Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/pvwhN9DK9SzS6243eJjCNSsEF3E.roa
File: pvwhN9DK9SzS6243eJjCNSsEF3E.roa (raw, json)
Hash identifier: 9ekHQooL2cZe1+lqdm0/8ZxrmkP/c/JAfFb02khwyHU=
Subject key identifier: A6:FC:21:37:D0:CA:F5:2C:D2:EB:6E:37:78:98:C2:35:2B:04:17:71
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018D6AA0BFE5A048F505D7A7B6D0BA52C793
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/pvwhN9DK9SzS6243eJjCNSsEF3E.roa
Signing time: Fri 02 Feb 2024 16:22:16 +0000
ROA not before: Fri 02 Feb 2024 16:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 91.84.0.0/18 maxlen: 18
91.84.96.0/19 maxlen: 19
91.84.128.0/17 maxlen: 17
91.85.0.0/17 maxlen: 17
91.85.128.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
194.46.32.0/19 maxlen: 19
194.46.64.0/19 maxlen: 19
194.46.80.0/20 maxlen: 20
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.80.0/21 maxlen: 21
212.108.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:a0:bf:e5:a0:48:f5:05:d7:a7:b6:d0:ba:52:c7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Feb 2 16:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6fc2137d0caf52cd2eb6e377898c2352b041771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:50:df:fd:c5:31:4b:5f:83:15:89:90:d7:25:
76:76:e9:ac:58:84:a0:ac:44:06:55:ce:37:a6:82:
07:9f:b6:73:32:17:f3:aa:6b:da:cf:31:07:13:40:
f0:de:13:1f:20:5c:41:65:1a:e6:16:2b:d3:e3:8c:
35:20:31:38:49:2d:c4:99:55:b6:57:12:f8:eb:01:
5a:aa:45:29:6e:82:51:31:7d:41:90:f0:fe:3b:f8:
f0:70:ce:dd:67:2d:91:7a:8e:5f:0d:27:90:eb:86:
48:2d:ae:bd:a1:0f:08:e1:e8:58:70:f6:26:fa:ad:
73:c4:cd:73:ce:33:70:de:fd:71:39:27:33:8d:27:
71:83:00:b4:c2:2c:8c:d0:4e:f1:aa:49:d7:5e:f6:
ba:41:27:9b:49:a9:2e:63:7c:dc:0d:fa:a9:3b:88:
2c:e2:aa:c0:c5:5c:88:87:4f:31:b8:c0:c3:a2:b4:
2b:65:1c:27:35:85:86:66:09:d8:70:1d:db:eb:0f:
4e:eb:59:5f:5e:b8:fa:c8:39:61:6a:bf:4d:8b:1e:
a1:ec:77:e3:f5:2b:35:ea:eb:f2:e9:62:1a:ab:35:
45:c0:e9:bd:88:30:8b:8a:84:a2:94:5d:e6:0d:3c:
08:72:a1:52:af:6a:b2:e2:aa:df:50:15:95:cb:e3:
a2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FC:21:37:D0:CA:F5:2C:D2:EB:6E:37:78:98:C2:35:2B:04:17:71
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/pvwhN9DK9SzS6243eJjCNSsEF3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/18
91.84.96.0-91.85.159.255
91.85.192.0/18
194.46.32.0-194.46.95.255
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.80.0-212.108.89.255
Signature Algorithm: sha256WithRSAEncryption
7c:2d:7c:9e:ab:a1:5f:e3:fd:a5:74:67:60:4c:90:71:b8:52:
d8:bd:f3:17:29:44:39:4c:54:af:e0:6b:77:49:4d:ba:0b:68:
b0:34:d5:4e:ba:de:c8:5e:53:ab:a3:7e:f9:72:92:22:00:4b:
0d:48:2d:44:aa:5e:70:fd:4e:83:c7:bc:31:f6:dc:47:dc:e4:
db:14:e3:cd:1d:eb:44:1a:46:23:45:5c:f7:68:6c:e6:77:53:
ac:7a:58:5c:d2:7a:0e:ab:2c:16:31:33:bb:e5:23:9d:72:20:
6a:40:5d:9f:58:e3:20:0d:7c:02:c4:30:91:19:07:8e:4b:95:
76:35:32:2f:a4:cf:c0:b3:46:56:ec:d9:7f:57:b5:ce:34:02:
0d:e1:02:b6:2a:68:92:0e:5f:52:20:ce:cc:b6:d4:77:00:5d:
41:01:e6:e2:c6:53:58:bf:d7:88:9d:ba:cf:1a:68:88:32:7d:
4a:02:e7:66:7e:47:43:84:13:05:3a:e6:14:95:b6:c4:ca:0c:
82:66:0f:65:f7:76:01:b9:8d:74:3e:92:cd:a9:eb:8d:f1:31:
1d:58:45:32:58:f8:f6:9d:e6:e0:b5:4b:e6:bb:ae:a4:f9:3f:
66:c1:ef:4a:b1:59:ab:f8:a0:65:a3:fb:19:9e:9e:f0:a3:64:
69:f6:0b:42
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY1qoL/loEj1BdenttC6UseTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMjAyMTYyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmZjMjEzN2QwY2FmNTJjZDJlYjZlMzc3ODk4YzIzNTJiMDQxNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFDf/cUxS1+DFYmQ1yV2dumsWISg
rEQGVc43poIHn7ZzMhfzqmvazzEHE0Dw3hMfIFxBZRrmFivT44w1IDE4SS3EmVW2
VxL46wFaqkUpboJRMX1BkPD+O/jwcM7dZy2Reo5fDSeQ64ZILa69oQ8I4ehYcPYm
+q1zxM1zzjNw3v1xOSczjSdxgwC0wiyM0E7xqknXXva6QSebSakuY3zcDfqpO4gs
4qrAxVyIh08xuMDDorQrZRwnNYWGZgnYcB3b6w9O61lfXrj6yDlhar9Nix6h7Hfj
9Ss16uvy6WIaqzVFwOm9iDCLioSilF3mDTwIcqFSr2qy4qrfUBWVy+OieQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKb8ITfQyvUs0utuN3iYwjUrBBdxMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvcHZ3aE45REs5U3pTNjI0M2VKakNOU3NFRjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEBltU
ADAMAwQFW1RgAwQFW1WAAwQGW1XAMAwDBAXCLiADBAXCLkAwDAMEANRogQMEANRo
ggMEANRohAMEANRoiAMEANRojzAMAwQA1GiVAwQA1GiWAwQA1GiYMAwDBADUaJsD
BADUaJwDBADUaJ8wDAMEBNRsUAMEAdRsWDANBgkqhkiG9w0BAQsFAAOCAQEAfC18
nquhX+P9pXRnYEyQcbhS2L3zFylEOUxUr+Brd0lNugtosDTVTrreyF5Tq6N++XKS
IgBLDUgtRKpecP1Og8e8MfbcR9zk2xTjzR3rRBpGI0Vc92hs5ndTrHpYXNJ6Dqss
FjEzu+UjnXIgakBdn1jjIA18AsQwkRkHjkuVdjUyL6TPwLNGVuzZf1e1zjQCDeEC
tipokg5fUiDOzLbUdwBdQQHm4sZTWL/XiJ26zxpoiDJ9SgLnZn5HQ4QTBTrmFJW2
xMoMgmYPZfd2AbmNdD6SzanrjfExHVhFMlj49p3m4LVL5ruupPk/ZsHvSrFZq/ig
ZaP7GZ6e8KNkafYLQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:14 2024 by rpki-client on console-fra.rpki-client.org