Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/PpLYVEPRVrGoPjkT8a_B0v4etHA.roa
File: PpLYVEPRVrGoPjkT8a_B0v4etHA.roa (raw, json)
Hash identifier: ySGG634mX0LBvpm1Dspo+VMthe2/eLV0shWIQOzKgxw=
Subject key identifier: 3E:92:D8:54:43:D1:56:B1:A8:3E:39:13:F1:AF:C1:D2:FE:1E:B4:70
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018C43758BEB4FF0A6A9081141629247C74D
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/PpLYVEPRVrGoPjkT8a_B0v4etHA.roa
Signing time: Thu 07 Dec 2023 08:47:06 +0000
ROA not before: Thu 07 Dec 2023 08:47:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28761
IP address blocks: 195.26.81.0/24 maxlen: 24
195.26.82.0/23 maxlen: 23
195.26.80.0/24 maxlen: 24
194.140.228.0/24 maxlen: 24
195.49.204.0/23 maxlen: 23
188.191.16.0/22 maxlen: 22
188.191.16.0/24 maxlen: 24
188.191.17.0/24 maxlen: 24
188.191.24.0/24 maxlen: 24
188.191.18.0/24 maxlen: 24
188.191.19.0/24 maxlen: 24
188.191.25.0/24 maxlen: 24
188.191.26.0/24 maxlen: 24
188.191.27.0/24 maxlen: 24
185.76.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:75:8b:eb:4f:f0:a6:a9:08:11:41:62:92:47:c7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Dec 7 08:47:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e92d85443d156b1a83e3913f1afc1d2fe1eb470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:86:b6:05:7a:87:a7:f8:c7:b7:14:c9:88:96:
95:84:eb:2a:af:42:88:38:2b:b7:ec:20:fa:39:77:
94:53:31:b9:46:e7:e6:77:e1:cc:b7:19:7b:de:c3:
b5:cd:70:34:46:aa:ce:00:b1:61:cc:67:76:63:0d:
c3:2d:46:03:70:3d:e2:85:e7:9d:d2:08:d8:dc:1a:
da:bc:dd:70:e3:d6:06:d8:3d:53:f6:42:37:96:ca:
19:8d:94:5c:8f:ee:36:96:19:2d:12:97:a4:40:d5:
d7:fe:71:d0:7d:1f:5c:b9:50:36:86:35:c4:1f:f4:
cb:9a:66:ad:16:94:62:42:35:ab:7b:41:00:7a:a2:
02:aa:98:05:4e:5f:65:75:c1:23:be:74:3a:d3:db:
39:09:7e:46:2e:fa:9f:38:b7:14:6d:4b:ff:53:2d:
2f:75:7a:3d:23:d6:c6:3c:22:6f:60:4b:00:16:91:
05:77:89:b6:03:37:b3:55:f4:f4:d1:48:65:b0:a9:
7f:ff:59:66:f9:f9:8c:d3:d5:09:f6:c9:0c:b0:f7:
19:60:f9:cf:dd:70:6e:35:cd:3c:7b:0d:6d:d4:d7:
52:f1:26:cc:4d:27:87:49:56:ab:30:38:84:69:a5:
f2:a2:cf:bf:f3:e4:ee:7a:7c:60:7b:c4:93:92:12:
64:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:92:D8:54:43:D1:56:B1:A8:3E:39:13:F1:AF:C1:D2:FE:1E:B4:70
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/PpLYVEPRVrGoPjkT8a_B0v4etHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.80.0/24
188.191.16.0/22
188.191.24.0/22
194.140.228.0/24
195.26.80.0/22
195.49.204.0/23
Signature Algorithm: sha256WithRSAEncryption
62:5f:69:04:e3:4b:91:0f:b9:c0:9b:02:0e:55:06:09:70:d4:
c5:4f:a5:67:97:47:5c:c2:58:9b:40:e4:a4:16:17:50:a7:3f:
8f:be:ed:d9:77:a0:e5:8a:04:29:3d:09:ae:e9:c2:f5:a0:9d:
26:55:4b:1c:88:35:f8:6f:b7:0c:84:6c:17:f5:e2:a7:90:04:
6d:b4:71:fa:58:85:cc:fb:b1:c1:e9:63:ac:9d:52:b6:d9:1c:
0b:6b:26:65:1a:3e:bd:7d:78:35:26:a3:65:c3:bd:08:fd:38:
c4:13:39:6d:e3:72:72:0d:e2:17:81:bd:aa:35:6b:be:2e:b1:
ea:87:bf:b2:5c:e8:17:d4:fd:2c:ba:5e:25:3c:e3:aa:14:39:
fa:b1:f3:65:77:0f:7e:10:d9:50:78:22:69:59:52:5b:2a:77:
f7:a6:c1:bb:3b:fd:1f:b3:ef:3b:b4:f6:01:19:55:68:2d:cb:
d1:87:5f:de:5c:63:0d:59:12:3c:fb:e6:07:22:c1:65:a8:05:
44:ca:6e:89:9c:2b:93:69:86:c8:88:77:ab:bb:17:4b:98:51:
a4:e1:c4:4b:0d:92:c8:d1:1e:1c:0f:33:cb:de:5e:cc:4e:81:
3d:fc:86:9d:56:83:29:5a:be:ec:a4:10:37:84:dc:8b:e8:3d:
27:c6:e0:d0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxDdYvrT/CmqQgRQWKSR8dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMxMjA3MDg0NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTkyZDg1NDQzZDE1NmIxYTgzZTM5MTNmMWFmYzFkMmZlMWViNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4a2BXqHp/jHtxTJiJaVhOsqr0KI
OCu37CD6OXeUUzG5Rufmd+HMtxl73sO1zXA0RqrOALFhzGd2Yw3DLUYDcD3iheed
0gjY3BravN1w49YG2D1T9kI3lsoZjZRcj+42lhktEpekQNXX/nHQfR9cuVA2hjXE
H/TLmmatFpRiQjWre0EAeqICqpgFTl9ldcEjvnQ609s5CX5GLvqfOLcUbUv/Uy0v
dXo9I9bGPCJvYEsAFpEFd4m2AzezVfT00UhlsKl//1lm+fmM09UJ9skMsPcZYPnP
3XBuNc08ew1t1NdS8SbMTSeHSVarMDiEaaXyos+/8+Tuenxge8STkhJkVQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD6S2FRD0VaxqD45E/GvwdL+HrRwMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvUHBMWVZFUFJWckdvUGprVDhhX0IwdjRldEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUxQAwQC
vL8QAwQCvL8YAwQAwozkAwQCwxpQAwQBwzHMMA0GCSqGSIb3DQEBCwUAA4IBAQBi
X2kE40uRD7nAmwIOVQYJcNTFT6Vnl0dcwlibQOSkFhdQpz+Pvu3Zd6DligQpPQmu
6cL1oJ0mVUsciDX4b7cMhGwX9eKnkARttHH6WIXM+7HB6WOsnVK22RwLayZlGj69
fXg1JqNlw70I/TjEEzlt43JyDeIXgb2qNWu+LrHqh7+yXOgX1P0sul4lPOOqFDn6
sfNldw9+ENlQeCJpWVJbKnf3psG7O/0fs+87tPYBGVVoLcvRh1/eXGMNWRI8++YH
IsFlqAVEym6JnCuTaYbIiHeruxdLmFGk4cRLDZLI0R4cDzPL3l7MToE9/IadVoMp
Wr7spBA3hNyL6D0nxuDQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:03:09 2024 by rpki-client on console-ams.rpki-client.org