Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/pHEwzA5y46xSinkZ6PlKvM84NSk.roa
File: pHEwzA5y46xSinkZ6PlKvM84NSk.roa (raw, json)
Hash identifier: koslACK50MB7m25+IOIPXRqy4aXxzpbueKzVipEW3No=
Subject key identifier: A4:71:30:CC:0E:72:E3:AC:52:8A:79:19:E8:F9:4A:BC:CF:38:35:29
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01899C1237490CAA821EDDDEF8A436446A35
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/pHEwzA5y46xSinkZ6PlKvM84NSk.roa
Signing time: Fri 28 Jul 2023 10:36:26 +0000
ROA not before: Fri 28 Jul 2023 10:36:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134450
IP address blocks: 185.160.64.0/24 maxlen: 32
77.246.152.0/22 maxlen: 32
185.153.148.0/24 maxlen: 32
194.150.72.0/24 maxlen: 32
185.161.68.0/24 maxlen: 32
185.201.189.0/24 maxlen: 32
185.201.191.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:12:37:49:0c:aa:82:1e:dd:de:f8:a4:36:44:6a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jul 28 10:36:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a47130cc0e72e3ac528a7919e8f94abccf383529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9d:52:e0:0b:10:0d:19:cf:92:be:75:b1:e5:
cf:c9:ce:9d:a7:cd:21:13:c1:b9:e8:83:d4:d1:0b:
6c:81:06:2c:47:24:b6:ef:ba:bb:e7:b7:f7:cb:e4:
36:76:e9:0e:b7:91:bc:1c:48:6e:97:08:74:12:f9:
66:78:3c:ad:f9:5e:5e:e0:27:11:27:e8:18:fa:be:
2b:76:e5:40:d3:75:36:33:ce:fa:8b:3d:35:21:92:
07:93:9f:99:7f:3f:b1:c6:b4:9c:b4:74:01:59:84:
71:d8:13:00:f8:42:25:3e:60:45:f0:dc:76:af:93:
08:4a:c9:8f:44:41:7a:b8:2a:1f:5a:dd:dc:2e:bc:
ca:f4:ca:6e:0b:a6:a6:3f:60:30:49:78:a3:d7:cf:
fb:02:18:de:ba:7a:8e:c4:e0:3c:d9:54:be:e0:ca:
75:e6:29:52:b4:2e:4f:61:e2:27:3c:f6:06:45:36:
1c:31:04:1e:ab:61:05:d9:d2:fd:d6:ca:ea:fe:6c:
06:ee:25:39:55:44:b0:8f:ed:94:f7:8b:6c:9f:46:
2f:db:db:27:51:3a:93:45:4f:a0:63:c0:aa:a1:b9:
1f:c8:10:7d:8e:7a:f7:d8:72:1f:af:a2:a6:99:c3:
b8:b5:7c:6b:f0:e1:61:3b:f8:00:83:74:40:df:ba:
c2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:71:30:CC:0E:72:E3:AC:52:8A:79:19:E8:F9:4A:BC:CF:38:35:29
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/pHEwzA5y46xSinkZ6PlKvM84NSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.152.0/22
185.153.148.0/24
185.160.64.0/24
185.161.68.0/24
185.201.189.0/24
185.201.191.0/24
194.150.72.0/24
Signature Algorithm: sha256WithRSAEncryption
52:a8:05:21:0b:97:ae:44:15:91:1e:16:ab:3c:18:f2:6d:de:
c8:78:c8:98:d3:eb:1e:fd:13:5b:6d:45:eb:7e:07:f9:30:a6:
a6:2c:32:f2:a4:65:2f:48:d0:a0:62:ad:82:2a:1c:34:ee:55:
84:22:10:44:4a:0f:d7:f8:87:f6:27:5e:5b:90:38:ae:24:bf:
fb:16:3c:73:1c:e5:1e:9c:f2:af:af:9c:83:51:46:57:7d:01:
70:49:4c:52:33:31:2e:90:7b:cb:76:ff:6d:3e:48:b4:fb:18:
85:5a:0d:b9:25:49:84:3b:e9:8a:76:ac:2a:4b:85:29:f3:2f:
33:e3:91:60:89:d4:5d:d4:7d:c9:42:eb:45:2e:ef:75:b3:e4:
20:b7:ff:a1:46:fe:73:40:aa:4c:7b:1c:06:8c:25:7a:28:1e:
37:a5:8d:ef:8a:a9:52:1d:f7:92:f4:43:c4:ad:31:6a:5b:c3:
30:d1:47:b8:10:2c:db:1d:a3:d4:44:42:59:98:08:82:5c:e0:
dd:22:8e:90:6e:38:1d:99:0b:a4:0a:f6:49:6b:ff:be:7d:48:
c0:f6:2e:47:c4:23:ed:5f:9f:b6:f0:b2:a0:5e:ef:65:de:1c:
7b:52:5a:a2:54:1a:91:9a:ac:7b:55:69:a9:6b:6e:11:34:6a:
83:63:86:a8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmcEjdJDKqCHt3e+KQ2RGo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwNzI4MTAzNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDcxMzBjYzBlNzJlM2FjNTI4YTc5MTllOGY5NGFiY2NmMzgzNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp1S4AsQDRnPkr51seXPyc6dp80h
E8G56IPU0QtsgQYsRyS277q757f3y+Q2dukOt5G8HEhulwh0EvlmeDyt+V5e4CcR
J+gY+r4rduVA03U2M876iz01IZIHk5+Zfz+xxrSctHQBWYRx2BMA+EIlPmBF8Nx2
r5MISsmPREF6uCofWt3cLrzK9MpuC6amP2AwSXij18/7AhjeunqOxOA82VS+4Mp1
5ilStC5PYeInPPYGRTYcMQQeq2EF2dL91srq/mwG7iU5VUSwj+2U94tsn0Yv29sn
UTqTRU+gY8CqobkfyBB9jnr32HIfr6KmmcO4tXxr8OFhO/gAg3RA37rCvwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKRxMMwOcuOsUop5Gej5SrzPODUpMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvcEhFd3pBNXk0NnhTaW5rWjZQbEt2TTg0TlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCTfaYAwQA
uZmUAwQAuaBAAwQAuaFEAwQAucm9AwQAucm/AwQAwpZIMA0GCSqGSIb3DQEBCwUA
A4IBAQBSqAUhC5euRBWRHharPBjybd7IeMiY0+se/RNbbUXrfgf5MKamLDLypGUv
SNCgYq2CKhw07lWEIhBESg/X+If2J15bkDiuJL/7FjxzHOUenPKvr5yDUUZXfQFw
SUxSMzEukHvLdv9tPki0+xiFWg25JUmEO+mKdqwqS4Up8y8z45FgidRd1H3JQutF
Lu91s+Qgt/+hRv5zQKpMexwGjCV6KB43pY3viqlSHfeS9EPErTFqW8Mw0Ue4ECzb
HaPUREJZmAiCXODdIo6QbjgdmQukCvZJa/++fUjA9i5HxCPtX5+28LKgXu9l3hx7
UlqiVBqRmqx7VWmpa24RNGqDY4ao
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:31:03 2024 by rpki-client on console-ams.rpki-client.org