Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PukhVbTBtDmSxKoCdsx7lrdCEMI.roa
File: PukhVbTBtDmSxKoCdsx7lrdCEMI.roa (raw, json)
Hash identifier: D77El/WKDXZ12j4uvmMdwNyU7iANrW763FU0CS2RWlo=
Subject key identifier: 3E:E9:21:55:B4:C1:B4:39:92:C4:AA:02:76:CC:7B:96:B7:42:10:C2
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01882F7C49F945BDD31BA9D57063808CAFD8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PukhVbTBtDmSxKoCdsx7lrdCEMI.roa
Signing time: Thu 18 May 2023 15:30:54 +0000
ROA not before: Thu 18 May 2023 15:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.58.144.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 May 2023 08:32:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2f:7c:49:f9:45:bd:d3:1b:a9:d5:70:63:80:8c:af:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 18 15:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ee92155b4c1b43992c4aa0276cc7b96b74210c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2f:85:7f:e3:33:c2:f6:04:01:c1:09:7c:5b:
d9:a5:db:97:f6:42:c9:8c:36:ad:5f:25:fa:bc:0b:
b6:52:af:d1:72:b3:d2:04:2f:08:8c:46:3c:c8:04:
0f:d2:ef:e4:36:ce:35:32:00:23:ba:52:3e:9e:94:
e8:50:28:24:42:04:d6:22:54:d9:a9:55:48:33:c9:
91:c7:17:ba:11:2e:64:e5:e3:f8:91:45:46:a0:c0:
3e:5c:65:8d:88:69:3a:3d:07:1e:f6:4f:0f:d0:41:
13:5f:a6:dc:9d:0e:07:e5:d1:1f:6e:2e:5f:c7:3f:
02:53:50:d9:1a:2e:a8:ed:32:42:6c:c9:9a:de:84:
f7:9c:97:6f:da:ac:d7:e5:f3:ad:d6:59:26:99:7b:
10:54:d6:8f:f1:d0:b9:f6:48:2d:e0:f4:27:33:a3:
86:59:f9:19:08:5f:49:c4:3e:32:39:31:5a:7f:17:
d2:a5:96:2d:ef:58:ff:e7:5a:b6:26:6a:c4:74:80:
7c:10:a4:12:f3:92:71:66:f5:c8:3a:46:6a:b1:ec:
83:34:bd:3a:f9:05:f8:72:b5:d7:7a:20:f6:64:be:
5d:ea:9a:57:44:07:16:37:13:49:82:bd:0a:04:73:
02:ca:e1:ab:2e:6a:2c:7d:76:05:80:a2:24:2a:29:
7c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E9:21:55:B4:C1:B4:39:92:C4:AA:02:76:CC:7B:96:B7:42:10:C2
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PukhVbTBtDmSxKoCdsx7lrdCEMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.225.0.0/23
185.246.115.0/24
193.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
19:53:32:f3:45:20:51:6b:13:93:f8:71:f6:86:ea:65:b1:04:
00:9c:20:08:f2:52:cc:93:ee:1a:dd:c9:da:55:7c:04:60:69:
b8:b2:f5:07:39:0e:83:bc:d7:0d:57:71:2e:bb:da:26:47:19:
ed:91:5b:c9:29:02:e7:66:ce:d5:1a:fb:75:7b:6c:56:d0:e8:
ac:07:aa:59:37:ad:11:d2:0e:25:0e:bd:86:b2:6b:50:d0:98:
3a:b4:40:4e:c1:87:ff:c0:06:45:08:10:bb:20:bc:f4:67:e5:
62:cc:3d:4a:54:79:29:c7:d9:b5:92:bc:7b:08:bd:b9:93:dd:
5c:25:23:07:a8:7c:3c:74:b5:23:7e:14:00:b0:a0:00:d3:97:
ca:b1:46:01:a7:35:0b:29:3f:e1:43:6c:06:84:67:9c:fd:17:
42:fb:17:a7:41:f5:40:e1:7f:03:d1:4e:cb:b4:5c:a0:4b:80:
7d:d4:64:44:39:77:a2:05:99:04:b5:75:43:23:96:cf:c9:91:
49:51:35:dd:d3:be:8a:57:ad:f3:a4:22:6a:20:95:95:f1:2d:
2c:f9:ed:50:ae:bd:ee:25:30:0e:00:de:9c:6c:b7:b2:d2:ea:
7a:dd:4f:c1:5a:81:69:a6:ad:c9:2a:eb:55:bf:9e:41:76:91:
ad:e0:3b:1e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgvfEn5Rb3TG6nVcGOAjK/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTE4MTUzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU5MjE1NWI0YzFiNDM5OTJjNGFhMDI3NmNjN2I5NmI3NDIxMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti+Ff+MzwvYEAcEJfFvZpduX9kLJ
jDatXyX6vAu2Uq/RcrPSBC8IjEY8yAQP0u/kNs41MgAjulI+npToUCgkQgTWIlTZ
qVVIM8mRxxe6ES5k5eP4kUVGoMA+XGWNiGk6PQce9k8P0EETX6bcnQ4H5dEfbi5f
xz8CU1DZGi6o7TJCbMma3oT3nJdv2qzX5fOt1lkmmXsQVNaP8dC59kgt4PQnM6OG
WfkZCF9JxD4yOTFafxfSpZYt71j/51q2JmrEdIB8EKQS85JxZvXIOkZqseyDNL06
+QX4crXXeiD2ZL5d6ppXRAcWNxNJgr0KBHMCyuGrLmosfXYFgKIkKil8rQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD7pIVW0wbQ5ksSqAnbMe5a3QhDCMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUHVraFZiVEJ0RG1TeEtvQ2RzeDdscmRDRU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQgVAwQA
LZPgAwQBueEAAwQAufZzAwQAwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQAZUzLzRSBR
axOT+HH2huplsQQAnCAI8lLMk+4a3cnaVXwEYGm4svUHOQ6DvNcNV3Euu9omRxnt
kVvJKQLnZs7VGvt1e2xW0OisB6pZN60R0g4lDr2GsmtQ0Jg6tEBOwYf/wAZFCBC7
ILz0Z+VizD1KVHkpx9m1krx7CL25k91cJSMHqHw8dLUjfhQAsKAA05fKsUYBpzUL
KT/hQ2wGhGec/RdC+xenQfVA4X8D0U7LtFygS4B91GREOXeiBZkEtXVDI5bPyZFJ
UTXd076KV63zpCJqIJWV8S0s+e1Qrr3uJTAOAN6cbLey0up63U/BWoFppq3JKutV
v55BdpGt4Dse
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org