Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/PZ8rG-_9Bzm2FV4J_xIdDowPSXE.roa
File: PZ8rG-_9Bzm2FV4J_xIdDowPSXE.roa (raw, json)
Hash identifier: ob0wS6R/wU3AsQu08tPyWMqXYDH4y79CZDL+0Gow8Y0=
Subject key identifier: 3D:9F:2B:1B:EF:FD:07:39:B6:15:5E:09:FF:12:1D:0E:8C:0F:49:71
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01856FB11EE271D33D5B829200E0BE1E7BAE
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/PZ8rG-_9Bzm2FV4J_xIdDowPSXE.roa
Signing time: Sun 01 Jan 2023 23:35:56 +0000
ROA not before: Sun 01 Jan 2023 23:35:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 171.22.248.0/23 maxlen: 23
171.22.251.0/24 maxlen: 24
171.22.250.0/24 maxlen: 24
45.146.206.0/23 maxlen: 23
45.146.204.0/23 maxlen: 23
45.135.16.0/23 maxlen: 23
45.82.223.0/24 maxlen: 24
45.135.18.0/23 maxlen: 24
85.208.32.0/23 maxlen: 23
85.208.34.0/23 maxlen: 23
5.183.94.0/24 maxlen: 24
185.244.8.0/23 maxlen: 23
185.244.10.0/24 maxlen: 24
185.244.11.0/24 maxlen: 24
193.42.226.0/23 maxlen: 23
194.116.250.0/23 maxlen: 23
193.42.224.0/23 maxlen: 23
194.116.248.0/23 maxlen: 23
2.58.12.0/23 maxlen: 24
194.5.226.0/23 maxlen: 24
194.5.224.0/23 maxlen: 24
45.89.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 19:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:1e:e2:71:d3:3d:5b:82:92:00:e0:be:1e:7b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 1 23:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d9f2b1beffd0739b6155e09ff121d0e8c0f4971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:43:cf:e8:06:66:05:97:cb:58:3a:5b:f1:01:
14:25:5c:c9:79:4d:91:bf:08:49:59:77:02:24:c2:
82:3e:98:0a:5f:63:a0:f0:ea:f6:25:46:1c:a4:3d:
fd:bc:87:43:7a:16:06:ae:38:0c:4d:6d:a6:79:83:
cb:cd:bd:3c:2a:3e:16:17:02:36:94:d4:88:99:3d:
c0:19:4f:a4:fb:e4:1c:7a:28:b1:c6:72:7a:18:ac:
5a:2b:5b:e5:9e:52:4b:82:52:3f:40:a6:31:c4:f5:
b1:92:b0:46:7b:a1:84:69:90:a2:a8:77:ab:c6:24:
10:46:34:68:c6:f8:f7:86:36:a0:fc:c8:dc:6a:6e:
64:e4:2a:19:f5:ac:31:27:1d:98:19:79:5f:d1:d5:
5c:fc:14:32:41:12:d9:d1:b7:fd:8d:13:91:56:70:
b6:80:3d:bf:1e:ff:47:7e:40:be:27:46:b1:7a:d6:
4b:ae:fa:d4:89:eb:ff:56:cb:ac:21:24:e8:b5:82:
f2:8b:40:77:c2:a0:86:e3:fb:be:8c:44:e6:16:4e:
d6:7c:b8:60:e0:1e:e4:7a:a6:02:37:f9:a2:c6:24:
51:39:58:c6:1a:23:bb:bd:d5:e7:59:17:b9:ff:6c:
b8:7a:79:c5:58:2e:fd:d1:85:42:0d:b9:7b:3d:b4:
06:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9F:2B:1B:EF:FD:07:39:B6:15:5E:09:FF:12:1D:0E:8C:0F:49:71
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/PZ8rG-_9Bzm2FV4J_xIdDowPSXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.12.0/23
5.183.94.0/24
45.82.223.0/24
45.89.210.0/23
45.135.16.0/22
45.146.204.0/22
85.208.32.0/22
171.22.248.0/22
185.244.8.0/22
193.42.224.0/22
194.5.224.0/22
194.116.248.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:c6:24:4f:33:2c:36:fa:84:8d:c4:89:fa:5e:6a:9a:4b:22:
bd:93:5b:9f:6d:33:0c:32:50:cf:c9:1d:d2:03:91:69:86:a2:
cf:cb:ef:7f:52:18:ca:fa:d2:5f:18:b5:a3:3a:57:f3:ee:81:
03:a6:20:4b:96:63:bc:fa:19:74:f1:8b:19:93:ec:82:01:31:
e9:af:8f:7a:3f:ec:e1:17:de:24:e2:75:1a:8c:4c:9b:47:74:
78:88:6c:ae:b0:e9:b5:03:3d:94:7a:94:f3:b4:4e:12:9d:c7:
da:c3:97:13:64:d3:8b:3a:6d:37:a5:8c:52:aa:6e:78:e9:3a:
44:42:bc:44:4b:42:34:2b:50:0a:e6:72:eb:53:03:d2:17:30:
74:cc:1f:56:be:fd:a5:e3:e7:b0:96:40:9f:08:64:a1:2f:d8:
b7:06:92:7d:33:61:1e:df:2d:3f:66:81:bf:be:c7:16:35:71:
70:48:a7:7e:79:fb:23:10:ac:00:ab:f6:c7:e4:65:e1:13:0a:
aa:68:1d:0a:1b:17:35:aa:15:01:58:52:7b:57:23:b2:e2:e9:
f8:20:f7:91:16:10:2f:dc:99:dc:00:e1:ee:36:32:d9:54:e7:
d6:6c:97:88:6c:14:c8:c8:21:5b:b2:46:84:ae:a5:4c:65:9d:
4a:ef:d5:df
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVvsR7icdM9W4KSAOC+HnuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwMTAxMjMzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlmMmIxYmVmZmQwNzM5YjYxNTVlMDlmZjEyMWQwZThjMGY0OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUPP6AZmBZfLWDpb8QEUJVzJeU2R
vwhJWXcCJMKCPpgKX2Og8Or2JUYcpD39vIdDehYGrjgMTW2meYPLzb08Kj4WFwI2
lNSImT3AGU+k++QceiixxnJ6GKxaK1vlnlJLglI/QKYxxPWxkrBGe6GEaZCiqHer
xiQQRjRoxvj3hjag/Mjcam5k5CoZ9awxJx2YGXlf0dVc/BQyQRLZ0bf9jRORVnC2
gD2/Hv9HfkC+J0axetZLrvrUiev/VsusISTotYLyi0B3wqCG4/u+jETmFk7WfLhg
4B7keqYCN/mixiRROVjGGiO7vdXnWRe5/2y4ennFWC790YVCDbl7PbQGqwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFD2fKxvv/Qc5thVeCf8SHQ6MD0lxMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvUFo4ckctXzlCem0yRlY0Sl94SWREb3dQU1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBAjoMAwQA
BbdeAwQALVLfAwQBLVnSAwQCLYcQAwQCLZLMAwQCVdAgAwQCqxb4AwQCufQIAwQC
wSrgAwQCwgXgAwQCwnT4MA0GCSqGSIb3DQEBCwUAA4IBAQDGxiRPMyw2+oSNxIn6
XmqaSyK9k1ufbTMMMlDPyR3SA5FphqLPy+9/UhjK+tJfGLWjOlfz7oEDpiBLlmO8
+hl08YsZk+yCATHpr496P+zhF94k4nUajEybR3R4iGyusOm1Az2UepTztE4Sncfa
w5cTZNOLOm03pYxSqm546TpEQrxES0I0K1AK5nLrUwPSFzB0zB9Wvv2l4+ewlkCf
CGShL9i3BpJ9M2Ee3y0/ZoG/vscWNXFwSKd+efsjEKwAq/bH5GXhEwqqaB0KGxc1
qhUBWFJ7VyOy4un4IPeRFhAv3JncAOHuNjLZVOfWbJeIbBTIyCFbskaErqVMZZ1K
79Xf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:36 2024 by rpki-client on console-ams.rpki-client.org