Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/PKngo0bLO1322hKzBhB3WOIc6gA.roa
File: PKngo0bLO1322hKzBhB3WOIc6gA.roa (raw, json)
Hash identifier: bmwEpggA8hjLClX0wt/78m/BfqAiogxhWT7Zzspx7Q4=
Subject key identifier: 3C:A9:E0:A3:46:CB:3B:5D:F6:DA:12:B3:06:10:77:58:E2:1C:EA:00
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018BB476F6C2FC9C11308E0ACA5981902962
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/PKngo0bLO1322hKzBhB3WOIc6gA.roa
Signing time: Thu 09 Nov 2023 14:22:57 +0000
ROA not before: Thu 09 Nov 2023 14:22:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25255
IP address blocks: 91.141.0.0/20 maxlen: 20
91.141.0.0/22 maxlen: 22
91.141.0.0/17 maxlen: 17
94.245.192.0/24 maxlen: 24
94.245.192.0/18 maxlen: 18
213.94.64.0/21 maxlen: 21
213.94.64.0/18 maxlen: 18
213.94.78.0/24 maxlen: 24
213.94.76.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
77.119.224.0/19 maxlen: 19
77.116.128.0/17 maxlen: 17
77.119.160.0/20 maxlen: 20
178.113.0.0/17 maxlen: 17
77.119.192.0/19 maxlen: 19
77.117.0.0/17 maxlen: 17
46.220.0.0/16 maxlen: 16
178.112.0.0/17 maxlen: 17
194.24.128.0/19 maxlen: 19
178.112.0.0/14 maxlen: 14
178.115.128.0/20 maxlen: 20
178.115.128.0/22 maxlen: 22
194.24.158.0/24 maxlen: 24
194.24.159.0/24 maxlen: 24
77.116.0.0/17 maxlen: 17
77.116.0.0/14 maxlen: 14
77.119.128.0/20 maxlen: 20
77.119.128.0/22 maxlen: 22
109.126.64.0/18 maxlen: 18
178.112.128.0/17 maxlen: 17
178.115.224.0/19 maxlen: 19
81.3.192.0/24 maxlen: 24
81.3.192.0/18 maxlen: 18
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
213.94.96.0/21 maxlen: 21
213.94.95.0/24 maxlen: 24
178.165.192.0/20 maxlen: 20
178.115.64.0/20 maxlen: 20
81.3.204.0/23 maxlen: 23
81.3.206.0/23 maxlen: 23
81.3.201.0/24 maxlen: 24
81.3.211.0/24 maxlen: 24
81.3.210.0/24 maxlen: 24
178.165.128.0/17 maxlen: 17
178.165.128.0/22 maxlen: 22
178.165.128.0/20 maxlen: 20
178.165.160.0/19 maxlen: 19
178.115.32.0/19 maxlen: 19
2a02:2861:d::/48 maxlen: 48
2a02:2864::/30 maxlen: 30
2a02:2861::/32 maxlen: 32
2a02:2861:e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:76:f6:c2:fc:9c:11:30:8e:0a:ca:59:81:90:29:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Nov 9 14:22:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ca9e0a346cb3b5df6da12b306107758e21cea00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:42:dd:61:2c:fb:4f:bf:b6:62:c6:a4:c7:5e:
48:4a:fd:87:8e:db:d6:79:2b:d6:2d:d9:14:a7:97:
87:3c:d6:74:47:8f:ff:7d:95:7f:21:66:30:0c:6e:
35:02:aa:a5:0a:67:65:ab:83:c0:9f:9b:15:d8:8c:
a0:af:20:14:d2:ea:82:b0:a3:5b:b3:fa:ff:5c:f4:
9d:e5:ec:7b:21:47:42:69:7d:2f:55:a8:88:a8:98:
52:72:fc:37:18:2a:ed:cf:84:36:fb:5c:c9:91:01:
7a:cd:63:3c:91:b7:6f:17:55:f4:b2:f4:36:4e:9e:
ab:8b:ba:91:1a:f2:d6:4b:77:53:27:cf:05:bf:53:
79:df:d0:e4:95:91:bf:a3:38:e0:30:80:58:88:91:
45:bd:4e:17:7a:d1:cf:90:8c:eb:3b:f9:2c:4a:bc:
e2:5c:fb:1d:9d:ba:c3:59:d8:b7:4f:56:31:4e:9f:
3d:16:cc:e7:2a:70:ee:e8:0a:d2:33:8c:2d:59:68:
e7:0a:b1:2f:14:33:6d:b6:a0:49:8b:3a:18:57:a6:
d5:79:e4:c2:ab:e1:b8:da:42:05:b2:01:c8:e7:3d:
94:6b:fe:00:47:73:63:11:1d:96:89:3f:20:3d:d2:
59:98:c5:07:08:cb:21:98:4e:0c:b9:16:69:ac:43:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A9:E0:A3:46:CB:3B:5D:F6:DA:12:B3:06:10:77:58:E2:1C:EA:00
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/PKngo0bLO1322hKzBhB3WOIc6gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
a5:b9:4a:23:ec:64:3c:ed:fa:4c:27:1c:8c:51:11:1b:20:02:
3a:17:99:11:c0:d4:a4:a4:6b:c8:45:90:99:93:d9:13:35:dc:
1d:c7:eb:b0:48:4a:49:cc:06:0f:f1:30:37:dd:89:88:70:43:
a2:fa:49:26:01:d5:78:36:95:a7:60:b8:b4:9c:91:ac:55:b2:
0f:48:c9:31:16:76:e9:c7:a4:e4:07:5c:f0:48:55:41:8e:be:
38:c8:b1:61:cb:bc:c2:d3:c3:82:2c:0d:f1:61:d0:37:1f:10:
1c:2e:8b:a3:b1:bb:fb:6d:c6:18:93:dd:ab:10:f2:b6:87:28:
5a:70:8b:20:21:54:d7:ed:cd:2c:51:dc:90:5a:49:cc:93:03:
bc:f2:1e:52:7f:7e:81:52:7a:81:c8:a2:0b:4d:60:39:c1:51:
61:ef:cc:48:00:d7:e2:82:55:41:0c:50:3a:74:f2:2c:40:e4:
02:4e:0f:18:cc:9d:a3:70:01:be:95:5d:1d:f5:f2:33:94:c8:
37:f1:a7:18:5f:48:9b:26:ff:72:fb:67:5f:c4:a3:63:e7:fa:
1b:09:75:43:36:a8:37:66:81:c8:6d:0a:b2:c9:9b:e3:89:e6:
18:ac:3a:91:33:f3:d6:c3:44:e7:21:92:b7:bd:4f:5d:b3:ff:
be:98:90:55
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYu0dvbC/JwRMI4KylmBkCliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMxMTA5MTQyMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E5ZTBhMzQ2Y2IzYjVkZjZkYTEyYjMwNjEwNzc1OGUyMWNlYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiULdYSz7T7+2Ysakx15ISv2HjtvW
eSvWLdkUp5eHPNZ0R4//fZV/IWYwDG41AqqlCmdlq4PAn5sV2IygryAU0uqCsKNb
s/r/XPSd5ex7IUdCaX0vVaiIqJhScvw3GCrtz4Q2+1zJkQF6zWM8kbdvF1X0svQ2
Tp6ri7qRGvLWS3dTJ88Fv1N539DklZG/ozjgMIBYiJFFvU4XetHPkIzrO/ksSrzi
XPsdnbrDWdi3T1YxTp89FsznKnDu6ArSM4wtWWjnCrEvFDNttqBJizoYV6bVeeTC
q+G42kIFsgHI5z2Ua/4AR3NjER2WiT8gPdJZmMUHCMshmE4MuRZprEPFAwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFDyp4KNGyztd9toSswYQd1jiHOoAMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvUEtuZ28wYkxPMTMyMmhLekJoQjNXT0ljNmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA/BAIAATA5AwMALtwDAwJN
dAMEBlEDwAMEB1uNAAMEBl71wAMEBm1+QAMDArJwAwQHsqWAAwQFwhiAAwQG1V5A
MBQEAgACMA4DBQAqAihhAwUCKgIoZDANBgkqhkiG9w0BAQsFAAOCAQEApblKI+xk
PO36TCccjFERGyACOheZEcDUpKRryEWQmZPZEzXcHcfrsEhKScwGD/EwN92JiHBD
ovpJJgHVeDaVp2C4tJyRrFWyD0jJMRZ26cek5Adc8EhVQY6+OMixYcu8wtPDgiwN
8WHQNx8QHC6Lo7G7+23GGJPdqxDytocoWnCLICFU1+3NLFHckFpJzJMDvPIeUn9+
gVJ6gciiC01gOcFRYe/MSADX4oJVQQxQOnTyLEDkAk4PGMydo3ABvpVdHfXyM5TI
N/GnGF9Imyb/cvtnX8SjY+f6Gwl1QzaoN2aByG0Kssmb44nmGKw6kTPz1sNE5yGS
t71PXbP/vpiQVQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:51 2024 by rpki-client on console-fra.rpki-client.org