZDZkNTVhMGQ4MjU0ZmIyYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhknH6J5zXVADyrRkx6fW8bhgsWLq
f4RMkIf1aGFn2wCZr5la2c7dTeL/6uevJfwjzRMTWtE+taT6jXbZNHH8Qy0rdQb4
en9fqBp/xNr27kd6wA/AwQHjx8sPwazmj5hHCxvTSF0dYQ2EJUy1R9IScH37c+x9
nEXd10mwDZKQ1r+gpmNqZ0/0SehBuh4baqMTIUcDNGkNYQvu2taLIItrBo/5o1iM
wZARy/sLPsm+2s131w1sDldHy25Vulfy+T9ksTjNzROUfhkJvD+3l3rP9tN/hx6u
VkGzsi7qUDLxM3X1hs2u1dum6zR1hyjMKqAdzUqC88okQddhuy9yxyYBUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKZyvrlmfUMfaxCI1tVaDYJU+yrJMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvcG5LLXVXWjlReDlyRUlqVzFWb05nbFQ3S3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhMAsDAwGJrgME
BYmuwAMEApN7JDAMAwQGm8xAAwQEm8xgMA0GCSqGSIb3DQEBCwUAA4IBAQAPGmpP
TQ6Nce+tIdESkw82meXq7w5TDjTzzYeS9KjHCK6xrkZ1Fa1Otg8ElRiarbO6FDNt
SwNtpxLT8DPKQoCngg/oP9+gE0QEOh1cMIITI6Gr3peZG8P++HA4xenQR/4QXpAW
i//Q8wfgHq8uhLFBciW07XZeSVyxFQOQvjVrADZ6dVRQ1u2Hq1HPBN7H1RhgZX3a
WvIaNuTJ4bEXrBOFRjeOkns3GjdyBN/uSHJIgxstNsrJCa5T+2tAREU/ZGVwGfcB
j+oVcX0uEe7385Uj5q6jmrzY1nGUn1rkyibJcF181YUjlSz1FD7JMFxVG//3cxDj
gqn9ZQSkbZZkjMUo
-----END CERTIFICATE-----
Generated at Mon Dec 4 13:35:54 2023 by rpki-client on console-ams.rpki-client.org