Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PvkiwswTeD8jp2eI1Zpe68WWjZU.roa
File: PvkiwswTeD8jp2eI1Zpe68WWjZU.roa (raw, json)
Hash identifier: F3qk4bEI1/VPvY95VgNsUfVU2clrmL8OwabLz9eealQ=
Subject key identifier: 3E:F9:22:C2:CC:13:78:3F:23:A7:67:88:D5:9A:5E:EB:C5:96:8D:95
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DCC65049C4DF53AD6D3B52242FC8568CA
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PvkiwswTeD8jp2eI1Zpe68WWjZU.roa
Signing time: Wed 21 Feb 2024 15:59:48 +0000
ROA not before: Wed 21 Feb 2024 15:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.246.48.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 17:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:65:04:9c:4d:f5:3a:d6:d3:b5:22:42:fc:85:68:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 21 15:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ef922c2cc13783f23a76788d59a5eebc5968d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c0:ae:86:c7:15:ab:81:b6:41:72:2e:f7:f9:
2c:f1:d6:7e:67:ee:c2:11:a2:a1:87:2e:c0:7f:45:
c0:c5:eb:79:44:c2:75:1a:d5:b4:b7:6b:c7:ac:92:
4f:6f:9f:db:7b:82:82:9d:12:7f:99:bd:2e:22:70:
4c:76:3a:ca:46:65:4d:5d:e1:b5:7b:3e:9f:ea:fa:
5e:17:72:c6:b6:12:70:47:f8:4d:00:a5:f8:4a:22:
8e:40:8b:31:51:15:ee:ed:e4:81:9c:7c:62:d2:f8:
04:2a:f2:18:7e:6c:45:34:e0:7b:8d:bf:b6:5f:73:
80:3e:4e:9b:9b:67:cd:a4:94:99:01:e3:cb:41:f5:
52:cf:b3:2e:f6:19:c7:30:f4:e4:a5:e3:38:47:90:
ce:a7:35:38:3d:30:ac:82:85:8e:3d:20:f7:d2:62:
7c:5e:61:8c:3e:7b:52:19:c5:0d:cf:3e:8e:ac:10:
de:36:a0:85:64:2e:88:8b:c8:eb:87:d0:0d:4f:84:
79:03:d3:1d:ab:30:0b:8d:b7:ac:ae:9c:dc:62:5c:
d7:d9:5b:ae:ce:35:53:65:8c:51:19:b5:3d:f6:bf:
31:99:ac:d8:a3:e4:f8:01:98:64:60:7f:ea:7f:aa:
2a:5f:c5:f0:8f:66:e2:87:21:77:57:c5:aa:43:9d:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F9:22:C2:CC:13:78:3F:23:A7:67:88:D5:9A:5E:EB:C5:96:8D:95
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PvkiwswTeD8jp2eI1Zpe68WWjZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.48.0/24
91.247.166.0/24
91.247.173.0/24
194.105.60.0/24
194.107.92.0/24
217.198.180.0/24
Signature Algorithm: sha256WithRSAEncryption
93:88:1d:a6:28:4c:19:3d:6e:21:25:95:69:a0:4b:a0:28:f6:
de:11:02:05:48:01:2b:de:82:a2:e9:ac:d6:51:b4:8b:59:a8:
dc:fb:f4:31:6e:64:ed:f7:6b:7a:9e:34:e8:94:db:82:46:9c:
a7:5a:fb:05:32:85:7e:71:72:13:24:4c:fb:30:02:e0:aa:99:
a4:b4:50:fe:c1:1f:db:db:50:a4:fe:20:5a:69:25:b6:75:28:
86:14:6c:6f:2c:00:ba:df:90:de:75:27:c8:30:6f:81:81:de:
77:01:47:2c:14:b4:53:f5:26:10:ff:df:f7:e9:e3:9a:31:0f:
20:b8:40:68:af:eb:c8:3d:aa:1f:21:86:30:51:1e:3d:61:ee:
f4:1f:7a:6a:36:db:5a:80:38:b7:93:d0:00:fe:70:8e:cd:b5:
a8:ce:74:f4:9e:22:69:fe:a8:0c:48:6b:a7:25:8f:3e:67:8f:
d6:f3:ff:4e:65:3a:74:62:8e:39:a1:4c:8c:9b:c9:ea:e2:d9:
2b:0d:a4:3a:46:f9:43:96:9a:34:1b:9a:34:90:fd:b2:38:bd:
24:cc:0d:dd:c8:89:06:06:17:8d:39:65:0d:b8:02:3f:8f:9e:
51:ed:ca:0b:fc:22:5d:c5:25:03:d4:7f:45:2f:89:eb:50:55:
60:42:62:17
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3MZQScTfU61tO1IkL8hWjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIxMTU1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY5MjJjMmNjMTM3ODNmMjNhNzY3ODhkNTlhNWVlYmM1OTY4ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMCuhscVq4G2QXIu9/ks8dZ+Z+7C
EaKhhy7Af0XAxet5RMJ1GtW0t2vHrJJPb5/be4KCnRJ/mb0uInBMdjrKRmVNXeG1
ez6f6vpeF3LGthJwR/hNAKX4SiKOQIsxURXu7eSBnHxi0vgEKvIYfmxFNOB7jb+2
X3OAPk6bm2fNpJSZAePLQfVSz7Mu9hnHMPTkpeM4R5DOpzU4PTCsgoWOPSD30mJ8
XmGMPntSGcUNzz6OrBDeNqCFZC6Ii8jrh9ANT4R5A9MdqzALjbesrpzcYlzX2Vuu
zjVTZYxRGbU99r8xmazYo+T4AZhkYH/qf6oqX8Xwj2bihyF3V8WqQ51fJwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD75IsLME3g/I6dniNWaXuvFlo2VMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUHZraXdzd1RlRDhqcDJlSTFacGU2OFdXalpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW/YwAwQA
W/emAwQAW/etAwQAwmk8AwQAwmtcAwQA2ca0MA0GCSqGSIb3DQEBCwUAA4IBAQCT
iB2mKEwZPW4hJZVpoEugKPbeEQIFSAEr3oKi6azWUbSLWajc+/QxbmTt92t6njTo
lNuCRpynWvsFMoV+cXITJEz7MALgqpmktFD+wR/b21Ck/iBaaSW2dSiGFGxvLAC6
35DedSfIMG+Bgd53AUcsFLRT9SYQ/9/36eOaMQ8guEBor+vIPaofIYYwUR49Ye70
H3pqNttagDi3k9AA/nCOzbWoznT0niJp/qgMSGunJY8+Z4/W8/9OZTp0Yo45oUyM
m8nq4tkrDaQ6RvlDlpo0G5o0kP2yOL0kzA3dyIkGBheNOWUNuAI/j55R7coL/CJd
xSUD1H9FL4nrUFVgQmIX
-----END CERTIFICATE-----
Generated at Thu Feb 22 20:52:03 2024 by rpki-client on console-fra.rpki-client.org