Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/PRwtyn_1fFVGlUON4MwtXz3D8fU.roa
File: PRwtyn_1fFVGlUON4MwtXz3D8fU.roa (raw, json)
Hash identifier: uks84+vK+L3mQtyHiVcFxRyCaejKZnXJ+45lgjdD58M=
Subject key identifier: 3D:1C:2D:CA:7F:F5:7C:55:46:95:43:8D:E0:CC:2D:5F:3D:C3:F1:F5
Certificate issuer: /CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Certificate serial: 01857C05A0B15C26C1B53DB3B2C396DBEEC1
Authority key identifier: 95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/PRwtyn_1fFVGlUON4MwtXz3D8fU.roa
Signing time: Wed 04 Jan 2023 09:03:41 +0000
ROA not before: Wed 04 Jan 2023 09:03:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8613
IP address blocks: 185.8.204.0/22 maxlen: 24
212.102.192.0/19 maxlen: 24
195.200.128.0/19 maxlen: 24
2a00:b300::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:05:a0:b1:5c:26:c1:b5:3d:b3:b2:c3:96:db:ee:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Validity
Not Before: Jan 4 09:03:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d1c2dca7ff57c554695438de0cc2d5f3dc3f1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:8a:ca:d7:04:6a:95:4d:e1:41:72:81:12:
64:4c:e9:42:64:46:72:31:84:8f:3a:8d:59:39:9c:
0e:19:1e:8d:0d:78:2a:12:1f:72:29:f3:39:3d:37:
50:9c:71:ed:a1:3c:7d:ab:85:ef:ff:1b:86:8b:2d:
7b:34:1c:ab:2a:68:b5:0a:8e:48:f1:b5:0d:6f:ff:
49:ef:83:fe:9e:b1:16:5e:8d:bc:37:65:f4:44:a0:
a7:ff:a0:84:c6:94:82:f4:8c:80:c7:6f:a3:5f:63:
43:8a:24:b4:8d:df:0e:06:96:7a:cd:ea:81:c8:3a:
1d:d5:78:37:0d:d2:55:1b:8b:c8:e9:eb:e3:5d:7d:
0f:d3:38:da:b6:a4:a1:c6:c0:2c:4c:79:75:24:27:
15:95:39:e7:2f:33:b8:0b:ed:68:a5:fc:73:cd:d0:
9a:69:0c:38:b3:aa:ef:a8:49:03:68:7f:e0:91:ee:
ca:0d:af:d6:69:d4:ba:41:19:34:a9:52:5c:f4:2b:
77:c9:07:91:f7:b2:7c:32:4a:c8:50:82:8f:00:1e:
79:7f:54:2e:86:89:71:71:58:dd:eb:c1:98:00:90:
9d:b9:d4:81:0f:45:96:b7:35:54:06:7e:fc:bc:19:
f3:64:27:d6:ec:c4:b7:1b:90:75:54:e2:40:0f:a2:
6a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1C:2D:CA:7F:F5:7C:55:46:95:43:8D:E0:CC:2D:5F:3D:C3:F1:F5
X509v3 Authority Key Identifier:
keyid:95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/PRwtyn_1fFVGlUON4MwtXz3D8fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.204.0/22
195.200.128.0/19
212.102.192.0/19
IPv6:
2a00:b300::/29
Signature Algorithm: sha256WithRSAEncryption
c3:8f:1f:75:eb:da:5e:63:69:12:41:58:95:28:b9:a0:4b:1d:
82:c3:b1:ff:a9:ad:c3:d1:4b:24:8a:ee:53:66:12:11:89:7f:
41:74:ff:c4:a7:f6:c7:dc:c2:20:9d:cb:97:08:82:9a:93:f0:
56:27:dc:3f:6f:04:a2:c7:ac:ac:e8:b5:96:c3:26:11:51:0c:
b2:8d:76:b9:63:a7:df:2f:0d:52:bd:9f:3c:45:01:08:6b:2b:
ff:74:85:9d:c4:21:3a:32:2a:bb:f8:c5:3a:27:0d:45:af:b5:
c8:5e:90:38:26:1c:c8:56:87:48:64:a3:bf:97:f3:e8:ba:19:
42:b4:2f:3e:fe:e7:cc:df:f6:52:b3:fe:dd:56:88:b5:be:0b:
b7:7b:0d:8d:7e:68:49:4a:d9:77:f7:35:b9:bb:52:f6:2f:58:
a3:d7:7f:35:f3:18:0b:7e:39:0c:97:c9:4a:26:c5:74:1b:05:
ef:5e:26:f0:fb:d0:92:36:bb:4f:41:2a:b6:ea:91:ee:cc:b2:
f2:7c:ad:92:c7:a7:73:21:cc:57:fc:5e:55:52:14:a7:44:23:
7c:0d:df:f1:7b:81:dd:5c:36:26:cd:ae:1e:bc:64:cb:e6:ad:
4a:ce:50:8d:6d:bc:e3:5d:ab:ed:20:0e:66:93:bd:9b:f8:c6:
2a:2b:2d:9e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYV8BaCxXCbBtT2zssOW2+7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTVhZGY2YWYxZmNjMDU3MGFkZjg1OGZkNWJmYmUyODc5
MWExODYwHhcNMjMwMTA0MDkwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFjMmRjYTdmZjU3YzU1NDY5NTQzOGRlMGNjMmQ1ZjNkYzNmMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltuKytcEapVN4UFygRJkTOlCZEZy
MYSPOo1ZOZwOGR6NDXgqEh9yKfM5PTdQnHHtoTx9q4Xv/xuGiy17NByrKmi1Co5I
8bUNb/9J74P+nrEWXo28N2X0RKCn/6CExpSC9IyAx2+jX2NDiiS0jd8OBpZ6zeqB
yDod1Xg3DdJVG4vI6evjXX0P0zjatqShxsAsTHl1JCcVlTnnLzO4C+1opfxzzdCa
aQw4s6rvqEkDaH/gke7KDa/WadS6QRk0qVJc9Ct3yQeR97J8MkrIUIKPAB55f1Qu
holxcVjd68GYAJCdudSBD0WWtzVUBn78vBnzZCfW7MS3G5B1VOJAD6JqOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD0cLcp/9XxVRpVDjeDMLV89w/H1MB8GA1UdIwQY
MBaAFJWlrfavH8wFcK34WP1b++KHkaGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTIt
MTYxOWQwOGM2OTY1LzEvUFJ3dHluXzFmRlZHbFVPTjRNd3RYejNEOGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTItMTYxOWQwOGM2OTY1
LzEvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQjMAwQF
w8iAAwQF1GbAMA0EAgACMAcDBQMqALMAMA0GCSqGSIb3DQEBCwUAA4IBAQDDjx91
69peY2kSQViVKLmgSx2Cw7H/qa3D0Uskiu5TZhIRiX9BdP/Ep/bH3MIgncuXCIKa
k/BWJ9w/bwSix6ys6LWWwyYRUQyyjXa5Y6ffLw1SvZ88RQEIayv/dIWdxCE6Miq7
+MU6Jw1Fr7XIXpA4JhzIVodIZKO/l/PouhlCtC8+/ufM3/ZSs/7dVoi1vgu3ew2N
fmhJStl39zW5u1L2L1ij13818xgLfjkMl8lKJsV0GwXvXibw+9CSNrtPQSq26pHu
zLLyfK2Sx6dzIcxX/F5VUhSnRCN8Dd/xe4HdXDYmza4evGTL5q1KzlCNbbzjXavt
IA5mk72b+MYqKy2e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:34 2024 by rpki-client on console-ams.rpki-client.org