Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/PDLt0jVl53qIs2GoPALYp4JZEIU.roa
File: PDLt0jVl53qIs2GoPALYp4JZEIU.roa (raw, json)
Hash identifier: 26GwmnzOlVijJT9IjBK0KNIME3JJw6ObDUbs5uLj7s0=
Subject key identifier: 3C:32:ED:D2:35:65:E7:7A:88:B3:61:A8:3C:02:D8:A7:82:59:10:85
Certificate issuer: /CN=134efe7c541f5406dc7e0ff268d05582baefc996
Certificate serial: 01856C9CCA5E1E183674E203E3F6BB15640D
Authority key identifier: 13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/PDLt0jVl53qIs2GoPALYp4JZEIU.roa
Signing time: Sun 01 Jan 2023 09:14:52 +0000
ROA not before: Sun 01 Jan 2023 09:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 45.91.40.0/22 maxlen: 22
185.212.7.0/24 maxlen: 24
185.126.33.0/24 maxlen: 24
94.140.6.0/23 maxlen: 23
94.140.5.0/24 maxlen: 24
195.85.6.0/23 maxlen: 23
91.208.213.0/24 maxlen: 24
89.147.104.0/22 maxlen: 22
83.229.28.0/23 maxlen: 23
89.35.228.0/24 maxlen: 24
195.158.236.0/23 maxlen: 23
2a10:13c0:da7a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ca:5e:1e:18:36:74:e2:03:e3:f6:bb:15:64:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=134efe7c541f5406dc7e0ff268d05582baefc996
Validity
Not Before: Jan 1 09:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c32edd23565e77a88b361a83c02d8a782591085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3f:fa:8b:b0:96:f3:81:ca:7e:e8:31:5e:ac:
c2:87:0b:38:ba:14:79:a8:a4:0d:71:05:ac:5c:ac:
17:ba:f0:ef:0c:68:ed:56:95:f4:5e:71:fd:cd:cd:
01:de:61:e2:0f:bb:9c:70:fa:0c:c9:1e:33:30:46:
ba:bd:02:e5:2f:e3:92:0b:30:a5:d6:2e:a9:e6:61:
84:3b:a4:49:1a:2e:64:81:4a:12:50:a4:a1:09:89:
50:cd:8f:3c:f0:82:88:67:e3:d0:74:2f:49:a8:67:
1b:4a:81:2d:d4:0b:31:a8:97:3d:9b:22:e1:3c:a2:
9a:42:b0:e2:bf:53:59:70:8f:a7:53:c5:ab:5e:76:
2c:2e:65:92:69:d4:54:d4:be:e8:47:a7:7c:05:1c:
e6:f6:fc:7f:2b:25:fd:62:8a:ed:ef:02:20:68:13:
01:65:b2:eb:7f:f9:27:c8:c0:13:3c:fd:89:f8:f0:
26:28:5f:22:1e:05:07:a6:a7:72:9b:28:26:c4:1c:
1c:15:04:d5:88:a2:66:70:2c:28:65:80:6e:58:a2:
0b:1e:1e:aa:a4:a2:ce:84:3b:32:2f:20:ff:4c:34:
29:8e:55:dd:92:24:3d:11:ff:4e:a5:3f:dc:21:8f:
01:66:91:3f:c8:ca:13:5f:42:da:4f:4b:df:00:9f:
2f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:32:ED:D2:35:65:E7:7A:88:B3:61:A8:3C:02:D8:A7:82:59:10:85
X509v3 Authority Key Identifier:
keyid:13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/PDLt0jVl53qIs2GoPALYp4JZEIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/E07-fFQfVAbcfg_yaNBVgrrvyZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.40.0/22
83.229.28.0/23
89.35.228.0/24
89.147.104.0/22
91.208.213.0/24
94.140.5.0-94.140.7.255
185.126.33.0/24
185.212.7.0/24
195.85.6.0/23
195.158.236.0/23
IPv6:
2a10:13c0:da7a::/48
Signature Algorithm: sha256WithRSAEncryption
38:93:fe:77:03:2e:79:1b:c5:9d:1d:9d:e7:d1:67:9b:72:f6:
55:23:42:82:2e:af:b4:52:5e:be:1a:6f:2a:dc:7d:e5:12:c9:
c6:9b:e1:70:c5:f5:30:79:81:ec:fd:79:41:7a:a3:dd:ee:11:
bf:fa:b0:9d:71:1f:cd:69:93:87:99:ba:36:e5:10:b5:99:38:
72:c0:94:92:be:c1:d9:b2:1f:22:94:d6:f2:17:91:34:5e:3f:
7c:84:9f:7c:4b:0a:6d:2b:29:23:05:03:ff:b9:4d:bc:e1:cf:
23:a5:f7:32:2d:c0:db:5e:30:ef:80:61:41:03:66:97:0b:49:
df:2d:81:b9:45:9c:44:4e:f3:05:70:da:11:15:7e:dd:65:2b:
96:23:58:f6:04:7b:07:22:86:e9:71:76:a9:e4:b3:34:f5:6c:
df:a8:c1:6f:84:a0:6d:e3:f2:85:b6:4e:d4:04:22:a9:99:f5:
88:17:8b:38:9e:c0:0c:de:d5:c8:4f:0a:3d:dd:ce:56:06:c3:
e3:91:cc:6e:1f:d1:64:a1:24:61:75:3d:38:68:9d:18:a5:c4:
83:4d:5f:4f:71:5e:be:f9:46:f4:78:1f:72:5f:b2:3f:ac:0a:
8f:4e:0d:8e:a6:e8:65:4c:93:88:d8:7e:4d:6a:4e:d0:ef:9a:
22:3c:04:0e
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYVsnMpeHhg2dOID4/a7FWQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNGVmZTdjNTQxZjU0MDZkYzdlMGZmMjY4ZDA1NTgyYmFl
ZmM5OTYwHhcNMjMwMTAxMDkxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMyZWRkMjM1NjVlNzdhODhiMzYxYTgzYzAyZDhhNzgyNTkxMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj/6i7CW84HKfugxXqzChws4uhR5
qKQNcQWsXKwXuvDvDGjtVpX0XnH9zc0B3mHiD7uccPoMyR4zMEa6vQLlL+OSCzCl
1i6p5mGEO6RJGi5kgUoSUKShCYlQzY888IKIZ+PQdC9JqGcbSoEt1AsxqJc9myLh
PKKaQrDiv1NZcI+nU8WrXnYsLmWSadRU1L7oR6d8BRzm9vx/KyX9Yort7wIgaBMB
ZbLrf/knyMATPP2J+PAmKF8iHgUHpqdymygmxBwcFQTViKJmcCwoZYBuWKILHh6q
pKLOhDsyLyD/TDQpjlXdkiQ9Ef9OpT/cIY8BZpE/yMoTX0LaT0vfAJ8vKQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFDwy7dI1Zed6iLNhqDwC2KeCWRCFMB8GA1UdIwQY
MBaAFBNO/nxUH1QG3H4P8mjQVYK678mWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTA3LWZGUWZWQWJjZmdfeWFOQlZncnJ2eVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85M2QyOTctODAzOC00YjlhLThmN2It
YjM2NDkxZWU2ZWU0LzEvUERMdDBqVmw1M3FJczJHb1BBTFlwNEpaRUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85M2QyOTctODAzOC00YjlhLThmN2ItYjM2NDkxZWU2ZWU0
LzEvRTA3LWZGUWZWQWJjZmdfeWFOQlZncnJ2eVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBKBAIAATBEAwQCLVsoAwQB
U+UcAwQAWSPkAwQCWZNoAwQAW9DVMAwDBABejAUDBANejAADBAC5fiEDBAC51AcD
BAHDVQYDBAHDnuwwDwQCAAIwCQMHACoQE8DaejANBgkqhkiG9w0BAQsFAAOCAQEA
OJP+dwMueRvFnR2d59Fnm3L2VSNCgi6vtFJevhpvKtx95RLJxpvhcMX1MHmB7P15
QXqj3e4Rv/qwnXEfzWmTh5m6NuUQtZk4csCUkr7B2bIfIpTW8heRNF4/fISffEsK
bSspIwUD/7lNvOHPI6X3Mi3A214w74BhQQNmlwtJ3y2BuUWcRE7zBXDaERV+3WUr
liNY9gR7ByKG6XF2qeSzNPVs36jBb4SgbePyhbZO1AQiqZn1iBeLOJ7ADN7VyE8K
Pd3OVgbD45HMbh/RZKEkYXU9OGidGKXEg01fT3FevvlG9Hgfcl+yP6wKj04Njqbo
ZUyTiNh+TWpO0O+aIjwEDg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:48 2023 by rpki-client on console-fra.rpki-client.org