Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/Pk81OSG-nKOoPAIVdD5FFv3ynfY.roa
File: Pk81OSG-nKOoPAIVdD5FFv3ynfY.roa (raw, json)
Hash identifier: oj6lPeknYlK+MBN4d5Tc66cdqje/HpY0NF9a2ZMoBLM=
Subject key identifier: 3E:4F:35:39:21:BE:9C:A3:A8:3C:02:15:74:3E:45:16:FD:F2:9D:F6
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 0187E1DA7467FD1188FA67D8D49892C189E0
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/Pk81OSG-nKOoPAIVdD5FFv3ynfY.roa
Signing time: Wed 03 May 2023 13:43:22 +0000
ROA not before: Wed 03 May 2023 13:43:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.115.217.0/24 maxlen: 24
45.140.210.0/24 maxlen: 24
45.140.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 06:50:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:da:74:67:fd:11:88:fa:67:d8:d4:98:92:c1:89:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: May 3 13:43:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e4f353921be9ca3a83c0215743e4516fdf29df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f6:17:18:f2:e8:18:f7:27:9b:b6:00:20:df:
98:fc:b3:0c:d0:25:7b:0a:bb:1b:20:5a:60:45:98:
79:86:9d:1a:bf:43:9a:c1:37:1d:9f:c1:b5:40:a0:
78:bb:ca:55:a2:0f:f5:0a:c1:cc:c8:ce:8d:12:7c:
c6:fc:d3:6c:83:cb:67:6c:2d:e3:35:33:91:eb:c8:
1f:29:65:96:d0:b2:93:26:dd:21:9e:ac:66:46:08:
aa:93:88:34:9f:7a:4e:43:13:f7:59:9c:38:01:87:
42:07:99:be:d4:0b:f5:18:74:40:5a:80:a9:b9:65:
98:a7:46:9d:a4:ad:bf:92:06:9e:1a:d4:1f:d7:76:
5f:01:e3:d5:9f:e9:18:c0:54:db:ec:5c:5a:2c:a6:
84:01:5a:4b:08:a0:74:47:c8:21:85:6a:84:1f:17:
37:c4:46:74:12:d4:d3:26:64:79:da:31:87:c3:4e:
bb:ea:21:81:8b:7a:50:11:54:d0:59:0c:0a:a9:eb:
df:1e:c1:9a:3b:81:c2:c1:19:27:a8:db:e2:7f:bd:
b1:8c:cb:ff:b7:7a:c6:f5:0c:a4:27:16:2d:19:a0:
ee:07:83:23:18:6f:97:50:fc:d6:e9:92:56:3f:5a:
40:95:b4:54:f8:03:41:82:4b:83:49:23:a3:db:88:
8b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4F:35:39:21:BE:9C:A3:A8:3C:02:15:74:3E:45:16:FD:F2:9D:F6
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/Pk81OSG-nKOoPAIVdD5FFv3ynfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.210.0/23
82.115.217.0/24
Signature Algorithm: sha256WithRSAEncryption
44:9c:93:58:ef:0d:c1:c7:50:7b:40:50:3a:b4:ce:6a:4b:de:
3f:1e:9a:34:5c:5b:9c:15:11:2e:50:50:76:fd:b4:6a:4c:22:
94:c2:7e:47:c6:9c:10:d1:28:07:a1:0d:64:5c:68:0c:d0:ff:
e4:f3:e5:dd:c7:ff:48:c0:3c:c6:db:0e:d1:3a:19:50:e0:87:
2b:e0:87:d1:c8:30:a7:f3:37:e0:84:66:73:81:59:c2:60:d3:
91:62:f7:12:3c:e5:d9:fa:a5:b4:ba:5d:c9:7c:1f:c6:c4:c3:
92:05:00:e2:d7:80:3b:84:26:7c:02:1a:d0:85:1f:08:52:63:
f2:9e:05:3c:b2:6d:c5:e9:e8:40:41:4a:6e:0f:e6:02:3e:8f:
fe:b5:b4:56:34:35:be:7d:42:2d:65:9e:34:a5:08:34:cd:d8:
d4:d1:82:1f:dc:11:b3:d8:2e:20:56:9b:40:7e:0c:e3:fd:2d:
bb:76:69:35:ee:10:cf:98:b4:41:23:b2:36:d7:42:32:f8:3e:
ff:9c:77:17:0e:d3:d9:25:07:60:c7:3e:fc:f2:bb:97:01:7f:
1c:3f:b3:2a:12:c0:3a:9e:52:7b:8e:29:ae:f6:b7:fd:19:d1:
4c:6c:01:fa:28:7b:96:86:78:dd:31:a3:ec:b3:e4:28:23:9f:
43:1a:a6:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfh2nRn/RGI+mfY1JiSwYngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjMwNTAzMTM0MzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRmMzUzOTIxYmU5Y2EzYTgzYzAyMTU3NDNlNDUxNmZkZjI5ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PYXGPLoGPcnm7YAIN+Y/LMM0CV7
CrsbIFpgRZh5hp0av0OawTcdn8G1QKB4u8pVog/1CsHMyM6NEnzG/NNsg8tnbC3j
NTOR68gfKWWW0LKTJt0hnqxmRgiqk4g0n3pOQxP3WZw4AYdCB5m+1Av1GHRAWoCp
uWWYp0adpK2/kgaeGtQf13ZfAePVn+kYwFTb7FxaLKaEAVpLCKB0R8ghhWqEHxc3
xEZ0EtTTJmR52jGHw0676iGBi3pQEVTQWQwKqevfHsGaO4HCwRknqNvif72xjMv/
t3rG9QykJxYtGaDuB4MjGG+XUPzW6ZJWP1pAlbRU+ANBgkuDSSOj24iLUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5PNTkhvpyjqDwCFXQ+RRb98p32MB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvUGs4MU9TRy1uS09vUEFJVmRENUZGdjN5bmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYzSAwQA
UnPZMA0GCSqGSIb3DQEBCwUAA4IBAQBEnJNY7w3Bx1B7QFA6tM5qS94/Hpo0XFuc
FREuUFB2/bRqTCKUwn5HxpwQ0SgHoQ1kXGgM0P/k8+Xdx/9IwDzG2w7ROhlQ4Icr
4IfRyDCn8zfghGZzgVnCYNORYvcSPOXZ+qW0ul3JfB/GxMOSBQDi14A7hCZ8AhrQ
hR8IUmPyngU8sm3F6ehAQUpuD+YCPo/+tbRWNDW+fUItZZ40pQg0zdjU0YIf3BGz
2C4gVptAfgzj/S27dmk17hDPmLRBI7I210Iy+D7/nHcXDtPZJQdgxz788ruXAX8c
P7MqEsA6nlJ7jimu9rf9GdFMbAH6KHuWhnjdMaPss+QoI59DGqYv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:56 2024 by rpki-client on console-ams.rpki-client.org