Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/pnvtYHrrlRiGKIR50kW0zHem9j8.roa
File: pnvtYHrrlRiGKIR50kW0zHem9j8.roa (raw, json)
Hash identifier: KJWQ4vfl9qdCDRCI21C49OEDK/xVVPXu7ogadHy/9lw=
Subject key identifier: A6:7B:ED:60:7A:EB:95:18:86:28:84:79:D2:45:B4:CC:77:A6:F6:3F
Certificate issuer: /CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Certificate serial: 018CC9BC3391AC6901EF90DB092823E66CB5
Authority key identifier: 2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/pnvtYHrrlRiGKIR50kW0zHem9j8.roa
Signing time: Tue 02 Jan 2024 10:33:23 +0000
ROA not before: Tue 02 Jan 2024 10:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12703
IP address blocks: 185.68.112.0/23 maxlen: 23
46.236.0.0/18 maxlen: 18
185.68.114.0/23 maxlen: 23
178.236.144.0/20 maxlen: 20
89.151.64.0/18 maxlen: 18
81.29.64.0/19 maxlen: 19
2a02:16f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Jan 2024 22:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:33:91:ac:69:01:ef:90:db:09:28:23:e6:6c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Validity
Not Before: Jan 2 10:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a67bed607aeb951886288479d245b4cc77a6f63f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1a:f2:70:5f:37:97:d7:d5:50:12:0d:1f:3c:
db:19:ef:87:21:9a:18:b4:12:29:fd:fc:58:e5:8a:
d0:a3:22:cf:27:8d:73:bc:86:86:07:5c:90:46:b5:
ee:ac:fe:69:10:68:f5:e3:2c:84:5e:33:a3:86:f8:
d1:06:42:a9:af:64:1f:f3:33:b0:84:2b:51:a6:40:
f5:8d:69:bc:9b:bd:b5:7e:16:43:d9:9c:10:c5:71:
7c:42:57:f8:18:92:05:91:2c:51:6f:e6:88:ac:f0:
10:98:89:25:32:f7:d2:cb:db:91:bd:b0:1a:16:d9:
5b:b2:f8:96:28:fb:91:6e:5e:d8:41:4b:28:e4:29:
ac:79:55:6d:55:ca:27:a4:eb:e4:6a:cf:5a:87:a2:
d2:97:55:99:aa:c5:ee:95:60:e9:ca:ae:40:4c:aa:
78:de:98:a0:56:28:a4:da:dc:ed:ec:23:d9:77:2c:
70:2e:d3:dd:0e:a1:cd:b6:59:f4:3c:15:e9:da:09:
38:3f:9e:fd:07:e3:78:25:c3:55:75:66:b2:70:4a:
d4:33:e9:0c:d5:2c:d4:21:dc:69:d5:fc:9b:a1:05:
aa:cd:cb:ab:d9:f9:9f:5d:35:59:d3:a2:be:70:0a:
64:79:8f:b1:5d:43:bd:6f:eb:24:d9:2e:cb:ee:1d:
f3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7B:ED:60:7A:EB:95:18:86:28:84:79:D2:45:B4:CC:77:A6:F6:3F
X509v3 Authority Key Identifier:
keyid:2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/pnvtYHrrlRiGKIR50kW0zHem9j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.0.0/18
81.29.64.0/19
89.151.64.0/18
178.236.144.0/20
185.68.112.0/22
IPv6:
2a02:16f8::/32
Signature Algorithm: sha256WithRSAEncryption
06:8d:e7:b1:c0:e9:ec:04:6f:c6:dd:e1:82:73:ec:6a:1b:5c:
bc:c5:0b:1a:12:ad:87:94:63:56:9c:44:c5:e4:90:44:20:78:
f7:cb:40:ea:fe:84:5a:27:ca:0a:c2:53:37:65:e6:a8:ad:10:
b8:04:91:0c:2e:b6:29:57:cd:c0:6a:6a:58:e4:b2:27:c7:11:
78:9b:ee:18:b7:55:9c:0e:7c:89:59:61:8e:df:28:25:2c:42:
71:9e:7c:27:54:27:e8:29:5d:e9:4a:e1:f6:2d:da:bd:5d:47:
6d:41:81:96:e3:ae:22:df:dc:51:24:19:3d:df:9f:2a:02:86:
06:5c:ba:80:0e:0f:63:cb:c9:a7:d6:26:59:9b:7f:21:a2:91:
bf:e9:fa:a6:83:e9:56:39:e0:90:f5:e1:30:df:7e:05:a9:80:
0d:3f:1e:60:ee:6e:74:b3:95:ef:84:7d:99:e1:f5:f0:7d:ff:
4d:8e:1b:74:01:b2:b1:d5:44:fe:4a:f0:6e:ba:7e:4d:d4:94:
43:74:11:31:4c:91:e2:28:0b:69:af:bd:93:29:21:70:a7:67:
f6:a6:28:83:56:aa:05:0c:c7:48:1b:d8:e1:74:59:88:1b:40:
9d:03:68:91:83:be:7f:f0:d6:e2:a0:93:f0:5b:52:5d:5a:94:
e8:d9:08:c6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzJvDORrGkB75DbCSgj5my1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZTUzZDM0MGE4YmY0N2MxYmYzNGQzMjU1ZTEwMmVmYjE4
MWFkMTkwHhcNMjQwMTAyMTAzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdiZWQ2MDdhZWI5NTE4ODYyODg0NzlkMjQ1YjRjYzc3YTZmNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hrycF83l9fVUBINHzzbGe+HIZoY
tBIp/fxY5YrQoyLPJ41zvIaGB1yQRrXurP5pEGj14yyEXjOjhvjRBkKpr2Qf8zOw
hCtRpkD1jWm8m721fhZD2ZwQxXF8Qlf4GJIFkSxRb+aIrPAQmIklMvfSy9uRvbAa
FtlbsviWKPuRbl7YQUso5CmseVVtVconpOvkas9ah6LSl1WZqsXulWDpyq5ATKp4
3pigViik2tzt7CPZdyxwLtPdDqHNtln0PBXp2gk4P579B+N4JcNVdWaycErUM+kM
1SzUIdxp1fyboQWqzcur2fmfXTVZ06K+cApkeY+xXUO9b+sk2S7L7h3zkwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKZ77WB665UYhiiEedJFtMx3pvY/MB8GA1UdIwQY
MBaAFCvlPTQKi/R8G/NNMlXhAu+xga0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEt
NzRmMGMzZTY2M2NiLzEvcG52dFlIcnJsUmlHS0lSNTBrVzB6SGVtOWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEtNzRmMGMzZTY2M2Ni
LzEvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGLuwAAwQF
UR1AAwQGWZdAAwQEsuyQAwQCuURwMA0EAgACMAcDBQAqAhb4MA0GCSqGSIb3DQEB
CwUAA4IBAQAGjeexwOnsBG/G3eGCc+xqG1y8xQsaEq2HlGNWnETF5JBEIHj3y0Dq
/oRaJ8oKwlM3ZeaorRC4BJEMLrYpV83AampY5LInxxF4m+4Yt1WcDnyJWWGO3ygl
LEJxnnwnVCfoKV3pSuH2Ldq9XUdtQYGW464i39xRJBk9358qAoYGXLqADg9jy8mn
1iZZm38hopG/6fqmg+lWOeCQ9eEw334FqYANPx5g7m50s5XvhH2Z4fXwff9Njht0
AbKx1UT+SvBuun5N1JRDdBExTJHiKAtpr72TKSFwp2f2piiDVqoFDMdIG9jhdFmI
G0CdA2iRg75/8NbioJPwW1JdWpTo2QjG
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:28:41 2025 by rpki-client