Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/pulzv1BBQg-WxDdYs-z_e1iU_uk.roa
File: pulzv1BBQg-WxDdYs-z_e1iU_uk.roa (raw, json)
Hash identifier: c4YYk9+eiku5xdH8NKuQvoYBO6YhOwndmc26zUPUpQ4=
Subject key identifier: A6:E9:73:BF:50:41:42:0F:96:C4:37:58:B3:EC:FF:7B:58:94:FE:E9
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018EE10CA82563C2B43D4D4403343CB3DA90
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/pulzv1BBQg-WxDdYs-z_e1iU_uk.roa
Signing time: Mon 15 Apr 2024 09:18:06 +0000
ROA not before: Mon 15 Apr 2024 09:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
5.180.192.0/23 maxlen: 24
5.180.195.0/24 maxlen: 24
45.86.124.0/22 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0e:de80::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Apr 2024 17:39:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:0c:a8:25:63:c2:b4:3d:4d:44:03:34:3c:b3:da:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Apr 15 09:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6e973bf5041420f96c43758b3ecff7b5894fee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3e:84:bc:52:97:c9:15:51:2d:ae:c4:dd:ce:
dc:4e:b3:17:25:9b:3d:87:d9:29:ee:ea:88:7a:25:
02:a0:e0:b0:58:86:02:bc:be:a6:15:e3:be:be:76:
2a:6f:0f:79:5a:59:fd:4b:82:7d:a1:88:40:65:29:
34:6f:fb:fb:0e:8c:7d:c9:e5:d6:b4:40:51:f7:04:
12:d8:63:2d:e4:4a:5d:08:77:6f:7f:46:97:cd:97:
ed:7b:a4:89:7d:dd:8b:5d:5e:4d:74:da:0b:db:fb:
9f:98:1b:6d:6c:b3:0a:cc:f3:d9:71:84:18:e3:d8:
7b:82:86:c3:18:09:3b:3e:6d:b7:a8:ed:8e:61:49:
84:76:f3:63:4a:f0:d4:aa:ec:a2:47:3e:e9:ce:c2:
57:92:d7:33:9d:93:92:a7:a1:e9:af:b9:62:7a:c3:
74:98:50:a0:83:7e:ec:e2:88:24:d4:e9:9d:0c:f9:
4d:13:6c:76:1d:53:80:e6:76:cb:4b:4e:d8:27:9c:
34:c3:7f:28:a8:0f:d0:b4:f1:17:1b:c2:fb:2e:75:
e8:69:ed:c8:63:47:15:3a:36:0b:ae:b1:96:54:91:
7e:fc:3e:89:eb:be:c5:ee:cd:9b:b0:4c:1a:19:01:
0c:e9:ee:d2:82:cb:8c:09:6e:87:92:6a:9a:13:95:
b5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E9:73:BF:50:41:42:0F:96:C4:37:58:B3:EC:FF:7B:58:94:FE:E9
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/pulzv1BBQg-WxDdYs-z_e1iU_uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
5.180.195.0/24
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
b3:87:b1:3e:e1:32:9c:38:ff:13:ec:12:dc:59:9e:56:14:28:
03:a4:4f:f5:b1:8c:70:b1:a7:7c:2f:40:16:cb:af:dc:cf:c1:
d4:d0:ea:7a:70:db:1d:c1:68:b4:36:ec:63:46:b1:2c:0d:b5:
92:e5:9e:59:18:e0:4f:5f:bf:e1:c2:f3:13:69:c0:f3:6b:8b:
da:a3:94:c4:a9:af:a7:c3:81:87:9f:ec:60:f7:2f:11:9e:db:
2a:aa:14:ff:eb:f5:c5:ff:7a:03:c9:3f:6c:6f:bd:31:16:c6:
59:81:14:3c:3f:63:94:fa:55:50:24:f0:2c:f1:59:5f:62:de:
6e:c3:fb:ca:03:ec:f8:fb:5b:75:ee:f0:39:e0:f7:a8:db:b2:
8c:d9:47:35:8f:1b:c4:ec:90:bd:7c:33:32:45:41:54:86:e6:
74:6a:4c:70:d3:a8:15:a9:a0:46:aa:32:2c:a8:70:4d:3d:b0:
f1:8b:7f:0d:b8:79:8e:20:96:41:e9:46:a3:1f:7f:67:f7:bc:
8b:ae:9d:d0:25:ab:78:83:c0:6e:3d:b3:06:ef:5e:e1:eb:aa:
81:f2:ec:31:21:6b:8b:77:e1:67:e8:b4:2d:6e:5a:3e:aa:65:
a5:e9:0a:0f:de:df:d1:71:33:4a:cd:aa:0a:89:a1:a4:06:a8:
92:ee:1e:b3
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY7hDKglY8K0PU1EAzQ8s9qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNDE1MDkxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU5NzNiZjUwNDE0MjBmOTZjNDM3NThiM2VjZmY3YjU4OTRmZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz6EvFKXyRVRLa7E3c7cTrMXJZs9
h9kp7uqIeiUCoOCwWIYCvL6mFeO+vnYqbw95Wln9S4J9oYhAZSk0b/v7Dox9yeXW
tEBR9wQS2GMt5EpdCHdvf0aXzZfte6SJfd2LXV5NdNoL2/ufmBttbLMKzPPZcYQY
49h7gobDGAk7Pm23qO2OYUmEdvNjSvDUquyiRz7pzsJXktcznZOSp6Hpr7liesN0
mFCgg37s4ogk1OmdDPlNE2x2HVOA5nbLS07YJ5w0w38oqA/QtPEXG8L7LnXoae3I
Y0cVOjYLrrGWVJF+/D6J677F7s2bsEwaGQEM6e7SgsuMCW6HkmqaE5W1RwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFKbpc79QQUIPlsQ3WLPs/3tYlP7pMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvcHVsenYxQkJRZy1XeERkWXMtel9lMWlVX3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQABbTDAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBALOHsT7hMpw4
/xPsEtxZnlYUKAOkT/WxjHCxp3wvQBbLr9zPwdTQ6npw2x3BaLQ27GNGsSwNtZLl
nlkY4E9fv+HC8xNpwPNri9qjlMSpr6fDgYef7GD3LxGe2yqqFP/r9cX/egPJP2xv
vTEWxlmBFDw/Y5T6VVAk8CzxWV9i3m7D+8oD7Pj7W3Xu8Dng96jbsozZRzWPG8Ts
kL18MzJFQVSG5nRqTHDTqBWpoEaqMiyocE09sPGLfw24eY4glkHpRqMff2f3vIuu
ndAlq3iDwG49swbvXuHrqoHy7DEha4t34WfotC1uWj6qZaXpCg/e39FxM0rNqgqJ
oaQGqJLuHrM=
-----END CERTIFICATE-----
Generated at Tue Apr 30 20:56:59 2024 by rpki-client on console-fra.rpki-client.org