Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/Pg2GUadQqNle9DNPoWWtkKLkV3I.roa
File: Pg2GUadQqNle9DNPoWWtkKLkV3I.roa (raw, json)
Hash identifier: uxYV6+5ELXskvPwDiA8WawKC/ZXV1RDkPtm8LxilHRg=
Subject key identifier: 3E:0D:86:51:A7:50:A8:D9:5E:F4:33:4F:A1:65:AD:90:A2:E4:57:72
Certificate issuer: /CN=1dc7522321c23d169ed332ff49879ccc245172db
Certificate serial: 01856D41B21B0E2B45112D1EB41D4EDD841F
Authority key identifier: 1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/Pg2GUadQqNle9DNPoWWtkKLkV3I.roa
Signing time: Sun 01 Jan 2023 12:15:00 +0000
ROA not before: Sun 01 Jan 2023 12:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41008
IP address blocks: 109.233.24.0/21 maxlen: 24
193.58.8.0/21 maxlen: 24
193.201.162.0/24 maxlen: 24
212.113.64.0/19 maxlen: 24
62.233.0.0/19 maxlen: 24
2a02:239c:0:24::/64 maxlen: 64
2a02:2398::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:b2:1b:0e:2b:45:11:2d:1e:b4:1d:4e:dd:84:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dc7522321c23d169ed332ff49879ccc245172db
Validity
Not Before: Jan 1 12:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e0d8651a750a8d95ef4334fa165ad90a2e45772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b6:04:7f:03:66:e8:8b:c5:52:b4:4d:08:46:
11:f8:97:8e:27:e7:d5:90:79:14:9d:b4:08:59:31:
d4:b5:44:ac:57:27:71:e0:48:8f:95:d4:fb:18:18:
44:57:24:7c:c5:ec:70:1f:f4:8b:bd:02:e5:ee:9e:
44:ab:73:cd:26:54:76:25:f4:e5:bf:d7:11:88:73:
a6:7f:1d:79:0d:79:2e:79:23:be:f9:5f:a0:38:6f:
5f:c2:e2:d2:b9:51:6c:2c:3d:9b:3d:9a:bc:7d:f8:
93:6d:18:93:65:39:b5:d3:25:a5:c0:b5:2a:60:71:
4e:ac:45:fa:de:6e:b0:93:ce:bd:cb:58:c9:f6:10:
ec:d4:27:a3:f1:e8:14:11:1b:ae:1c:45:20:27:e5:
8e:23:97:0f:a2:c0:9b:61:25:77:95:15:80:74:dc:
3d:c5:a1:6a:f9:e9:0e:e7:03:43:81:23:97:28:6f:
ae:db:42:5f:af:42:13:4a:6c:52:a5:f5:b4:93:3f:
a4:f9:9e:56:bc:80:fe:b2:a1:50:12:e3:f4:76:41:
02:48:ef:05:10:38:39:a5:e4:1f:30:c5:c2:fc:39:
4b:81:b6:c1:4b:d3:49:19:3d:d2:85:c9:f8:84:5f:
15:4c:06:37:ec:15:8c:02:82:90:a9:df:b9:f6:c2:
13:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0D:86:51:A7:50:A8:D9:5E:F4:33:4F:A1:65:AD:90:A2:E4:57:72
X509v3 Authority Key Identifier:
keyid:1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/Pg2GUadQqNle9DNPoWWtkKLkV3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.0.0/19
109.233.24.0/21
193.58.8.0/21
193.201.162.0/24
212.113.64.0/19
IPv6:
2a02:2398::/29
Signature Algorithm: sha256WithRSAEncryption
22:c9:5a:e7:e0:eb:dc:b7:61:8b:ca:43:99:8b:71:a5:45:af:
13:01:31:32:d6:d3:8c:82:25:7e:f1:ac:09:77:81:75:5a:44:
2d:a4:d9:a8:11:80:c6:47:db:92:4f:b5:82:fa:36:c7:b6:85:
e0:2b:b8:75:b2:b5:9a:0a:de:b3:2e:f1:86:b9:8b:b5:6d:12:
f8:b6:91:cd:d4:cc:ca:c4:23:4f:5b:51:3a:29:d7:08:27:57:
89:5b:94:0c:66:3e:de:1b:2c:c7:90:5a:ce:66:6f:b4:ff:3f:
5e:94:85:6b:eb:e1:39:ba:4a:26:23:52:3d:ad:81:c0:3a:1a:
51:4e:ff:f9:42:fb:f8:8a:ec:a8:a7:80:d1:6c:b9:06:87:c8:
28:24:91:d4:85:f3:10:8d:68:0a:70:45:24:2d:1b:2a:d6:82:
82:b5:af:d5:3c:ad:82:4b:c7:88:1b:36:30:1e:6b:6a:48:de:
b3:62:c9:32:07:79:aa:b1:38:3c:77:a3:af:e1:77:84:cb:de:
79:c7:dc:1a:81:ea:4b:94:37:7c:68:50:23:e9:e1:a6:ee:e5:
aa:a4:23:8b:74:43:9f:85:a8:cc:45:d1:83:8c:e6:0b:95:19:
8a:8f:eb:97:22:4e:4c:c9:08:f6:25:b3:5f:b4:56:95:37:11:
a6:4e:d6:34
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtQbIbDitFES0etB1O3YQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzc1MjIzMjFjMjNkMTY5ZWQzMzJmZjQ5ODc5Y2NjMjQ1
MTcyZGIwHhcNMjMwMTAxMTIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTBkODY1MWE3NTBhOGQ5NWVmNDMzNGZhMTY1YWQ5MGEyZTQ1NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bYEfwNm6IvFUrRNCEYR+JeOJ+fV
kHkUnbQIWTHUtUSsVydx4EiPldT7GBhEVyR8xexwH/SLvQLl7p5Eq3PNJlR2JfTl
v9cRiHOmfx15DXkueSO++V+gOG9fwuLSuVFsLD2bPZq8ffiTbRiTZTm10yWlwLUq
YHFOrEX63m6wk869y1jJ9hDs1Cej8egUERuuHEUgJ+WOI5cPosCbYSV3lRWAdNw9
xaFq+ekO5wNDgSOXKG+u20Jfr0ITSmxSpfW0kz+k+Z5WvID+sqFQEuP0dkECSO8F
EDg5peQfMMXC/DlLgbbBS9NJGT3Shcn4hF8VTAY37BWMAoKQqd+59sITPQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD4NhlGnUKjZXvQzT6FlrZCi5FdyMB8GA1UdIwQY
MBaAFB3HUiMhwj0WntMy/0mHnMwkUXLbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYt
NzA1NTM5M2Y3NWZlLzEvUGcyR1VhZFFxTmxlOUROUG9XV3RrS0xrVjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYtNzA1NTM5M2Y3NWZl
LzEvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPukAAwQD
bekYAwQDwToIAwQAwcmiAwQF1HFAMA0EAgACMAcDBQMqAiOYMA0GCSqGSIb3DQEB
CwUAA4IBAQAiyVrn4Ovct2GLykOZi3GlRa8TATEy1tOMgiV+8awJd4F1WkQtpNmo
EYDGR9uST7WC+jbHtoXgK7h1srWaCt6zLvGGuYu1bRL4tpHN1MzKxCNPW1E6KdcI
J1eJW5QMZj7eGyzHkFrOZm+0/z9elIVr6+E5ukomI1I9rYHAOhpRTv/5Qvv4iuyo
p4DRbLkGh8goJJHUhfMQjWgKcEUkLRsq1oKCta/VPK2CS8eIGzYwHmtqSN6zYsky
B3mqsTg8d6Ov4XeEy955x9wagepLlDd8aFAj6eGm7uWqpCOLdEOfhajMRdGDjOYL
lRmKj+uXIk5MyQj2JbNftFaVNxGmTtY0
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:28 2024 by rpki-client on console.sobornost.net