Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/PRqu2rfcGfC16edVVD7g5IJta6g.roa
File: PRqu2rfcGfC16edVVD7g5IJta6g.roa (raw, json)
Hash identifier: WxlhhTxBgtQ92CpwO1DHUxD1gV+uiIFQ3c2QJ1nk0o0=
Subject key identifier: 3D:1A:AE:DA:B7:DC:19:F0:B5:E9:E7:55:54:3E:E0:E4:82:6D:6B:A8
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 018CC425276C38986AAB6CA6B735CED9EE46
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/PRqu2rfcGfC16edVVD7g5IJta6g.roa
Signing time: Mon 01 Jan 2024 08:30:18 +0000
ROA not before: Mon 01 Jan 2024 08:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20904
IP address blocks: 84.240.64.0/19 maxlen: 19
149.126.176.0/21 maxlen: 21
84.240.96.0/19 maxlen: 19
188.64.0.0/21 maxlen: 21
185.25.76.0/22 maxlen: 22
5.61.88.0/21 maxlen: 24
185.67.80.0/22 maxlen: 22
37.35.80.0/21 maxlen: 21
80.75.96.0/20 maxlen: 20
93.174.192.0/21 maxlen: 22
80.75.106.0/24 maxlen: 24
46.254.208.0/21 maxlen: 21
2a00:74a0::/32 maxlen: 32
2a00:1a58::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jan 2024 06:16:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:27:6c:38:98:6a:ab:6c:a6:b7:35:ce:d9:ee:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Jan 1 08:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d1aaedab7dc19f0b5e9e755543ee0e4826d6ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:82:46:43:53:02:6a:02:fe:25:8b:2d:e5:39:
b2:8e:6e:49:49:16:d6:88:8b:b3:78:de:ba:0e:da:
eb:b2:0b:a4:b7:57:08:9b:e5:1f:86:48:68:ed:18:
a3:dd:ac:89:de:26:8d:b6:66:fb:c2:5b:8a:f6:99:
46:3b:e8:34:65:d6:1e:cd:9f:b9:2b:9f:50:b2:a0:
44:9a:a3:df:e7:67:aa:02:2f:7b:a9:82:29:68:23:
d2:1e:30:57:5a:29:e2:c4:27:76:ae:66:31:c6:2a:
d4:37:ea:7b:f2:16:97:0d:70:44:6d:3f:b9:9b:ea:
3f:6b:ee:81:cc:43:4c:3c:79:50:ff:4c:b5:0f:22:
d3:dc:ae:e4:a3:10:a1:e3:ec:7a:23:3b:d9:20:99:
41:4a:4c:68:6e:85:d7:ac:47:43:09:51:6c:44:c1:
c2:2d:71:cd:6e:c3:b1:00:b0:30:d5:c5:32:ef:2b:
ee:bc:8b:29:a9:7d:86:05:f6:53:51:1d:1d:c6:02:
07:4c:d5:f8:df:0d:9f:cc:e3:3c:24:95:3f:c8:f0:
e5:c6:bf:90:57:d7:94:1d:01:4e:7b:2d:00:21:de:
35:c6:36:32:71:a6:1a:dc:88:e7:9a:38:f5:45:22:
0f:a1:54:0a:19:b0:18:a2:86:a5:ec:b7:41:1c:62:
f6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1A:AE:DA:B7:DC:19:F0:B5:E9:E7:55:54:3E:E0:E4:82:6D:6B:A8
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/PRqu2rfcGfC16edVVD7g5IJta6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.88.0/21
37.35.80.0/21
46.254.208.0/21
80.75.96.0/20
84.240.64.0/18
93.174.192.0/21
149.126.176.0/21
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
Signature Algorithm: sha256WithRSAEncryption
36:6a:96:86:97:b3:55:b1:45:5f:8e:17:87:e9:72:8f:c2:6b:
3e:3e:71:3d:54:75:9f:55:62:dd:c6:8d:89:e0:bd:55:13:92:
2b:35:af:52:ba:08:47:df:c2:1d:98:ef:ed:13:6b:b0:1f:3c:
a2:6d:e7:d8:af:13:06:13:17:91:a1:4a:47:f2:3d:40:2c:5e:
a2:2b:ff:b7:f4:98:71:ad:14:37:1a:0e:fd:e7:4d:09:9c:f0:
72:82:1c:a1:51:43:7b:19:7c:99:6a:8e:73:3e:1b:4c:89:25:
95:22:95:db:9a:ee:16:90:50:e1:2a:27:20:cf:64:95:ec:e1:
05:33:6f:f6:16:40:84:89:58:9c:72:2a:f4:14:ec:4d:99:9d:
02:da:13:d6:d3:75:ad:c4:4d:6b:c9:9c:fb:5b:e2:87:1c:7d:
05:96:a5:59:ca:9b:e8:d6:aa:12:7b:85:d3:8c:c8:3d:88:47:
0c:f5:dd:4d:47:8a:f9:88:1b:d8:15:5c:fe:47:fc:4f:a2:0b:
aa:65:ca:22:c1:ec:61:4a:e4:b1:26:33:a8:4d:81:e8:13:50:
21:d0:66:76:b5:b3:78:6f:80:43:ad:82:9c:58:8d:50:59:2c:
13:92:cd:64:d1:d0:b4:e7:8d:8a:0f:06:81:38:12:11:6e:77:
49:d4:40:01
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzEJSdsOJhqq2ymtzXO2e5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjQwMTAxMDgzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFhYWVkYWI3ZGMxOWYwYjVlOWU3NTU1NDNlZTBlNDgyNmQ2YmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYJGQ1MCagL+JYst5Tmyjm5JSRbW
iIuzeN66Dtrrsgukt1cIm+Ufhkho7Rij3ayJ3iaNtmb7wluK9plGO+g0ZdYezZ+5
K59QsqBEmqPf52eqAi97qYIpaCPSHjBXWinixCd2rmYxxirUN+p78haXDXBEbT+5
m+o/a+6BzENMPHlQ/0y1DyLT3K7koxCh4+x6IzvZIJlBSkxoboXXrEdDCVFsRMHC
LXHNbsOxALAw1cUy7yvuvIspqX2GBfZTUR0dxgIHTNX43w2fzOM8JJU/yPDlxr+Q
V9eUHQFOey0AId41xjYycaYa3Ijnmjj1RSIPoVQKGbAYooal7LdBHGL2sQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFD0artq33BnwtennVVQ+4OSCbWuoMB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvUFJxdTJyZmNHZkMxNmVkVlZEN2c1SUp0YTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDBT1YAwQD
JSNQAwQDLv7QAwQEUEtgAwQGVPBAAwQDXa7AAwQDlX6wAwQCuRlMAwQCuUNQAwQD
vEAAMBQEAgACMA4DBQAqABpYAwUAKgB0oDANBgkqhkiG9w0BAQsFAAOCAQEANmqW
hpezVbFFX44Xh+lyj8JrPj5xPVR1n1Vi3caNieC9VROSKzWvUroIR9/CHZjv7RNr
sB88om3n2K8TBhMXkaFKR/I9QCxeoiv/t/SYca0UNxoO/edNCZzwcoIcoVFDexl8
mWqOcz4bTIkllSKV25ruFpBQ4SonIM9klezhBTNv9hZAhIlYnHIq9BTsTZmdAtoT
1tN1rcRNa8mc+1vihxx9BZalWcqb6NaqEnuF04zIPYhHDPXdTUeK+Ygb2BVc/kf8
T6ILqmXKIsHsYUrksSYzqE2B6BNQIdBmdrWzeG+AQ62CnFiNUFksE5LNZNHQtOeN
ig8GgTgSEW53SdRAAQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:39 2024 by rpki-client on console.sobornost.net