Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pcNw-rJdBZSDA-ruAwNSv7ZEnnU.roa
File: pcNw-rJdBZSDA-ruAwNSv7ZEnnU.roa (raw, json)
Hash identifier: gORfH37RHKdyZAe8rmExhxiJ+Zfuz4cUMWu9uKu/RTY=
Subject key identifier: A5:C3:70:FA:B2:5D:05:94:83:03:EA:EE:03:03:52:BF:B6:44:9E:75
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DCFFEF3580569AA1532C05E9E82EA67A4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pcNw-rJdBZSDA-ruAwNSv7ZEnnU.roa
Signing time: Thu 22 Feb 2024 08:46:48 +0000
ROA not before: Thu 22 Feb 2024 08:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:fe:f3:58:05:69:aa:15:32:c0:5e:9e:82:ea:67:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 22 08:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5c370fab25d05948303eaee030352bfb6449e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:08:a0:8c:96:31:fc:c3:a9:d0:9e:a9:4b:43:
b6:5b:82:08:d3:49:83:59:70:21:3a:4e:43:79:b4:
ea:0c:a2:b7:b3:d7:02:c5:21:c7:85:00:da:2d:06:
a8:64:1b:31:62:e0:e4:d2:e3:91:70:b0:71:92:81:
31:24:f4:a0:c0:3c:74:ab:07:7c:1e:cb:d1:52:fc:
57:8f:f5:a6:99:e4:e3:78:d4:a9:e9:ee:7e:45:f1:
73:ce:e6:de:85:75:a9:95:0d:3f:9f:cf:c2:90:8e:
74:ca:5a:4b:3d:0f:88:fe:24:63:65:8b:74:14:de:
db:30:32:5a:d4:7e:20:27:70:64:62:7c:8c:92:b1:
94:97:e0:0f:a6:7c:a8:d2:95:82:50:fa:5d:9e:30:
ac:8e:59:ee:72:10:1b:bf:01:bc:a8:5e:b4:e9:87:
c3:06:3a:c2:60:20:5c:44:5b:d2:d1:54:d1:b2:4d:
e7:cd:44:7d:1d:3e:5c:cd:55:7d:06:74:c9:26:98:
01:9e:75:c3:72:e7:8e:30:5f:a0:2c:26:fc:f0:bc:
bd:29:b1:61:c4:ff:34:c7:8c:b9:59:70:e8:63:fb:
6d:7a:92:1d:95:bf:28:df:42:c4:69:10:26:66:b2:
58:d6:09:f6:75:2c:e5:d5:6d:2f:d8:de:a6:f4:74:
15:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C3:70:FA:B2:5D:05:94:83:03:EA:EE:03:03:52:BF:B6:44:9E:75
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pcNw-rJdBZSDA-ruAwNSv7ZEnnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.223.80.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
60:4c:f8:e2:17:f8:8c:bf:7d:13:e2:36:5f:52:21:77:3d:e9:
51:1d:8a:54:ce:e3:ff:c6:4b:99:03:fc:99:fb:6f:a5:96:64:
c6:a8:bd:1c:fc:19:60:72:46:85:99:ec:97:84:5f:18:83:fb:
cc:35:cc:44:1c:c4:1f:f5:f3:b0:2a:4c:70:d9:16:73:cc:08:
10:9a:20:33:c8:c5:3a:a7:f2:95:44:51:c8:b9:c3:84:38:c4:
a9:31:7c:94:d9:83:3d:9f:17:e7:e0:f4:70:79:1f:c8:3f:80:
4d:1b:cd:ee:b4:37:c0:5c:81:0a:06:c0:ab:b5:7c:d0:12:8b:
9a:31:4b:79:51:fa:e8:0a:09:5f:35:44:ad:39:63:be:8b:74:
e0:f3:ac:b1:33:ea:8a:f6:4c:8b:14:dd:72:07:a9:42:4e:47:
51:a9:0c:41:37:06:b5:66:e2:3d:51:ee:2f:86:7b:f8:31:cd:
1f:9c:44:61:af:53:fa:15:68:87:0e:20:1d:b9:82:15:27:60:
c5:1e:41:d4:e6:6b:aa:24:6b:28:44:e3:37:71:47:55:c0:70:
f9:9e:63:1f:0d:7e:b5:af:a2:95:5e:ac:f2:4f:ac:fe:97:2a:
79:62:fd:ac:a2:75:fe:13:e4:f5:5f:c4:03:54:c1:c7:ea:d4:
ae:c2:25:10
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3P/vNYBWmqFTLAXp6C6mekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjIyMDg0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWMzNzBmYWIyNWQwNTk0ODMwM2VhZWUwMzAzNTJiZmI2NDQ5ZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQigjJYx/MOp0J6pS0O2W4II00mD
WXAhOk5DebTqDKK3s9cCxSHHhQDaLQaoZBsxYuDk0uORcLBxkoExJPSgwDx0qwd8
HsvRUvxXj/WmmeTjeNSp6e5+RfFzzubehXWplQ0/n8/CkI50ylpLPQ+I/iRjZYt0
FN7bMDJa1H4gJ3BkYnyMkrGUl+APpnyo0pWCUPpdnjCsjlnuchAbvwG8qF606YfD
BjrCYCBcRFvS0VTRsk3nzUR9HT5czVV9BnTJJpgBnnXDcueOMF+gLCb88Ly9KbFh
xP80x4y5WXDoY/ttepIdlb8o30LEaRAmZrJY1gn2dSzl1W0v2N6m9HQViQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKXDcPqyXQWUgwPq7gMDUr+2RJ51MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcGNOdy1ySmRCWlNEQS1ydUF3TlN2N1pFbm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsH34AwQA
udLoAwQAudZmAwQAud9QAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQBg
TPjiF/iMv30T4jZfUiF3PelRHYpUzuP/xkuZA/yZ+2+llmTGqL0c/BlgckaFmeyX
hF8Yg/vMNcxEHMQf9fOwKkxw2RZzzAgQmiAzyMU6p/KVRFHIucOEOMSpMXyU2YM9
nxfn4PRweR/IP4BNG83utDfAXIEKBsCrtXzQEouaMUt5UfroCglfNUStOWO+i3Tg
86yxM+qK9kyLFN1yB6lCTkdRqQxBNwa1ZuI9Ue4vhnv4Mc0fnERhr1P6FWiHDiAd
uYIVJ2DFHkHU5muqJGsoROM3cUdVwHD5nmMfDX61r6KVXqzyT6z+lyp5Yv2sonX+
E+T1X8QDVMHH6tSuwiUQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org