Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/PQ-exgxCGwI2_kWSYAFTWi9O_tk.roa
File: PQ-exgxCGwI2_kWSYAFTWi9O_tk.roa (raw, json)
Hash identifier: AGW4f1WG7nKU0kdHMP3IkKilatxSuHXJaL86dR4EPJU=
Subject key identifier: 3D:0F:9E:C6:0C:42:1B:02:36:FE:45:92:60:01:53:5A:2F:4E:FE:D9
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 0189213C5A62CD4E327A657879A8F82A5C8B
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/PQ-exgxCGwI2_kWSYAFTWi9O_tk.roa
Signing time: Tue 04 Jul 2023 14:09:10 +0000
ROA not before: Tue 04 Jul 2023 14:09:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15695
IP address blocks: 195.238.244.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.88.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:3c:5a:62:cd:4e:32:7a:65:78:79:a8:f8:2a:5c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Jul 4 14:09:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d0f9ec60c421b0236fe45926001535a2f4efed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:87:61:c3:47:c7:d2:a6:76:02:f2:96:a7:c2:
ec:70:d3:3b:a2:91:d7:7a:ef:43:98:e3:34:0c:af:
b3:07:4b:48:77:93:cf:31:ec:69:7c:02:e7:c3:23:
ab:c6:36:8f:ae:78:00:c7:b5:d8:f1:fe:92:28:f9:
72:45:79:0a:9d:d9:44:d4:a8:d3:2a:70:e8:05:72:
22:a4:66:d5:8d:6a:9a:c4:e9:39:21:67:ac:8f:d2:
32:fd:14:23:46:43:87:56:b0:72:08:1c:5f:d2:c7:
30:3c:15:d0:e9:7f:c6:e0:7b:d6:ce:8a:f6:52:5b:
3a:52:c8:38:67:e6:60:6f:4c:2b:48:5b:be:0a:e6:
0a:93:c7:5d:d4:3d:ce:7a:5a:84:f6:25:d0:31:f2:
ec:14:0e:fd:c7:a0:13:6b:5d:0c:1a:32:d4:76:2d:
3a:2a:39:fa:ef:2d:f1:bd:85:cd:65:9f:f7:3e:c2:
6a:64:aa:99:da:3c:4f:1a:88:c9:c3:ce:04:16:a0:
bf:17:7d:cd:6e:98:92:e5:be:cd:8c:e2:f4:6a:f7:
0a:24:04:ce:ea:80:6a:6a:6a:74:06:6f:fd:29:6d:
23:64:29:01:de:e3:83:a4:8e:ec:b6:5f:df:e2:dd:
fe:53:db:85:e2:cd:cc:99:57:b1:93:8d:1d:ac:a7:
0b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0F:9E:C6:0C:42:1B:02:36:FE:45:92:60:01:53:5A:2F:4E:FE:D9
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/PQ-exgxCGwI2_kWSYAFTWi9O_tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.220.0/24
86.48.240.0/24
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
Signature Algorithm: sha256WithRSAEncryption
59:dc:98:d7:07:b1:15:8d:b5:af:18:29:b7:c4:97:ea:8a:a4:
71:2a:72:f9:73:44:ea:67:6f:2a:44:34:eb:73:c9:df:22:e7:
f4:15:eb:e3:4e:69:e3:24:75:6a:71:52:eb:aa:57:2d:18:50:
94:1a:63:b1:68:01:c5:82:47:f4:1c:86:1d:64:97:76:93:df:
e6:e5:94:97:1b:b1:62:40:4a:21:31:e2:29:f1:cd:73:f0:f4:
d4:66:d9:e3:a7:f5:1c:d1:a0:6c:62:9c:82:3f:27:23:a4:3b:
c3:c9:ae:e7:5b:74:fd:7d:26:72:0f:68:6d:20:2d:ab:59:c6:
56:62:c2:eb:8a:3a:e7:33:af:ec:8f:75:55:5f:b1:76:f8:ca:
81:82:a5:6f:be:90:92:d7:39:47:64:fc:b5:23:38:46:6e:ee:
e1:8e:0b:bd:42:b2:f6:ca:f5:60:5c:94:f8:60:2b:82:55:52:
ac:9a:4e:20:b4:11:cb:e1:6b:eb:30:6b:70:a5:5a:e6:07:5e:
d0:28:66:4a:d2:8c:ea:f0:0a:b3:c8:ea:6c:62:68:15:da:a2:
a5:68:f5:06:98:e7:91:f4:2a:15:b2:1b:b0:65:1f:58:43:39:
c8:ba:fb:db:e4:c6:5a:42:4f:0c:1d:16:f7:44:40:93:2a:bd:
28:60:20:35
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYkhPFpizU4yemV4eaj4KlyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjMwNzA0MTQwOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBmOWVjNjBjNDIxYjAyMzZmZTQ1OTI2MDAxNTM1YTJmNGVmZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsodhw0fH0qZ2AvKWp8LscNM7opHX
eu9DmOM0DK+zB0tId5PPMexpfALnwyOrxjaPrngAx7XY8f6SKPlyRXkKndlE1KjT
KnDoBXIipGbVjWqaxOk5IWesj9Iy/RQjRkOHVrByCBxf0scwPBXQ6X/G4HvWzor2
Uls6Usg4Z+Zgb0wrSFu+CuYKk8dd1D3OelqE9iXQMfLsFA79x6ATa10MGjLUdi06
Kjn67y3xvYXNZZ/3PsJqZKqZ2jxPGojJw84EFqC/F33NbpiS5b7NjOL0avcKJATO
6oBqamp0Bm/9KW0jZCkB3uODpI7stl/f4t3+U9uF4s3MmVexk40drKcLWwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFD0PnsYMQhsCNv5FkmABU1ovTv7ZMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvUFEtZXhneENHd0kyX2tXU1lBRlRXaTlPX3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jBsBAIAATBmAwQCBf1Y
AwQDJRrgAwQCLVHcAwQBLV1UAwQALV1XAwQALV6+AwQCLV/YAwQEP/fAAwQAVjDc
AwQAVjDwAwQCW2cQAwQAW2cVAwQAW2cXAwQCuT50AwQBwaCGAwQAw+70AwQE2KxA
MGIEAgACMFwDBwAqAAy4ADEwEgMHACoADLgAMwMHACoADLgANAMHACoADLgAOQMH
ACoADLgAQQMHACoADLgARAMHASoADLgASAMHACoADLgBRAMHACoADLgDUwMHACoA
DLgJcTANBgkqhkiG9w0BAQsFAAOCAQEAWdyY1wexFY21rxgpt8SX6oqkcSpy+XNE
6mdvKkQ063PJ3yLn9BXr405p4yR1anFS66pXLRhQlBpjsWgBxYJH9ByGHWSXdpPf
5uWUlxuxYkBKITHiKfHNc/D01GbZ46f1HNGgbGKcgj8nI6Q7w8mu51t0/X0mcg9o
bSAtq1nGVmLC64o65zOv7I91VV+xdvjKgYKlb76Qktc5R2T8tSM4Rm7u4Y4LvUKy
9sr1YFyU+GArglVSrJpOILQRy+Fr6zBrcKVa5gde0ChmStKM6vAKs8jqbGJoFdqi
pWj1BpjnkfQqFbIbsGUfWEM5yLr72+TGWkJPDB0W90RAkyq9KGAgNQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:37 2023 by rpki-client on console.sobornost.net