Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PwTppDBEfcgP3zIN09Wtq4nAh-E.roa
File: PwTppDBEfcgP3zIN09Wtq4nAh-E.roa (raw, json)
Hash identifier: MeaANdGrRZg4i6/LyukAHSQ4lQwrWh3uuMmWz/JJ2/Y=
Subject key identifier: 3F:04:E9:A4:30:44:7D:C8:0F:DF:32:0D:D3:D5:AD:AB:89:C0:87:E1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01933E8DF6FCC3543B2E3A41E10B9CAF5730
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PwTppDBEfcgP3zIN09Wtq4nAh-E.roa
Signing time: Mon 18 Nov 2024 09:15:11 +0000
ROA not before: Mon 18 Nov 2024 09:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215439
IP address blocks: 31.13.208.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.165.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.186.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 14:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:8d:f6:fc:c3:54:3b:2e:3a:41:e1:0b:9c:af:57:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 18 09:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f04e9a430447dc80fdf320dd3d5adab89c087e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:79:d1:e5:f3:99:d0:b6:3d:58:02:45:11:5a:
32:27:be:9f:f9:65:35:e9:24:de:de:69:42:8d:c7:
43:21:a0:c6:bc:3c:66:3b:29:d2:ce:b2:c0:71:d4:
0b:6e:d7:78:98:45:38:ad:f7:cf:15:08:2e:48:3d:
67:6e:80:ac:87:12:fe:79:d1:b7:c8:4c:4b:6f:fb:
2e:a0:a5:b9:90:e3:aa:21:5a:91:94:b6:a3:25:36:
98:c7:99:a1:89:86:11:07:3d:0b:a8:8e:45:2e:7d:
3c:de:c1:e6:1c:24:fa:28:1e:62:35:da:50:95:43:
74:de:e5:9e:80:b0:86:e8:51:6a:55:47:2b:7a:1f:
14:fd:4f:c1:c5:72:d4:53:8f:4f:c2:77:04:cc:da:
1e:ab:f2:60:49:c5:1f:61:5c:7c:ac:16:99:aa:cf:
97:37:44:ee:8f:e2:56:4f:12:62:a3:3f:fe:22:ea:
29:e1:2f:92:a1:ef:77:2e:1e:4a:35:2b:26:0f:8c:
56:f8:d7:45:a2:5e:f0:40:81:7c:4e:4a:7e:35:47:
77:d1:22:c7:52:7c:53:54:ef:c4:84:8a:c2:99:2d:
79:91:76:2d:ee:72:d0:df:05:b8:7f:58:9e:62:77:
1b:08:2d:90:1e:83:2f:ef:82:77:30:01:be:38:aa:
5c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:04:E9:A4:30:44:7D:C8:0F:DF:32:0D:D3:D5:AD:AB:89:C0:87:E1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PwTppDBEfcgP3zIN09Wtq4nAh-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.208.0/24
45.66.228.0/24
45.133.251.0/24
84.21.173.0/24
87.120.165.0-87.120.166.255
87.120.186.0/24
93.123.84.0/24
171.22.31.0/24
185.246.223.0/24
193.58.121.0/24
193.222.99.0/24
Signature Algorithm: sha256WithRSAEncryption
91:5a:29:65:5d:43:47:fb:31:7e:c9:45:21:6b:42:18:95:47:
f9:88:16:47:95:ad:0a:df:44:91:37:08:a2:78:12:04:5c:87:
83:4d:49:62:8e:95:2f:65:e0:07:1d:f8:c8:8d:03:ad:18:f9:
ba:ab:fe:01:bf:e7:a1:74:67:50:65:94:eb:17:ac:46:14:ad:
55:fa:f7:8b:93:a7:6d:8c:12:bf:dc:08:94:77:68:89:b5:32:
53:10:cf:50:e1:ad:b1:2a:da:8b:22:18:c1:cf:0b:b0:d8:28:
ad:d7:59:98:55:d9:bc:24:13:98:e3:ca:d4:d5:b0:a3:62:42:
a4:49:bf:14:90:41:3d:5a:09:c3:d1:52:e8:d5:c9:ed:a9:45:
3b:5a:59:4e:24:c5:a3:08:5c:92:89:b0:48:00:d5:10:bd:1d:
e4:77:b3:94:62:c1:60:c8:a2:8c:ac:0f:f7:62:48:3f:49:53:
6b:a2:5b:5f:b3:a1:a7:45:79:bb:c9:24:1b:c9:fc:72:81:4c:
ff:00:1d:8f:78:c8:3b:cf:af:19:87:c0:0d:88:2a:05:a8:07:
af:6b:1d:4d:c7:6e:2f:d9:a6:c6:d3:1f:ae:2f:bd:b1:f0:8a:
de:cb:ed:a4:17:13:99:71:52:76:15:93:c9:93:cd:c1:91:09:
fd:63:98:ab
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZM+jfb8w1Q7LjpB4Qucr1cwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTE4MDkxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA0ZTlhNDMwNDQ3ZGM4MGZkZjMyMGRkM2Q1YWRhYjg5YzA4N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3nR5fOZ0LY9WAJFEVoyJ76f+WU1
6STe3mlCjcdDIaDGvDxmOynSzrLAcdQLbtd4mEU4rffPFQguSD1nboCshxL+edG3
yExLb/suoKW5kOOqIVqRlLajJTaYx5mhiYYRBz0LqI5FLn083sHmHCT6KB5iNdpQ
lUN03uWegLCG6FFqVUcreh8U/U/BxXLUU49PwncEzNoeq/JgScUfYVx8rBaZqs+X
N0Tuj+JWTxJioz/+Iuop4S+Soe93Lh5KNSsmD4xW+NdFol7wQIF8Tkp+NUd30SLH
UnxTVO/EhIrCmS15kXYt7nLQ3wW4f1ieYncbCC2QHoMv74J3MAG+OKpczQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFD8E6aQwRH3ID98yDdPVrauJwIfhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUHdUcHBEQkVmY2dQM3pJTjA5V3RxNG5BaC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAHw3QAwQA
LULkAwQALYX7AwQAVBWtMAwDBABXeKUDBABXeKYDBABXeLoDBABde1QDBACrFh8D
BAC59t8DBADBOnkDBADB3mMwDQYJKoZIhvcNAQELBQADggEBAJFaKWVdQ0f7MX7J
RSFrQhiVR/mIFkeVrQrfRJE3CKJ4EgRch4NNSWKOlS9l4Acd+MiNA60Y+bqr/gG/
56F0Z1BllOsXrEYUrVX694uTp22MEr/cCJR3aIm1MlMQz1DhrbEq2osiGMHPC7DY
KK3XWZhV2bwkE5jjytTVsKNiQqRJvxSQQT1aCcPRUujVye2pRTtaWU4kxaMIXJKJ
sEgA1RC9HeR3s5RiwWDIooysD/diSD9JU2uiW1+zoadFebvJJBvJ/HKBTP8AHY94
yDvPrxmHwA2IKgWoB69rHU3Hbi/ZpsbTH64vvbHwit7L7aQXE5lxUnYVk8mTzcGR
Cf1jmKs=
-----END CERTIFICATE-----
Generated at Tue Nov 19 16:31:00 2024 by rpki-client on console-ams.rpki-client.org