Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pQgEauVo4SaEctLI75UZAPoDvLA.roa
File: pQgEauVo4SaEctLI75UZAPoDvLA.roa (raw, json)
Hash identifier: HPHDahm64GY1OUfqnOEWdyeLV0GXi3a9K4pOwMDIKUA=
Subject key identifier: A5:08:04:6A:E5:68:E1:26:84:72:D2:C8:EF:95:19:00:FA:03:BC:B0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B8B96C7E148E7B9620EA93ED9766925D2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pQgEauVo4SaEctLI75UZAPoDvLA.roa
Signing time: Wed 01 Nov 2023 15:53:16 +0000
ROA not before: Wed 01 Nov 2023 15:53:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 185.121.120.0/24 maxlen: 24
2.56.56.0/22 maxlen: 24
37.46.150.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
185.239.242.0/24 maxlen: 24
2.58.148.0/22 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Nov 2023 07:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:96:c7:e1:48:e7:b9:62:0e:a9:3e:d9:76:69:25:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 1 15:53:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a508046ae568e1268472d2c8ef951900fa03bcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f9:15:14:47:01:dc:eb:73:92:41:a1:0d:47:
84:cf:15:2a:5c:32:27:c9:08:e0:fa:09:ca:43:41:
f3:cb:b2:e9:04:33:0f:98:4d:83:1c:61:7e:3f:08:
b6:a6:f9:9a:b1:45:66:51:0e:84:9e:34:85:8e:b7:
68:4b:89:21:6e:2e:50:83:a9:ce:66:af:ad:7a:c5:
af:10:88:38:89:cc:68:14:1b:6d:42:7b:20:23:d4:
e9:d2:dc:b6:58:bb:be:fe:80:94:f5:e8:4a:bc:da:
a9:c3:d5:01:31:a9:77:5a:a8:a2:c5:f6:7c:a1:5f:
51:7a:1c:ab:25:cd:e1:6c:20:20:a1:4a:b3:1e:58:
78:2e:9f:26:9a:98:46:d4:77:f9:95:68:ea:2f:d9:
c3:b5:b9:6a:0d:1f:6f:8c:c3:20:b7:fd:7e:5e:88:
8e:33:a5:09:b0:2c:49:c0:84:f2:92:eb:81:94:e6:
17:f3:be:b5:6b:7d:c2:34:0d:1b:db:98:89:12:79:
1c:c5:91:ff:76:3a:96:26:77:d9:f7:43:16:bb:99:
8c:c6:5c:94:70:0b:9b:45:84:2b:9c:10:f0:c8:44:
7a:b2:54:c9:56:1e:73:0d:a2:8b:09:c3:8c:e9:01:
b8:89:36:42:92:b8:bc:19:41:45:13:63:41:57:5d:
72:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:08:04:6A:E5:68:E1:26:84:72:D2:C8:EF:95:19:00:FA:03:BC:B0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pQgEauVo4SaEctLI75UZAPoDvLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.56.0/22
2.58.148.0/22
37.46.150.0/24
89.37.63.0/24
185.121.120.0/24
185.239.242.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:83:0c:1e:67:f6:35:9c:11:8d:6e:a4:37:57:f6:ff:4e:d5:
e1:7e:90:d0:a9:df:06:fe:62:d7:aa:0f:f2:85:ff:27:13:ea:
66:0c:04:ef:16:e6:0a:b2:a5:ca:02:c7:d3:d7:44:6b:25:9e:
8c:dc:20:cd:0b:4f:47:e7:73:1e:a8:b4:a7:f3:c2:95:17:ef:
a4:ac:5b:30:2e:2f:b5:1a:04:54:50:52:f8:08:22:cf:6b:0f:
cf:87:90:49:cd:89:55:23:76:91:5e:c5:52:fe:84:5e:b9:02:
b5:48:89:0c:01:d2:49:f2:46:c6:a7:82:df:28:11:2c:fc:f9:
9f:ed:3d:14:eb:3b:68:bb:2e:73:9a:f7:9e:60:1c:42:53:7e:
f0:6e:34:8f:5f:87:ec:51:ca:d4:ae:be:0b:b8:2b:35:ad:f7:
f3:c1:b7:8c:b0:93:88:24:d8:22:af:7d:8e:fa:21:f9:a3:28:
4d:de:25:1e:b8:94:59:30:e7:2c:b7:62:2f:1f:f7:60:bf:0c:
e1:b1:a2:81:c8:81:2a:2d:bf:1c:95:22:a0:0e:97:63:5c:a1:
c5:52:38:81:33:76:de:6c:da:75:76:46:62:a1:1e:1c:9d:dd:
3b:9c:75:9e:3e:b1:6c:a4:0e:d2:8b:5e:dd:3a:a6:86:dd:f6:
5e:02:d6:22
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuLlsfhSOe5Yg6pPtl2aSXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAxMTU1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA4MDQ2YWU1NjhlMTI2ODQ3MmQyYzhlZjk1MTkwMGZhMDNiY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfkVFEcB3OtzkkGhDUeEzxUqXDIn
yQjg+gnKQ0Hzy7LpBDMPmE2DHGF+Pwi2pvmasUVmUQ6EnjSFjrdoS4khbi5Qg6nO
Zq+tesWvEIg4icxoFBttQnsgI9Tp0ty2WLu+/oCU9ehKvNqpw9UBMal3WqiixfZ8
oV9RehyrJc3hbCAgoUqzHlh4Lp8mmphG1Hf5lWjqL9nDtblqDR9vjMMgt/1+XoiO
M6UJsCxJwITykuuBlOYX8761a33CNA0b25iJEnkcxZH/djqWJnfZ90MWu5mMxlyU
cAubRYQrnBDwyER6slTJVh5zDaKLCcOM6QG4iTZCkri8GUFFE2NBV11y7QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKUIBGrlaOEmhHLSyO+VGQD6A7ywMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcFFnRWF1Vm80U2FFY3RMSTc1VVpBUG9EdkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjg4AwQC
AjqUAwQAJS6WAwQAWSU/AwQAuXl4AwQBue/yMA0GCSqGSIb3DQEBCwUAA4IBAQBM
gwweZ/Y1nBGNbqQ3V/b/TtXhfpDQqd8G/mLXqg/yhf8nE+pmDATvFuYKsqXKAsfT
10RrJZ6M3CDNC09H53MeqLSn88KVF++krFswLi+1GgRUUFL4CCLPaw/Ph5BJzYlV
I3aRXsVS/oReuQK1SIkMAdJJ8kbGp4LfKBEs/Pmf7T0U6ztouy5zmveeYBxCU37w
bjSPX4fsUcrUrr4LuCs1rffzwbeMsJOIJNgir32O+iH5oyhN3iUeuJRZMOcst2Iv
H/dgvwzhsaKByIEqLb8clSKgDpdjXKHFUjiBM3bebNp1dkZioR4cnd07nHWePrFs
pA7Si17dOqaG3fZeAtYi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org