Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/PpzScb1f-u3fE56XhlRpyF4UIlA.roa
File: PpzScb1f-u3fE56XhlRpyF4UIlA.roa (raw, json)
Hash identifier: eGV0p60oPrM97lnGJozpFL4XS8+Yb8MsI6TqsRzytYQ=
Subject key identifier: 3E:9C:D2:71:BD:5F:FA:ED:DF:13:9E:97:86:54:69:C8:5E:14:22:50
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 018CC6B822ED314545A12C881426AE0AA47F
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/PpzScb1f-u3fE56XhlRpyF4UIlA.roa
Signing time: Mon 01 Jan 2024 20:30:05 +0000
ROA not before: Mon 01 Jan 2024 20:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 145.219.64.0/18 maxlen: 18
145.219.0.0/21 maxlen: 21
145.219.18.0/23 maxlen: 23
145.219.20.0/22 maxlen: 22
145.219.128.0/17 maxlen: 17
145.219.24.0/21 maxlen: 21
193.176.255.0/24 maxlen: 24
145.219.32.0/19 maxlen: 19
2a04:b0c4::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 19 Mar 2024 11:20:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:22:ed:31:45:45:a1:2c:88:14:26:ae:0a:a4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jan 1 20:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e9cd271bd5ffaeddf139e97865469c85e142250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9a:3c:a5:e7:93:b5:a7:de:46:95:f0:71:10:
70:71:9c:82:34:d1:70:b9:b4:6d:7e:d0:a6:cb:b1:
15:aa:b0:60:38:04:cf:01:38:da:18:73:6f:17:3b:
67:ed:36:00:eb:ac:d6:21:5f:22:bf:b4:d6:fe:53:
e7:f9:dd:c9:d7:e3:e6:fd:bf:2f:39:74:7a:16:97:
64:8e:c0:1a:48:56:9e:16:c2:0d:ae:81:e3:e8:a2:
8a:28:4d:0c:21:1f:e9:fc:e4:be:05:49:60:55:e4:
83:a2:2c:8e:bc:1b:0a:fd:b1:2e:d3:4e:fa:a6:d2:
f0:c8:51:fe:a2:b3:c5:46:f6:45:cc:73:a1:55:7f:
75:c4:0c:c3:30:2a:2c:8d:5a:b1:8a:8c:87:65:7c:
14:dc:cb:7e:2b:38:32:98:7a:c3:00:db:2f:53:06:
40:72:3c:ab:4e:3b:e0:a7:1d:00:79:c0:45:dc:bb:
3a:08:2f:17:2c:af:52:61:00:6a:f1:e5:e7:13:e9:
89:49:ab:eb:15:c2:bb:72:35:7f:10:c2:81:5d:7b:
8f:0c:7c:f6:6b:c0:59:03:3b:ec:0a:8b:5f:71:57:
90:00:82:27:66:d8:ff:ed:10:69:06:6e:8e:5e:04:
34:59:58:be:4e:3e:dd:ed:46:fe:17:7f:42:12:5a:
ef:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:9C:D2:71:BD:5F:FA:ED:DF:13:9E:97:86:54:69:C8:5E:14:22:50
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/PpzScb1f-u3fE56XhlRpyF4UIlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.0.0/21
145.219.18.0-145.219.255.255
193.176.255.0/24
IPv6:
2a04:b0c4::/30
Signature Algorithm: sha256WithRSAEncryption
61:9c:a3:67:1e:cf:d3:5a:40:1f:fa:2f:f5:00:de:7a:60:bd:
07:44:70:f4:6f:fa:4a:90:3c:b4:0f:f7:e5:61:17:c6:e1:e5:
eb:8e:ef:15:27:f9:36:7c:5d:00:c3:0e:96:ca:f0:0e:85:ab:
7f:ec:60:cb:17:a5:a8:84:a4:e8:2b:35:9a:34:ff:17:37:85:
9f:48:a9:71:40:0d:8d:fe:c9:7d:40:ab:31:4e:8b:be:c7:06:
05:ea:42:e2:89:d6:2f:bd:a0:ea:be:66:fe:8c:2b:9b:9e:92:
f4:4c:01:72:f1:53:5a:56:5b:bf:fe:48:ab:8d:ec:a0:5b:70:
c4:14:51:73:ac:d7:64:39:d9:f0:be:5c:06:5d:d7:ed:19:a4:
9e:27:7f:07:b3:57:a8:d7:3f:7d:d2:c7:62:67:5e:47:3d:3f:
a0:07:45:c4:04:b7:c9:73:f8:a1:22:6b:fc:6a:54:44:84:df:
06:64:9c:01:e6:af:25:b2:c6:f5:3c:bf:7c:eb:6c:d3:e3:aa:
28:f3:3d:f4:1c:b8:99:34:b4:5c:50:01:92:af:d4:58:e0:31:
05:f7:82:30:b6:b4:49:dc:92:04:83:19:3e:a5:d2:de:71:a1:
0d:21:c9:75:f7:31:2b:d8:2e:ff:39:88:7f:96:6d:94:4c:ac:
61:87:f1:c0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGuCLtMUVFoSyIFCauCqR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwMTAxMjAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTljZDI3MWJkNWZmYWVkZGYxMzllOTc4NjU0NjljODVlMTQyMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpo8peeTtafeRpXwcRBwcZyCNNFw
ubRtftCmy7EVqrBgOATPATjaGHNvFztn7TYA66zWIV8iv7TW/lPn+d3J1+Pm/b8v
OXR6FpdkjsAaSFaeFsINroHj6KKKKE0MIR/p/OS+BUlgVeSDoiyOvBsK/bEu0076
ptLwyFH+orPFRvZFzHOhVX91xAzDMCosjVqxioyHZXwU3Mt+KzgymHrDANsvUwZA
cjyrTjvgpx0AecBF3Ls6CC8XLK9SYQBq8eXnE+mJSavrFcK7cjV/EMKBXXuPDHz2
a8BZAzvsCotfcVeQAIInZtj/7RBpBm6OXgQ0WVi+Tj7d7Ub+F39CElrv1wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFD6c0nG9X/rt3xOel4ZUacheFCJQMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvUHB6U2NiMWYtdTNmRTU2WGhsUnB5RjRVSWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQDkdsAMAsD
BAGR2xIDAwKR2AMEAMGw/zANBAIAAjAHAwUCKgSwxDANBgkqhkiG9w0BAQsFAAOC
AQEAYZyjZx7P01pAH/ov9QDeemC9B0Rw9G/6SpA8tA/35WEXxuHl647vFSf5Nnxd
AMMOlsrwDoWrf+xgyxelqISk6Cs1mjT/FzeFn0ipcUANjf7JfUCrMU6LvscGBepC
4onWL72g6r5m/owrm56S9EwBcvFTWlZbv/5Iq43soFtwxBRRc6zXZDnZ8L5cBl3X
7Rmknid/B7NXqNc/fdLHYmdeRz0/oAdFxAS3yXP4oSJr/GpURITfBmScAeavJbLG
9Ty/fOts0+OqKPM99By4mTS0XFABkq/UWOAxBfeCMLa0SdySBIMZPqXS3nGhDSHJ
dfcxK9gu/zmIf5ZtlEysYYfxwA==
-----END CERTIFICATE-----
Generated at Tue Mar 19 14:59:07 2024 by rpki-client on console-fra.rpki-client.org