Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/pxk-GebXOkGpk3yS34OVivibTD4.roa
File: pxk-GebXOkGpk3yS34OVivibTD4.roa (raw, json)
Hash identifier: PAI9AwVE7pIqCsDm07YyxSvO2l6wioMAJGtZ/5IJdB4=
Subject key identifier: A7:19:3E:19:E6:D7:3A:41:A9:93:7C:92:DF:83:95:8A:F8:9B:4C:3E
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C3F9E18F1B39E9840FF20F71780660BDD
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/pxk-GebXOkGpk3yS34OVivibTD4.roa
Signing time: Wed 06 Dec 2023 14:52:54 +0000
ROA not before: Wed 06 Dec 2023 14:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205836
IP address blocks: 46.149.106.0/24 maxlen: 24
185.157.129.0/24 maxlen: 24
185.157.130.0/24 maxlen: 24
185.157.128.0/24 maxlen: 24
185.157.131.0/24 maxlen: 24
45.92.185.0/24 maxlen: 24
45.92.186.0/24 maxlen: 24
45.92.184.0/24 maxlen: 24
45.92.187.0/24 maxlen: 24
185.204.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:9e:18:f1:b3:9e:98:40:ff:20:f7:17:80:66:0b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 6 14:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7193e19e6d73a41a9937c92df83958af89b4c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:48:0d:36:62:bc:5f:18:d5:ed:b3:9d:61:39:
e3:8a:7b:5e:3e:a2:50:9c:ab:44:d8:b1:11:e4:33:
4e:1b:09:ec:0a:b0:2c:b9:fe:89:76:92:00:3e:18:
b8:b5:4c:ea:af:80:63:ab:5f:31:17:68:7e:4b:aa:
14:e0:51:46:96:91:6b:9b:e4:cf:2b:86:80:2e:62:
e8:c5:9d:cd:f1:a9:73:b8:97:79:8e:4a:85:80:a3:
cb:20:9c:34:79:10:93:dc:6c:cd:a4:cf:63:52:da:
b0:18:16:a4:c9:d2:79:88:7d:cb:a4:6f:a2:4b:fc:
06:16:e8:5c:f7:b3:7a:1c:17:f5:31:a9:72:67:9d:
08:a5:54:78:96:57:0e:13:85:0c:74:0d:05:56:35:
98:44:ef:34:87:71:96:07:63:c2:0e:0c:6f:38:0f:
f3:93:b9:2e:05:30:af:91:b9:b9:e2:9e:e8:0d:e4:
a2:4e:97:f9:7a:93:1f:0b:f8:8f:67:4d:c4:a1:a3:
bf:22:dc:10:83:0e:a3:df:fa:ac:c2:e6:b2:67:d4:
98:c2:fc:bd:75:23:80:bd:0c:b4:83:88:4c:e4:07:
84:3a:7a:0c:c7:89:b3:68:e1:88:78:9c:fc:d0:9e:
1b:a6:a6:7e:f1:d4:22:87:fb:d9:7b:38:9f:55:3f:
0b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:19:3E:19:E6:D7:3A:41:A9:93:7C:92:DF:83:95:8A:F8:9B:4C:3E
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/pxk-GebXOkGpk3yS34OVivibTD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.184.0/22
46.149.106.0/24
185.157.128.0/22
185.204.202.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:70:20:74:0a:86:4b:7c:2d:5b:70:94:38:19:c1:bb:ac:41:
cf:30:67:9e:bc:55:a3:98:cb:74:b4:ba:11:a9:7e:53:d4:81:
83:de:26:52:f3:50:05:38:f9:b8:1d:1a:65:13:ea:65:f9:f4:
c7:db:9a:b9:6d:d9:b4:76:3c:42:8b:5c:9e:c2:44:61:a5:e0:
48:57:4a:68:1a:51:df:f4:c8:d9:a2:1d:5f:18:39:c3:8a:90:
af:fe:a8:92:6c:26:4a:ea:36:60:a5:8b:7e:24:f6:d5:25:e9:
27:fa:36:38:60:56:f1:47:38:40:d7:7b:e6:77:1a:fa:e2:89:
0f:5c:a1:8f:d9:3b:3a:38:59:9b:b3:b4:b0:a5:7a:f2:86:c5:
76:62:5a:0e:93:d2:51:40:ba:ea:e2:a8:89:35:b0:00:3b:49:
6d:67:cc:6b:bc:fd:ac:79:53:2f:c5:80:70:fb:3c:9a:bf:d0:
5a:04:5b:b6:c5:d2:26:26:53:06:5d:ca:6e:f8:29:2c:ff:dd:
53:c4:f6:26:b8:fe:d8:7b:cd:4a:f0:e4:d7:9c:f3:a9:6b:23:
64:a8:65:3f:79:01:11:96:03:6c:96:4f:23:0a:f6:65:8b:11:
80:39:fa:61:3a:34:29:38:46:cc:91:c2:8a:fb:3f:ae:13:85:
34:46:87:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYw/nhjxs56YQP8g9xeAZgvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjA2MTQ1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzE5M2UxOWU2ZDczYTQxYTk5MzdjOTJkZjgzOTU4YWY4OWI0YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskgNNmK8XxjV7bOdYTnjintePqJQ
nKtE2LER5DNOGwnsCrAsuf6JdpIAPhi4tUzqr4Bjq18xF2h+S6oU4FFGlpFrm+TP
K4aALmLoxZ3N8alzuJd5jkqFgKPLIJw0eRCT3GzNpM9jUtqwGBakydJ5iH3LpG+i
S/wGFuhc97N6HBf1MalyZ50IpVR4llcOE4UMdA0FVjWYRO80h3GWB2PCDgxvOA/z
k7kuBTCvkbm54p7oDeSiTpf5epMfC/iPZ03EoaO/ItwQgw6j3/qswuayZ9SYwvy9
dSOAvQy0g4hM5AeEOnoMx4mzaOGIeJz80J4bpqZ+8dQih/vZezifVT8LfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKcZPhnm1zpBqZN8kt+DlYr4m0w+MB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvcHhrLUdlYlhPa0dwazN5UzM0T1ZpdmliVEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVy4AwQA
LpVqAwQCuZ2AAwQAuczKMA0GCSqGSIb3DQEBCwUAA4IBAQC/cCB0CoZLfC1bcJQ4
GcG7rEHPMGeevFWjmMt0tLoRqX5T1IGD3iZS81AFOPm4HRplE+pl+fTH25q5bdm0
djxCi1yewkRhpeBIV0poGlHf9MjZoh1fGDnDipCv/qiSbCZK6jZgpYt+JPbVJekn
+jY4YFbxRzhA13vmdxr64okPXKGP2Ts6OFmbs7SwpXryhsV2YloOk9JRQLrq4qiJ
NbAAO0ltZ8xrvP2seVMvxYBw+zyav9BaBFu2xdImJlMGXcpu+Cks/91TxPYmuP7Y
e81K8OTXnPOpayNkqGU/eQERlgNslk8jCvZlixGAOfphOjQpOEbMkcKK+z+uE4U0
RocX
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:59 2024 by rpki-client on console.sobornost.net