Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PIo3wEcjjRRgKy2p4ALQXTcQcwg.roa
File: PIo3wEcjjRRgKy2p4ALQXTcQcwg.roa (raw, json)
Hash identifier: VW5tlC76/tvOhutP2VhDakyI1OkjCXutqaTmDCEHiuQ=
Subject key identifier: 3C:8A:37:C0:47:23:8D:14:60:2B:2D:A9:E0:02:D0:5D:37:10:73:08
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01897303F8DEDB9116210A636345BE94D217
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PIo3wEcjjRRgKy2p4ALQXTcQcwg.roa
Signing time: Thu 20 Jul 2023 11:16:27 +0000
ROA not before: Thu 20 Jul 2023 11:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 45.146.224.0/22 maxlen: 24
185.131.188.0/22 maxlen: 24
185.248.208.0/22 maxlen: 24
5.182.72.0/22 maxlen: 24
185.151.176.0/22 maxlen: 24
185.230.0.0/22 maxlen: 24
141.98.36.0/22 maxlen: 24
185.198.108.0/22 maxlen: 24
141.98.52.0/22 maxlen: 24
185.114.64.0/22 maxlen: 24
45.136.32.0/22 maxlen: 24
185.123.136.0/22 maxlen: 24
185.126.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 08:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:03:f8:de:db:91:16:21:0a:63:63:45:be:94:d2:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jul 20 11:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c8a37c047238d14602b2da9e002d05d37107308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:25:2b:ee:d9:02:4d:14:a5:58:d4:e3:f3:90:
b9:07:02:6e:ae:ce:66:37:37:66:e1:34:3e:15:90:
f2:1f:65:24:81:9c:ca:f1:c5:54:e3:e6:40:32:bc:
ec:25:9b:7e:9a:ed:e4:d1:66:d8:91:bc:f1:fb:d2:
a7:02:79:ba:8e:61:22:3b:47:61:4e:79:e6:34:f2:
22:ea:67:08:7e:0b:ed:55:3e:22:7d:84:f0:a1:5c:
3f:5f:5f:85:d5:47:d0:32:f9:c4:e7:51:75:39:e9:
0f:bf:a5:55:8a:ce:cd:7f:94:e6:15:c9:42:5d:a4:
72:a3:51:59:4b:ca:05:b0:43:67:bd:0b:7b:67:4b:
a0:32:dd:a2:28:92:e9:14:f0:a2:5c:f0:d5:aa:fa:
28:8d:65:7b:5a:69:91:c2:a3:30:22:76:cd:9d:3f:
6e:75:cb:a8:7f:17:35:32:53:d4:50:81:5f:f3:9d:
93:8a:ba:14:58:6b:67:eb:7d:39:e8:4e:6d:22:05:
8a:47:9c:71:c2:93:f6:36:a4:b7:85:96:d5:f2:9f:
c2:0b:00:60:be:25:36:c7:0c:87:72:29:e1:9d:b6:
8f:4c:ae:d4:34:65:12:3b:b2:ff:74:f2:62:18:4b:
29:3e:e6:7d:72:60:f3:69:fd:65:f9:90:1d:c4:c6:
8f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8A:37:C0:47:23:8D:14:60:2B:2D:A9:E0:02:D0:5D:37:10:73:08
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PIo3wEcjjRRgKy2p4ALQXTcQcwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.72.0/22
45.136.32.0/22
45.146.224.0/22
141.98.36.0/22
141.98.52.0/22
185.114.64.0/22
185.123.136.0/22
185.126.232.0/22
185.131.188.0/22
185.151.176.0/22
185.198.108.0/22
185.230.0.0/22
185.248.208.0/22
Signature Algorithm: sha256WithRSAEncryption
43:8d:b9:65:49:bf:12:33:f7:a7:0c:54:22:be:7a:02:44:94:
a7:2a:08:93:91:cd:24:67:b2:ce:c1:65:29:ed:33:88:4e:79:
68:c3:c8:53:d0:88:26:d3:e7:6b:e4:57:66:87:45:94:7b:49:
55:17:09:b3:75:f7:1b:d8:db:c8:4c:a4:85:d8:f9:b7:15:7f:
8f:cd:33:90:ea:e3:38:70:d0:a0:48:ee:7d:79:39:44:13:7a:
91:0a:cc:ce:1e:e7:1b:45:45:8a:89:ba:12:57:7d:6e:ab:05:
25:a3:14:c3:46:71:65:5b:d1:63:a5:b3:9e:71:f3:ed:10:d7:
c7:a2:44:48:1a:06:91:89:2f:b2:50:be:c4:91:7e:f0:cf:6b:
76:56:2f:a2:78:3a:cf:3b:bb:46:73:48:c4:ba:fd:da:ab:a9:
d1:02:4d:ee:7e:3b:af:21:d0:9a:ab:5a:38:4c:92:c1:f6:3e:
ac:9f:f7:71:25:5e:26:0b:28:ea:db:d9:1f:e9:2d:ab:ec:ab:
2b:90:4b:60:6e:2a:7d:92:0b:81:a6:a3:3b:e6:60:6c:72:b0:
65:d7:7a:00:73:80:ee:19:10:5d:5d:2b:19:d8:bf:48:69:cb:
2e:b4:b0:b3:6c:b8:7d:2b:b3:99:76:d3:b0:c6:08:8a:cc:71:
f8:d6:b5:5d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYlzA/je25EWIQpjY0W+lNIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwNzIwMTExNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzhhMzdjMDQ3MjM4ZDE0NjAyYjJkYTllMDAyZDA1ZDM3MTA3MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiUr7tkCTRSlWNTj85C5BwJurs5m
Nzdm4TQ+FZDyH2UkgZzK8cVU4+ZAMrzsJZt+mu3k0WbYkbzx+9KnAnm6jmEiO0dh
TnnmNPIi6mcIfgvtVT4ifYTwoVw/X1+F1UfQMvnE51F1OekPv6VVis7Nf5TmFclC
XaRyo1FZS8oFsENnvQt7Z0ugMt2iKJLpFPCiXPDVqvoojWV7WmmRwqMwInbNnT9u
dcuofxc1MlPUUIFf852TiroUWGtn63056E5tIgWKR5xxwpP2NqS3hZbV8p/CCwBg
viU2xwyHcinhnbaPTK7UNGUSO7L/dPJiGEspPuZ9cmDzaf1l+ZAdxMaP7QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFDyKN8BHI40UYCstqeAC0F03EHMIMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvUElvM3dFY2pqUlJnS3kycDRBTFFYVGNRY3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBbZIAwQC
LYggAwQCLZLgAwQCjWIkAwQCjWI0AwQCuXJAAwQCuXuIAwQCuX7oAwQCuYO8AwQC
uZewAwQCucZsAwQCueYAAwQCufjQMA0GCSqGSIb3DQEBCwUAA4IBAQBDjbllSb8S
M/enDFQivnoCRJSnKgiTkc0kZ7LOwWUp7TOITnlow8hT0Igm0+dr5Fdmh0WUe0lV
Fwmzdfcb2NvITKSF2Pm3FX+PzTOQ6uM4cNCgSO59eTlEE3qRCszOHucbRUWKiboS
V31uqwUloxTDRnFlW9FjpbOecfPtENfHokRIGgaRiS+yUL7EkX7wz2t2Vi+ieDrP
O7tGc0jEuv3aq6nRAk3ufjuvIdCaq1o4TJLB9j6sn/dxJV4mCyjq29kf6S2r7Ksr
kEtgbip9kguBpqM75mBscrBl13oAc4DuGRBdXSsZ2L9IacsutLCzbLh9K7OZdtOw
xgiKzHH41rVd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org