Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e326b9-795f-4a0b-9efd-e69be395b0f7/1/PpcdogixcULNIbouBJ6rUarSsOQ.roa
File: PpcdogixcULNIbouBJ6rUarSsOQ.roa (raw, json)
Hash identifier: aoEzrzQ6jN9jWA0r7vP1QFEQNfsVl+ZNhzO0jI2+6eQ=
Subject key identifier: 3E:97:1D:A2:08:B1:71:42:CD:21:BA:2E:04:9E:AB:51:AA:D2:B0:E4
Certificate issuer: /CN=0d7413dcf537374a70daa31fd9a99fd29b033239
Certificate serial: 018CCA99A4DDC5211E74A8FDADBCF1AFEBA7
Authority key identifier: 0D:74:13:DC:F5:37:37:4A:70:DA:A3:1F:D9:A9:9F:D2:9B:03:32:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXQT3PU3N0pw2qMf2amf0psDMjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e326b9-795f-4a0b-9efd-e69be395b0f7/1/PpcdogixcULNIbouBJ6rUarSsOQ.roa
Signing time: Tue 02 Jan 2024 14:35:15 +0000
ROA not before: Tue 02 Jan 2024 14:35:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48173
IP address blocks: 91.229.178.0/23 maxlen: 24
193.169.180.0/23 maxlen: 24
91.241.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:a4:dd:c5:21:1e:74:a8:fd:ad:bc:f1:af:eb:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7413dcf537374a70daa31fd9a99fd29b033239
Validity
Not Before: Jan 2 14:35:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e971da208b17142cd21ba2e049eab51aad2b0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2e:ce:d3:a5:25:c8:de:6e:be:78:ef:64:80:
ce:82:6a:73:d6:6a:a3:99:85:c8:20:39:f3:25:65:
4d:13:84:f4:a5:ff:e7:33:22:4c:7f:16:eb:e4:42:
86:02:42:06:c7:88:3c:3e:96:50:de:f5:c3:79:4e:
60:47:06:20:25:2b:68:ce:67:fa:45:3f:4d:60:50:
f2:c9:64:d8:9d:ff:b0:46:a5:2f:ae:2f:79:99:28:
4a:c5:f6:31:57:33:91:2d:23:01:f0:bb:35:e4:88:
c8:ef:79:04:d7:09:fd:fa:8b:2b:54:d1:85:b9:2b:
07:f5:0d:cb:e0:ba:fb:e1:f6:a7:9b:bf:b6:00:74:
2c:4f:76:e3:75:a7:1f:fb:4d:ec:81:1c:81:14:c2:
b7:d1:92:f2:0a:40:10:7f:7f:ab:49:14:38:29:e0:
3a:7b:67:16:93:f1:10:fe:3f:dd:ae:93:f6:63:a7:
3e:40:f1:55:82:09:63:89:e3:4c:f8:4b:05:6e:14:
65:52:be:bc:90:a7:52:bd:f6:8b:2d:0e:0b:48:a6:
d2:cd:f2:07:2d:29:04:a0:82:ff:ff:15:e6:6e:23:
31:a1:69:f2:10:5c:be:d8:3a:55:44:30:f6:d3:26:
bf:2d:08:d4:5a:de:17:e9:02:1d:99:33:c2:1d:a5:
e5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:97:1D:A2:08:B1:71:42:CD:21:BA:2E:04:9E:AB:51:AA:D2:B0:E4
X509v3 Authority Key Identifier:
keyid:0D:74:13:DC:F5:37:37:4A:70:DA:A3:1F:D9:A9:9F:D2:9B:03:32:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXQT3PU3N0pw2qMf2amf0psDMjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e326b9-795f-4a0b-9efd-e69be395b0f7/1/PpcdogixcULNIbouBJ6rUarSsOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e326b9-795f-4a0b-9efd-e69be395b0f7/1/DXQT3PU3N0pw2qMf2amf0psDMjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.178.0/23
91.241.72.0/22
193.169.180.0/23
Signature Algorithm: sha256WithRSAEncryption
92:6f:ac:93:ae:a1:e1:1f:b2:60:36:4a:93:dc:96:ed:29:ff:
c0:c8:a8:14:24:cc:c6:47:21:91:6b:b5:af:e7:69:23:3e:6b:
b8:0d:7b:e0:d5:12:25:42:63:42:61:e1:5f:18:44:13:27:bf:
e8:ab:a3:76:f1:8b:ae:bb:4f:75:03:64:34:70:1a:d8:2f:85:
21:6d:dc:28:01:c8:3f:dd:1a:d8:e9:76:c2:5b:da:e5:f9:18:
b5:b9:7f:56:18:d8:20:53:ff:55:0c:fa:cb:a6:71:c4:5e:0c:
0d:58:2f:0e:30:f4:9f:1b:d7:b3:43:df:3d:01:ed:6c:7a:5a:
d8:0f:c9:9f:4e:97:db:cd:c1:74:6e:f6:11:66:2d:a0:b0:0a:
ff:0e:07:83:60:19:05:28:76:3d:35:94:70:db:8b:7c:29:3c:
38:64:02:06:77:a8:14:ab:12:13:45:11:ff:c6:2a:9d:75:c9:
3b:2a:5d:d0:c2:ef:4a:c7:2d:37:d5:19:66:00:c4:4e:c5:b0:
52:8c:01:b1:c0:66:0c:5e:03:97:44:8e:44:84:e7:a7:8e:07:
8b:de:38:37:22:27:91:9a:cd:d0:b6:c5:ac:9e:ea:54:06:c2:
f0:87:54:2e:ed:b2:5c:14:78:e1:ef:4e:32:c7:06:9c:da:45:
30:df:96:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKmaTdxSEedKj9rbzxr+unMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzQxM2RjZjUzNzM3NGE3MGRhYTMxZmQ5YTk5ZmQyOWIw
MzMyMzkwHhcNMjQwMTAyMTQzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTk3MWRhMjA4YjE3MTQyY2QyMWJhMmUwNDllYWI1MWFhZDJiMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC7O06UlyN5uvnjvZIDOgmpz1mqj
mYXIIDnzJWVNE4T0pf/nMyJMfxbr5EKGAkIGx4g8PpZQ3vXDeU5gRwYgJStozmf6
RT9NYFDyyWTYnf+wRqUvri95mShKxfYxVzORLSMB8Ls15IjI73kE1wn9+osrVNGF
uSsH9Q3L4Lr74fanm7+2AHQsT3bjdacf+03sgRyBFMK30ZLyCkAQf3+rSRQ4KeA6
e2cWk/EQ/j/drpP2Y6c+QPFVggljieNM+EsFbhRlUr68kKdSvfaLLQ4LSKbSzfIH
LSkEoIL//xXmbiMxoWnyEFy+2DpVRDD20ya/LQjUWt4X6QIdmTPCHaXlfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD6XHaIIsXFCzSG6LgSeq1Gq0rDkMB8GA1UdIwQY
MBaAFA10E9z1NzdKcNqjH9mpn9KbAzI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhRVDNQVTNOMHB3MnFNZjJhbWYwcHNETWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lMzI2YjktNzk1Zi00YTBiLTllZmQt
ZTY5YmUzOTViMGY3LzEvUHBjZG9naXhjVUxOSWJvdUJKNnJVYXJTc09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lMzI2YjktNzk1Zi00YTBiLTllZmQtZTY5YmUzOTViMGY3
LzEvRFhRVDNQVTNOMHB3MnFNZjJhbWYwcHNETWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+WyAwQC
W/FIAwQBwam0MA0GCSqGSIb3DQEBCwUAA4IBAQCSb6yTrqHhH7JgNkqT3JbtKf/A
yKgUJMzGRyGRa7Wv52kjPmu4DXvg1RIlQmNCYeFfGEQTJ7/oq6N28Yuuu091A2Q0
cBrYL4UhbdwoAcg/3RrY6XbCW9rl+Ri1uX9WGNggU/9VDPrLpnHEXgwNWC8OMPSf
G9ezQ989Ae1selrYD8mfTpfbzcF0bvYRZi2gsAr/DgeDYBkFKHY9NZRw24t8KTw4
ZAIGd6gUqxITRRH/xiqddck7Kl3Qwu9Kxy031RlmAMROxbBSjAGxwGYMXgOXRI5E
hOenjgeL3jg3IieRms3QtsWsnupUBsLwh1Qu7bJcFHjh704yxwac2kUw35Z6
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:24:13 2025 by rpki-client