Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PpCcXoV50jdvIc05ybPR18W5tDQ.roa
File: PpCcXoV50jdvIc05ybPR18W5tDQ.roa (raw, json)
Hash identifier: 80980hR04Rf5DvqAPqUNuj1Uz5bwLzosSROpVkAZ8D4=
Subject key identifier: 3E:90:9C:5E:85:79:D2:37:6F:21:CD:39:C9:B3:D1:D7:C5:B9:B4:34
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01892CE8D928F073EDC2C3511EDB1EAD0602
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PpCcXoV50jdvIc05ybPR18W5tDQ.roa
Signing time: Thu 06 Jul 2023 20:33:24 +0000
ROA not before: Thu 06 Jul 2023 20:33:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.226.57.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
193.93.53.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jul 2023 19:59:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2c:e8:d9:28:f0:73:ed:c2:c3:51:1e:db:1e:ad:06:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 6 20:33:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e909c5e8579d2376f21cd39c9b3d1d7c5b9b434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ff:44:a9:f5:77:c1:57:db:8c:eb:04:96:3c:
22:39:95:92:19:cf:f2:e3:3f:e6:3e:63:1f:b8:82:
4e:6c:59:52:56:ba:91:61:d3:7f:7c:53:4c:f3:7d:
44:24:cb:b7:9f:b5:b8:44:45:a0:3d:6a:b2:86:75:
84:d5:29:6e:58:ea:77:a7:fb:a5:43:29:2c:6b:9e:
de:ac:72:b5:c9:9c:70:75:e3:aa:84:b5:1e:a1:a8:
3a:6b:9a:78:48:67:b4:e3:1b:55:5a:ae:43:28:06:
2e:73:e3:12:14:8b:15:3e:c7:1f:2a:a2:0d:63:76:
a1:88:0f:00:ae:08:b9:56:75:82:40:db:76:2b:86:
85:ff:fe:e5:d0:98:a9:37:55:88:cc:37:48:48:7b:
54:ad:d4:01:43:d1:22:1c:d8:67:42:b7:ae:49:01:
cd:9e:84:0f:fb:75:02:71:9f:41:48:4e:4b:b9:58:
d5:57:8c:c5:30:8e:05:9b:98:32:ac:06:9f:21:4b:
25:2c:3e:80:62:7d:e0:cd:bc:c3:4b:e8:9d:dc:4a:
68:bf:b1:b4:9b:f1:fa:f5:3a:2e:e4:d1:de:c0:8e:
59:4a:26:a4:c5:75:e9:87:26:58:11:38:d6:7f:33:
f7:29:7d:72:bf:6e:80:c2:0c:f3:d9:99:d6:ea:d2:
b7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:90:9C:5E:85:79:D2:37:6F:21:CD:39:C9:B3:D1:D7:C5:B9:B4:34
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PpCcXoV50jdvIc05ybPR18W5tDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.24.0/24
89.251.27.0/24
91.226.57.0/24
193.93.52.0/23
Signature Algorithm: sha256WithRSAEncryption
03:20:69:f9:06:57:e6:4f:98:c8:39:aa:b4:3e:4c:40:85:c2:
a6:61:a0:d9:77:d5:d3:df:85:13:6a:11:09:b9:0b:3b:f1:7a:
12:ee:0b:a5:83:a4:17:a4:77:13:a0:55:d9:ac:c8:48:31:d6:
8a:e0:43:39:cd:74:a0:93:0a:9b:e1:c4:2e:fe:cd:f9:9e:fb:
58:47:70:43:b7:cf:ac:b6:f6:89:2f:a2:e7:2e:6f:a7:22:9b:
53:f4:fd:6c:70:31:15:ac:2c:df:b3:97:99:ff:bb:47:e4:c8:
aa:5c:26:94:06:f2:87:27:41:9b:14:d1:14:08:ef:e2:57:2a:
21:1b:f9:14:f8:79:36:3f:d4:32:10:fd:8b:ab:ab:d5:1a:f7:
7f:28:f6:2b:ce:43:c5:eb:9c:16:21:94:de:ed:34:0b:38:b1:
91:f4:a6:8a:25:16:b0:0a:35:7b:5a:67:fe:53:ff:d0:16:09:
e4:10:74:dd:c0:60:f2:db:14:39:f0:48:ed:65:3f:1b:54:64:
9e:c3:0d:1f:93:4c:9e:90:54:ea:9a:3c:43:c0:f7:bf:5c:97:
c7:8d:a6:16:91:1f:3b:b8:d7:c5:80:7f:4c:eb:03:e1:62:1a:
98:3e:a0:c6:e1:eb:30:4b:ff:17:17:e6:87:64:5b:29:5c:e3:
09:35:66:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYks6Nko8HPtwsNRHtserQYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzA2MjAzMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTkwOWM1ZTg1NzlkMjM3NmYyMWNkMzljOWIzZDFkN2M1YjliNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/9EqfV3wVfbjOsEljwiOZWSGc/y
4z/mPmMfuIJObFlSVrqRYdN/fFNM831EJMu3n7W4REWgPWqyhnWE1SluWOp3p/ul
Qyksa57erHK1yZxwdeOqhLUeoag6a5p4SGe04xtVWq5DKAYuc+MSFIsVPscfKqIN
Y3ahiA8Argi5VnWCQNt2K4aF//7l0JipN1WIzDdISHtUrdQBQ9EiHNhnQreuSQHN
noQP+3UCcZ9BSE5LuVjVV4zFMI4Fm5gyrAafIUslLD6AYn3gzbzDS+id3Epov7G0
m/H69Tou5NHewI5ZSiakxXXphyZYETjWfzP3KX1yv26Awgzz2ZnW6tK3XwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD6QnF6FedI3byHNOcmz0dfFubQ0MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUHBDY1hvVjUwamR2SWMwNXliUFIxOFc1dERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfsYAwQA
WfsbAwQAW+I5AwQBwV00MA0GCSqGSIb3DQEBCwUAA4IBAQADIGn5BlfmT5jIOaq0
PkxAhcKmYaDZd9XT34UTahEJuQs78XoS7gulg6QXpHcToFXZrMhIMdaK4EM5zXSg
kwqb4cQu/s35nvtYR3BDt8+stvaJL6LnLm+nIptT9P1scDEVrCzfs5eZ/7tH5Miq
XCaUBvKHJ0GbFNEUCO/iVyohG/kU+Hk2P9QyEP2Lq6vVGvd/KPYrzkPF65wWIZTe
7TQLOLGR9KaKJRawCjV7Wmf+U//QFgnkEHTdwGDy2xQ58EjtZT8bVGSeww0fk0ye
kFTqmjxDwPe/XJfHjaYWkR87uNfFgH9M6wPhYhqYPqDG4eswS/8XF+aHZFspXOMJ
NWZy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org