Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/pLTWAY_iBWp9G-GSx4IfmLhG3gs.roa
File: pLTWAY_iBWp9G-GSx4IfmLhG3gs.roa (raw, json)
Hash identifier: 4dIEXNTnwqDwGz4OCaoS+YVG+/GtwBcc3eUIT//lKBw=
Subject key identifier: A4:B4:D6:01:8F:E2:05:6A:7D:1B:E1:92:C7:82:1F:98:B8:46:DE:0B
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0185E79B5034B6CB547BD9FEC92C351BF803
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/pLTWAY_iBWp9G-GSx4IfmLhG3gs.roa
Signing time: Wed 25 Jan 2023 06:26:33 +0000
ROA not before: Wed 25 Jan 2023 06:26:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 82.163.56.0/22 maxlen: 24
82.163.64.0/22 maxlen: 24
82.163.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 06:46:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e7:9b:50:34:b6:cb:54:7b:d9:fe:c9:2c:35:1b:f8:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 25 06:26:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4b4d6018fe2056a7d1be192c7821f98b846de0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0c:94:f4:f9:b4:f8:61:66:08:2c:b8:6d:f3:
a3:ad:68:ac:1e:f9:b1:0c:42:6d:27:fb:7f:5b:a8:
f7:c6:a4:33:b6:ba:a6:9b:12:d4:c3:f2:75:ee:a0:
45:51:c7:56:96:76:34:da:f6:c9:c5:8a:53:4f:82:
11:32:58:0b:52:ff:9d:45:eb:95:ee:7b:78:5c:e5:
fb:22:1d:55:b2:03:90:38:74:a8:f2:25:1f:2d:3c:
ae:3e:eb:bc:4a:ee:68:a2:9d:29:6a:52:27:49:e0:
08:e9:4e:c0:59:a0:8a:2f:2a:7c:c4:9b:68:f6:70:
c7:82:de:6b:f9:2a:28:3a:54:2d:a7:98:2c:eb:bf:
f0:c4:9d:d3:71:88:87:93:f8:e0:86:74:24:d4:41:
90:e3:c5:08:9a:79:01:5a:fe:6d:28:a2:d1:0c:1f:
84:44:16:7d:a9:c4:a0:fd:a6:32:ae:5e:d3:97:36:
80:50:7c:44:3d:60:fe:1a:d6:98:57:fa:52:86:95:
21:a0:11:76:0d:2e:f9:6d:44:5b:b7:23:af:76:2b:
88:d4:e9:8d:b6:c6:08:ea:c7:80:79:0b:8f:a3:e9:
8c:3f:be:03:2a:6f:0f:b9:3b:c7:d6:85:81:eb:aa:
7f:ab:70:1a:63:29:74:dd:05:f6:ed:99:32:da:41:
38:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B4:D6:01:8F:E2:05:6A:7D:1B:E1:92:C7:82:1F:98:B8:46:DE:0B
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/pLTWAY_iBWp9G-GSx4IfmLhG3gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.56.0/22
82.163.64.0/22
82.163.228.0/22
Signature Algorithm: sha256WithRSAEncryption
08:d5:ce:20:30:e3:f1:39:04:dc:f7:76:19:a4:ba:16:c5:b0:
8f:db:e2:4e:a6:b3:79:78:c2:d2:80:75:64:51:7c:9f:76:91:
33:59:28:f2:8e:39:44:14:6c:85:6d:6e:ff:40:cb:54:b8:0d:
81:1e:31:b7:7e:43:d6:a4:66:8a:48:c4:36:d0:7f:19:7b:fb:
30:18:11:ec:33:8d:95:a7:b3:53:ac:ed:1c:d3:b0:4a:ce:01:
db:70:72:9d:98:3d:e3:59:cc:55:11:67:e0:aa:c7:99:79:19:
4c:00:69:0b:7b:c0:5f:35:c6:f7:94:cd:21:c2:0e:b7:db:38:
44:7c:1e:80:d3:e7:ec:5b:e5:e4:42:82:8e:d6:37:c5:94:e7:
4c:fa:6c:f8:04:d0:34:26:02:5e:f9:f3:aa:ec:16:c4:5a:4f:
f6:53:23:27:52:ec:4e:4b:af:0a:3e:b2:c7:51:18:2a:30:5d:
5d:87:a4:86:d8:ca:a8:62:fa:74:4e:d1:11:17:b0:52:54:28:
21:02:d7:66:34:96:9f:ef:b6:b0:b3:92:08:ea:d9:ab:38:2d:
ed:69:69:c4:d8:51:61:ea:bd:31:39:28:30:4e:3e:e0:d3:b7:
2e:ca:dc:f5:b6:93:bb:a1:78:46:fc:44:6d:1c:84:f3:fe:a8:
f3:9e:b4:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXnm1A0tstUe9n+ySw1G/gDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTI1MDYyNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGI0ZDYwMThmZTIwNTZhN2QxYmUxOTJjNzgyMWY5OGI4NDZkZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngyU9Pm0+GFmCCy4bfOjrWisHvmx
DEJtJ/t/W6j3xqQztrqmmxLUw/J17qBFUcdWlnY02vbJxYpTT4IRMlgLUv+dReuV
7nt4XOX7Ih1VsgOQOHSo8iUfLTyuPuu8Su5oop0palInSeAI6U7AWaCKLyp8xJto
9nDHgt5r+SooOlQtp5gs67/wxJ3TcYiHk/jghnQk1EGQ48UImnkBWv5tKKLRDB+E
RBZ9qcSg/aYyrl7TlzaAUHxEPWD+GtaYV/pShpUhoBF2DS75bURbtyOvdiuI1OmN
tsYI6seAeQuPo+mMP74DKm8PuTvH1oWB66p/q3AaYyl03QX27Zky2kE4OwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKS01gGP4gVqfRvhkseCH5i4Rt4LMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvcExUV0FZX2lCV3A5Ry1HU3g0SWZtTGhHM2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUqM4AwQC
UqNAAwQCUqPkMA0GCSqGSIb3DQEBCwUAA4IBAQAI1c4gMOPxOQTc93YZpLoWxbCP
2+JOprN5eMLSgHVkUXyfdpEzWSjyjjlEFGyFbW7/QMtUuA2BHjG3fkPWpGaKSMQ2
0H8Ze/swGBHsM42Vp7NTrO0c07BKzgHbcHKdmD3jWcxVEWfgqseZeRlMAGkLe8Bf
Ncb3lM0hwg632zhEfB6A0+fsW+XkQoKO1jfFlOdM+mz4BNA0JgJe+fOq7BbEWk/2
UyMnUuxOS68KPrLHURgqMF1dh6SG2MqoYvp0TtERF7BSVCghAtdmNJaf77aws5II
6tmrOC3taWnE2FFh6r0xOSgwTj7g07cuytz1tpO7oXhG/ERtHITz/qjznrRO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org