Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/pA-HMr0SOhogw5OOcVvMXAWhT6Y.roa
File: pA-HMr0SOhogw5OOcVvMXAWhT6Y.roa (raw, json)
Hash identifier: 8NJ5midSoI4b6cl5nAqdSeqjnjouCpY04g1M+09KF8k=
Subject key identifier: A4:0F:87:32:BD:12:3A:1A:20:C3:93:8E:71:5B:CC:5C:05:A1:4F:A6
Certificate issuer: /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial: 0185770B388A63FB8F779A452E86CE709BE3
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/pA-HMr0SOhogw5OOcVvMXAWhT6Y.roa
Signing time: Tue 03 Jan 2023 09:51:42 +0000
ROA not before: Tue 03 Jan 2023 09:51:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39020
IP address blocks: 93.93.70.0/24 maxlen: 24
93.93.68.0/24 maxlen: 24
93.93.69.0/24 maxlen: 24
93.93.66.0/24 maxlen: 24
93.93.67.0/24 maxlen: 24
93.93.65.0/24 maxlen: 24
93.93.71.0/24 maxlen: 24
93.113.162.0/24 maxlen: 24
93.113.163.0/24 maxlen: 24
93.113.160.0/24 maxlen: 24
93.113.161.0/24 maxlen: 24
93.93.64.0/24 maxlen: 24
5.145.174.0/24 maxlen: 24
5.145.175.0/24 maxlen: 24
5.145.173.0/24 maxlen: 24
217.61.131.0/24 maxlen: 24
217.61.129.0/24 maxlen: 24
217.61.130.0/24 maxlen: 24
217.61.128.0/24 maxlen: 24
217.61.139.0/24 maxlen: 24
217.61.137.0/24 maxlen: 24
217.61.138.0/24 maxlen: 24
217.61.136.0/24 maxlen: 24
217.61.134.0/24 maxlen: 24
217.61.135.0/24 maxlen: 24
217.61.133.0/24 maxlen: 24
217.61.140.0/24 maxlen: 24
217.61.143.0/24 maxlen: 24
217.61.141.0/24 maxlen: 24
217.61.142.0/24 maxlen: 24
195.78.231.0/24 maxlen: 24
195.78.229.0/24 maxlen: 24
195.78.230.0/24 maxlen: 24
195.78.228.0/24 maxlen: 24
185.50.198.0/24 maxlen: 24
185.50.199.0/24 maxlen: 24
185.50.196.0/24 maxlen: 24
185.50.196.0/22 maxlen: 22
185.50.197.0/24 maxlen: 24
77.81.119.0/24 maxlen: 24
5.145.172.0/24 maxlen: 24
5.145.170.0/24 maxlen: 24
5.145.171.0/24 maxlen: 24
5.145.169.0/24 maxlen: 24
5.145.168.0/24 maxlen: 24
91.192.110.0/24 maxlen: 24
91.192.111.0/24 maxlen: 24
91.192.108.0/24 maxlen: 24
91.192.109.0/24 maxlen: 24
77.81.112.0/24 maxlen: 24
77.81.118.0/24 maxlen: 24
77.81.117.0/24 maxlen: 24
77.81.115.0/24 maxlen: 24
77.81.116.0/24 maxlen: 24
77.81.113.0/24 maxlen: 24
77.81.114.0/24 maxlen: 24
2a00:1d70:8000::/33 maxlen: 33
2a00:1d70::/33 maxlen: 33
Validation: Failed, certificate revoked on Sat 14 Oct 2023 18:54:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:0b:38:8a:63:fb:8f:77:9a:45:2e:86:ce:70:9b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
Validity
Not Before: Jan 3 09:51:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a40f8732bd123a1a20c3938e715bcc5c05a14fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:62:59:81:d1:71:a8:ab:a3:a6:32:f9:3b:e6:
33:ad:aa:95:a3:8d:a3:ae:7c:e1:ef:7d:4b:ed:1d:
9d:76:c1:3d:7f:6d:2d:a6:cd:1b:68:82:04:76:3f:
68:1b:c9:07:b0:bf:81:e2:9e:f9:e3:0e:06:04:ba:
1d:80:ab:4f:e3:6e:f6:77:9c:65:7b:d6:ac:51:b7:
65:f7:a0:f8:3c:ba:ef:47:a7:4d:f1:7a:e1:7b:de:
72:86:ae:83:8a:81:47:39:de:97:23:1d:0b:e4:41:
f3:27:f2:d6:3a:94:aa:c3:44:e6:1a:97:70:28:3d:
94:85:9a:e1:f4:f6:54:f5:0e:c4:b5:f5:5a:3c:91:
64:0f:c9:2c:d7:a1:4f:09:07:a7:69:38:6b:5f:8a:
e2:9e:48:99:ce:0c:59:b1:58:46:8f:a3:86:13:2d:
ca:1e:00:52:a3:85:a8:0b:33:1f:23:d5:fb:14:9c:
d4:47:9a:ff:47:68:78:fe:cc:cd:3d:85:b5:0d:2f:
14:c9:0a:a0:fe:87:2f:7c:c2:29:7c:38:b7:64:de:
b7:3e:7d:28:ed:09:55:d8:a9:66:01:77:ad:fb:69:
21:bf:22:6a:72:22:7c:66:d1:fd:32:6b:d9:3e:d0:
b7:bf:3a:c4:30:f7:24:d3:46:87:35:83:d0:44:db:
b3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0F:87:32:BD:12:3A:1A:20:C3:93:8E:71:5B:CC:5C:05:A1:4F:A6
X509v3 Authority Key Identifier:
keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/pA-HMr0SOhogw5OOcVvMXAWhT6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.168.0/21
77.81.112.0/21
91.192.108.0/22
93.93.64.0/21
93.113.160.0/22
185.50.196.0/22
195.78.228.0/22
217.61.128.0/22
217.61.133.0-217.61.143.255
IPv6:
2a00:1d70::/32
Signature Algorithm: sha256WithRSAEncryption
8a:b1:71:f5:c1:d5:36:2e:07:a2:e6:33:7b:8e:f3:0d:6d:7c:
7a:68:6a:7e:49:63:87:ea:74:9e:f5:b2:26:67:98:50:35:12:
e1:70:75:0d:75:b9:9e:b9:e3:f4:5a:2e:07:bd:c2:ea:51:e0:
c1:5a:4e:05:35:bc:6d:b9:b5:07:8b:dc:04:94:46:c7:37:c4:
4e:66:f7:4b:45:03:59:91:1c:77:f4:0d:ca:11:7b:48:88:a6:
b9:1a:43:89:f6:3d:30:8e:27:8a:57:65:08:1f:9b:2b:ea:29:
0f:80:a1:e7:87:86:37:ef:cb:d9:51:aa:94:22:4f:dd:5a:bf:
8c:1c:5f:ef:1c:4e:f2:09:9e:3b:28:1f:16:28:c2:51:06:98:
5c:ef:e0:6b:6f:1d:cb:db:e1:11:ea:8d:df:c1:82:4e:ce:91:
3c:96:1b:c5:64:99:c4:f2:65:19:5b:bd:40:03:67:83:ed:e1:
66:5d:7c:8e:8c:2c:11:65:7a:25:0b:c7:44:f0:97:ea:4c:ce:
26:c3:3b:2d:cd:99:30:c1:b3:7b:82:5e:59:71:12:55:2c:eb:
39:4a:54:4f:53:1f:6d:41:27:94:b6:83:25:c0:f3:7a:eb:34:
5d:b0:57:97:f7:9a:e3:4a:3e:b7:31:cb:b9:55:63:46:40:49:
bb:f1:f7:b1
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYV3CziKY/uPd5pFLobOcJvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjMwMTAzMDk1MTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDBmODczMmJkMTIzYTFhMjBjMzkzOGU3MTViY2M1YzA1YTE0ZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWJZgdFxqKujpjL5O+YzraqVo42j
rnzh731L7R2ddsE9f20tps0baIIEdj9oG8kHsL+B4p754w4GBLodgKtP4272d5xl
e9asUbdl96D4PLrvR6dN8Xrhe95yhq6DioFHOd6XIx0L5EHzJ/LWOpSqw0TmGpdw
KD2UhZrh9PZU9Q7EtfVaPJFkD8ks16FPCQenaThrX4rinkiZzgxZsVhGj6OGEy3K
HgBSo4WoCzMfI9X7FJzUR5r/R2h4/szNPYW1DS8UyQqg/ocvfMIpfDi3ZN63Pn0o
7QlV2KlmAXet+2khvyJqciJ8ZtH9MmvZPtC3vzrEMPck00aHNYPQRNuzgwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFKQPhzK9EjoaIMOTjnFbzFwFoU+mMB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvcEEtSE1yMFNPaG9ndzVPT2NWdk1YQVdoVDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQDBZGoAwQD
TVFwAwQCW8BsAwQDXV1AAwQCXXGgAwQCuTLEAwQCw07kAwQC2T2AMAwDBADZPYUD
BATZPYAwDQQCAAIwBwMFACoAHXAwDQYJKoZIhvcNAQELBQADggEBAIqxcfXB1TYu
B6LmM3uO8w1tfHpoan5JY4fqdJ71siZnmFA1EuFwdQ11uZ654/RaLge9wupR4MFa
TgU1vG25tQeL3ASURsc3xE5m90tFA1mRHHf0DcoRe0iIprkaQ4n2PTCOJ4pXZQgf
myvqKQ+AoeeHhjfvy9lRqpQiT91av4wcX+8cTvIJnjsoHxYowlEGmFzv4GtvHcvb
4RHqjd/Bgk7OkTyWG8VkmcTyZRlbvUADZ4Pt4WZdfI6MLBFleiULx0Twl+pMzibD
Oy3NmTDBs3uCXllxElUs6zlKVE9TH21BJ5S2gyXA83rrNF2wV5f3muNKPrcxy7lV
Y0ZASbvx97E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:44 2024 by rpki-client on console-fra.rpki-client.org