Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/pigAOV1KW_kEH5UXsrB_E2uetWM.roa
File: pigAOV1KW_kEH5UXsrB_E2uetWM.roa (raw, json)
Hash identifier: Wpxt8sBBqymvZh1WSVntsYJ74uzQmFzeWE6F1cxZG2Y=
Subject key identifier: A6:28:00:39:5D:4A:5B:F9:04:1F:95:17:B2:B0:7F:13:6B:9E:B5:63
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 01881FEC253FD593C7664EEF4D5F748811FC
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/pigAOV1KW_kEH5UXsrB_E2uetWM.roa
Signing time: Mon 15 May 2023 14:59:09 +0000
ROA not before: Mon 15 May 2023 14:59:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43647
IP address blocks: 82.148.0.0/21 maxlen: 24
185.76.12.0/22 maxlen: 22
89.232.184.0/22 maxlen: 24
213.232.225.0/24 maxlen: 24
213.232.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 08:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:ec:25:3f:d5:93:c7:66:4e:ef:4d:5f:74:88:11:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: May 15 14:59:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a62800395d4a5bf9041f9517b2b07f136b9eb563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:df:70:d4:cb:ae:1d:d1:23:da:0e:f6:be:3f:
fe:29:29:42:f9:fa:6c:23:1e:64:03:da:42:44:39:
5a:77:a5:be:7d:ba:c3:39:52:d7:c9:3b:4b:ce:83:
1e:00:a9:4d:2e:7a:f1:9d:ca:a4:d7:37:0e:d3:ba:
64:b6:01:c4:ab:bd:b9:ea:6b:42:57:57:4b:7d:20:
ea:79:aa:98:59:1f:04:15:c5:bb:10:36:6f:d5:4f:
c2:d8:b1:a7:cc:db:db:11:81:1e:f7:88:69:7c:e2:
21:bd:ec:07:1a:11:2f:47:2a:03:22:a5:c4:96:94:
83:b5:88:c1:ff:4e:96:24:df:96:b9:9e:54:fe:45:
be:73:b2:78:db:2d:53:85:cf:d4:44:6f:b3:2d:50:
4e:8d:74:dc:ff:2e:c9:34:a3:90:f2:6a:10:fe:6c:
09:10:7c:72:6d:32:c7:e2:29:46:5e:d8:2f:93:2e:
d6:6d:39:bd:94:22:3a:4f:78:2c:5c:05:8c:e1:67:
70:35:69:fb:ec:20:44:ee:29:78:ee:df:8b:13:02:
53:78:b3:53:8a:5b:b5:de:83:75:6e:93:58:02:24:
d5:3e:f4:51:08:68:16:62:a9:d1:dc:33:a3:ac:ff:
ba:7c:04:b3:5d:ae:91:c9:2a:1f:93:b9:ee:e9:ea:
cc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:28:00:39:5D:4A:5B:F9:04:1F:95:17:B2:B0:7F:13:6B:9E:B5:63
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/pigAOV1KW_kEH5UXsrB_E2uetWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.0.0/21
89.232.184.0/22
185.76.12.0/22
213.232.225.0/24
213.232.245.0/24
Signature Algorithm: sha256WithRSAEncryption
68:dd:dc:38:93:4f:de:0a:03:10:b0:45:81:e1:13:5f:8d:ca:
90:44:b6:33:62:a7:61:a5:91:d8:57:a9:0b:7f:ef:6a:e4:35:
bc:0b:ed:4e:95:bb:e8:c4:47:e8:4a:d8:a7:09:14:e8:f6:c9:
53:51:3c:da:31:a3:07:8f:5d:19:be:03:ab:97:16:6a:de:97:
3a:ff:d2:40:1a:8b:19:07:51:4b:1e:e4:e6:a9:3d:d6:c8:e2:
2d:5f:1d:c4:8f:8a:6e:fb:c7:e3:bd:c5:91:43:8c:c4:d2:87:
c5:82:a9:c6:33:af:fa:87:2d:1f:1c:e1:60:4f:ab:78:37:ed:
ab:e8:f2:c3:e4:5b:1e:12:0b:64:1a:28:59:b7:f3:20:27:64:
51:f2:7e:4d:5e:90:69:dc:44:41:71:d5:8e:f9:f8:84:b9:4a:
b8:9a:8a:7a:e2:a3:d8:49:01:5e:29:ff:a2:59:37:1c:1b:ae:
8f:fe:17:bf:1f:5f:07:7b:98:1a:9c:c0:ef:0a:ff:de:56:53:
59:c8:a7:4d:7d:2f:11:52:3a:89:bb:34:3f:0f:57:2d:0c:3b:
1a:bb:57:3f:08:95:3c:9a:ca:21:dc:d1:fa:2d:72:3f:e5:1c:
91:cf:d9:43:f5:88:45:59:d4:05:85:60:32:2e:f3:49:7b:a2:
b8:8b:43:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgf7CU/1ZPHZk7vTV90iBH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjMwNTE1MTQ1OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI4MDAzOTVkNGE1YmY5MDQxZjk1MTdiMmIwN2YxMzZiOWViNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN9w1MuuHdEj2g72vj/+KSlC+fps
Ix5kA9pCRDlad6W+fbrDOVLXyTtLzoMeAKlNLnrxncqk1zcO07pktgHEq7256mtC
V1dLfSDqeaqYWR8EFcW7EDZv1U/C2LGnzNvbEYEe94hpfOIhvewHGhEvRyoDIqXE
lpSDtYjB/06WJN+WuZ5U/kW+c7J42y1Thc/URG+zLVBOjXTc/y7JNKOQ8moQ/mwJ
EHxybTLH4ilGXtgvky7WbTm9lCI6T3gsXAWM4WdwNWn77CBE7il47t+LEwJTeLNT
ilu13oN1bpNYAiTVPvRRCGgWYqnR3DOjrP+6fASzXa6RySofk7nu6erMDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKYoADldSlv5BB+VF7KwfxNrnrVjMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvcGlnQU9WMUtXX2tFSDVVWHNyQl9FMnVldFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUpQAAwQC
Wei4AwQCuUwMAwQA1ejhAwQA1ej1MA0GCSqGSIb3DQEBCwUAA4IBAQBo3dw4k0/e
CgMQsEWB4RNfjcqQRLYzYqdhpZHYV6kLf+9q5DW8C+1OlbvoxEfoStinCRTo9slT
UTzaMaMHj10ZvgOrlxZq3pc6/9JAGosZB1FLHuTmqT3WyOItXx3Ej4pu+8fjvcWR
Q4zE0ofFgqnGM6/6hy0fHOFgT6t4N+2r6PLD5FseEgtkGihZt/MgJ2RR8n5NXpBp
3ERBcdWO+fiEuUq4mop64qPYSQFeKf+iWTccG66P/he/H18He5ganMDvCv/eVlNZ
yKdNfS8RUjqJuzQ/D1ctDDsau1c/CJU8msoh3NH6LXI/5RyRz9lD9YhFWdQFhWAy
LvNJe6K4i0Oe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:19 2024 by rpki-client on console-ams.rpki-client.org