Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ptI19BNdUP7yLGrmzs8uQmbnvIY.roa
File: ptI19BNdUP7yLGrmzs8uQmbnvIY.roa (raw, json)
Hash identifier: n2UJ9r9S3+KwLfsQ60d+H3cJIvXgNiZydqjF7Hif6Eo=
Subject key identifier: A6:D2:35:F4:13:5D:50:FE:F2:2C:6A:E6:CE:CF:2E:42:66:E7:BC:86
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE7F4584DA9623E890DC4C8B8EE537
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ptI19BNdUP7yLGrmzs8uQmbnvIY.roa
Signing time: Tue 02 Jan 2024 06:31:13 +0000
ROA not before: Tue 02 Jan 2024 06:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18978
IP address blocks: 141.98.188.0/22 maxlen: 24
88.218.92.0/22 maxlen: 24
45.149.112.0/22 maxlen: 24
85.209.192.0/22 maxlen: 24
194.59.220.0/23 maxlen: 24
45.66.156.0/22 maxlen: 24
45.66.164.0/22 maxlen: 24
194.59.244.0/23 maxlen: 24
5.180.24.0/22 maxlen: 24
5.180.20.0/22 maxlen: 24
5.180.28.0/22 maxlen: 24
5.180.44.0/22 maxlen: 24
5.180.40.0/22 maxlen: 24
194.55.136.0/23 maxlen: 24
85.208.108.0/22 maxlen: 24
85.208.116.0/22 maxlen: 24
45.128.60.0/22 maxlen: 24
194.124.244.0/23 maxlen: 24
194.124.250.0/23 maxlen: 24
5.180.144.0/22 maxlen: 24
5.180.52.0/22 maxlen: 24
45.136.112.0/22 maxlen: 24
45.136.116.0/22 maxlen: 24
45.136.124.0/22 maxlen: 24
45.136.128.0/22 maxlen: 24
194.55.188.0/23 maxlen: 24
45.136.148.0/22 maxlen: 24
85.209.152.0/22 maxlen: 24
194.36.36.0/22 maxlen: 24
85.209.156.0/22 maxlen: 24
194.76.146.0/23 maxlen: 24
194.76.154.0/23 maxlen: 24
5.253.28.0/22 maxlen: 24
5.253.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 13:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:7f:45:84:da:96:23:e8:90:dc:4c:8b:8e:e5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6d235f4135d50fef22c6ae6cecf2e4266e7bc86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:57:b3:0e:44:9f:09:69:a1:d2:fc:23:2f:
be:48:e4:a1:e9:c8:85:e7:0f:69:e3:b7:48:77:04:
89:ab:75:2e:13:01:b1:ab:bc:79:20:ab:2b:05:a4:
61:84:f6:a7:9b:de:e9:9d:78:54:e2:a2:8d:3b:84:
9f:d4:db:cb:d3:25:7b:29:81:cb:d2:ab:a8:89:4b:
a9:88:ad:ca:ab:ac:ca:27:69:a2:00:00:0b:d4:40:
67:5e:bd:32:41:42:8e:4a:a1:1e:ac:38:79:41:1d:
1d:59:0d:01:4b:d2:27:4b:19:46:82:52:29:89:81:
b6:82:0d:6d:ae:af:b3:ec:dc:79:fc:e7:a7:bd:ea:
b9:02:c1:40:4b:c3:b7:c9:39:c9:cf:ea:45:b2:4a:
b0:ca:1a:80:ca:ef:77:74:2c:69:be:00:a6:b0:ef:
34:88:44:16:fa:0b:f2:d3:01:9a:b2:58:0d:2f:3b:
d4:7c:2e:db:23:8d:b3:44:ac:62:a1:c5:33:a5:ce:
69:79:33:c8:d9:2a:94:99:f5:1d:6e:6b:ec:5a:ff:
26:cf:08:58:26:b8:f1:d3:fa:30:85:b2:ed:ff:a5:
dd:ad:8d:8a:ab:25:95:45:f9:26:c9:6b:06:94:1b:
83:e3:9a:28:d5:fc:d1:21:ae:86:35:b9:b1:f5:e3:
af:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D2:35:F4:13:5D:50:FE:F2:2C:6A:E6:CE:CF:2E:42:66:E7:BC:86
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ptI19BNdUP7yLGrmzs8uQmbnvIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.20.0-5.180.31.255
5.180.40.0/21
5.180.52.0/22
5.180.144.0/22
5.253.28.0/22
5.253.40.0/22
45.66.156.0/22
45.66.164.0/22
45.128.60.0/22
45.136.112.0/21
45.136.124.0-45.136.131.255
45.136.148.0/22
45.149.112.0/22
85.208.108.0/22
85.208.116.0/22
85.209.152.0/21
85.209.192.0/22
88.218.92.0/22
141.98.188.0/22
194.36.36.0/22
194.55.136.0/23
194.55.188.0/23
194.59.220.0/23
194.59.244.0/23
194.76.146.0/23
194.76.154.0/23
194.124.244.0/23
194.124.250.0/23
Signature Algorithm: sha256WithRSAEncryption
69:44:e6:51:6f:6e:7e:c2:d1:eb:8b:a0:f1:89:97:d3:a3:70:
82:88:ab:db:4c:52:a2:3a:38:01:e2:72:81:29:ea:df:af:77:
4a:28:85:08:59:b2:d7:f9:2c:c3:a2:de:0d:5c:21:00:6d:29:
22:bb:97:ef:4b:24:1b:d9:e3:4f:be:0c:ce:f0:12:9e:6c:cd:
e9:b3:d4:b0:c6:1b:c6:59:08:15:16:31:e2:49:04:48:31:ae:
df:da:09:76:79:90:27:b9:6b:a6:4d:e5:47:e5:7a:c1:00:e5:
2c:dd:99:52:40:df:89:2c:75:e3:c9:e1:14:25:a5:91:b9:d7:
f3:e1:5b:6e:3b:ef:cf:c9:18:9f:c0:f4:2f:e9:a2:85:f0:9e:
bb:02:47:89:55:f1:b4:18:e8:9b:13:ea:03:ca:c1:fe:08:0c:
16:92:42:e0:fc:eb:cc:1d:a3:fb:90:35:71:f4:90:d4:3d:20:
67:77:b4:10:72:5a:60:0e:9a:36:37:65:37:37:6a:aa:3e:82:
00:27:a6:c8:3b:d0:ea:2b:36:b7:40:ca:92:0a:dc:87:0d:d5:
f8:4d:44:c6:d7:8d:76:91:fa:8f:a6:0c:00:63:7e:a2:fc:bd:
fb:ce:74:2c:f0:cb:e5:22:c2:54:92:13:f8:93:0c:ea:51:60:
20:cc:fb:b6
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYzI3n9FhNqWI+iQ3EyLjuU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmQyMzVmNDEzNWQ1MGZlZjIyYzZhZTZjZWNmMmU0MjY2ZTdiYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5RXsw5EnwlpodL8Iy++SOSh6ciF
5w9p47dIdwSJq3UuEwGxq7x5IKsrBaRhhPanm97pnXhU4qKNO4Sf1NvL0yV7KYHL
0quoiUupiK3Kq6zKJ2miAAAL1EBnXr0yQUKOSqEerDh5QR0dWQ0BS9InSxlGglIp
iYG2gg1trq+z7Nx5/Oenveq5AsFAS8O3yTnJz+pFskqwyhqAyu93dCxpvgCmsO80
iEQW+gvy0wGaslgNLzvUfC7bI42zRKxiocUzpc5peTPI2SqUmfUdbmvsWv8mzwhY
Jrjx0/owhbLt/6XdrY2KqyWVRfkmyWsGlBuD45oo1fzRIa6GNbmx9eOvnQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFKbSNfQTXVD+8ixq5s7PLkJm57yGMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcHRJMTlCTmRVUDd5TEdybXpzOHVRbWJudklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgwDAME
AgW0FAMEBQW0AAMEAwW0KAMEAgW0NAMEAgW0kAMEAgX9HAMEAgX9KAMEAi1CnAME
Ai1CpAMEAi2APAMEAy2IcDAMAwQCLYh8AwQCLYiAAwQCLYiUAwQCLZVwAwQCVdBs
AwQCVdB0AwQDVdGYAwQCVdHAAwQCWNpcAwQCjWK8AwQCwiQkAwQBwjeIAwQBwje8
AwQBwjvcAwQBwjv0AwQBwkySAwQBwkyaAwQBwnz0AwQBwnz6MA0GCSqGSIb3DQEB
CwUAA4IBAQBpROZRb25+wtHri6DxiZfTo3CCiKvbTFKiOjgB4nKBKerfr3dKKIUI
WbLX+SzDot4NXCEAbSkiu5fvSyQb2eNPvgzO8BKebM3ps9SwxhvGWQgVFjHiSQRI
Ma7f2gl2eZAnuWumTeVH5XrBAOUs3ZlSQN+JLHXjyeEUJaWRudfz4VtuO+/PyRif
wPQv6aKF8J67AkeJVfG0GOibE+oDysH+CAwWkkLg/OvMHaP7kDVx9JDUPSBnd7QQ
clpgDpo2N2U3N2qqPoIAJ6bIO9DqKza3QMqSCtyHDdX4TUTG1412kfqPpgwAY36i
/L37znQs8MvlIsJUkhP4kwzqUWAgzPu2
-----END CERTIFICATE-----
Generated at Tue Feb 20 17:51:14 2024 by rpki-client on console-fra.rpki-client.org