Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Piv-cTJH33TVENycLYpRxf927FU.roa
File: Piv-cTJH33TVENycLYpRxf927FU.roa (raw, json)
Hash identifier: nyQHeRPmDwntMZdcycVFUivrW5asW+eTdMADHpKVNFg=
Subject key identifier: 3E:2B:FE:71:32:47:DF:74:D5:10:DC:9C:2D:8A:51:C5:FF:76:EC:55
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 0187F0FF72F0FC13B95D148D7265DB808931
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Piv-cTJH33TVENycLYpRxf927FU.roa
Signing time: Sat 06 May 2023 12:18:05 +0000
ROA not before: Sat 06 May 2023 12:18:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
2a04:2f00:3::/48 maxlen: 48
2a04:2f00:1::/48 maxlen: 48
2a04:2f00:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:ff:72:f0:fc:13:b9:5d:14:8d:72:65:db:80:89:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: May 6 12:18:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e2bfe713247df74d510dc9c2d8a51c5ff76ec55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c3:52:44:29:70:d6:1a:24:c0:fd:14:07:11:
41:ab:50:da:91:09:14:ba:da:68:68:8a:6d:e7:a0:
b1:9f:74:01:fb:b5:58:61:9f:42:db:08:27:a5:d4:
d2:17:4e:f6:f5:bc:41:b9:3c:ed:cb:a6:a5:a8:40:
45:3e:56:55:6a:80:ca:26:c2:27:29:3d:f9:54:7e:
d2:88:ea:5f:c4:ae:ff:43:54:70:13:65:b6:40:15:
a7:91:14:c1:09:2e:f8:ea:78:72:d4:72:ba:b6:2a:
c6:89:d2:9e:54:fd:22:bb:88:16:1f:f6:1e:ff:ed:
eb:29:88:37:58:16:3f:e1:7c:84:02:d0:a1:4d:95:
7e:62:df:8e:e1:1d:e1:bc:61:f2:99:4f:b2:c0:04:
b0:d4:29:7e:28:40:9d:2c:c3:6e:63:b7:66:1c:58:
95:41:34:53:5d:e3:8f:a1:43:f1:a4:d5:44:63:28:
86:5c:d0:3c:44:3c:72:b8:67:76:f1:cd:b3:1e:60:
ad:73:10:ef:c3:bf:6d:45:9d:a1:a0:ce:68:b8:65:
0c:b1:46:92:d3:77:ac:94:ab:5a:58:14:58:5f:d5:
51:29:47:b3:4b:1c:1d:91:53:e0:39:7d:98:b2:90:
6c:55:47:33:d4:08:d0:15:f6:70:d1:52:1c:b8:8d:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2B:FE:71:32:47:DF:74:D5:10:DC:9C:2D:8A:51:C5:FF:76:EC:55
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Piv-cTJH33TVENycLYpRxf927FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.113.0-5.145.114.255
5.145.117.0-5.145.119.255
185.24.252.0/23
IPv6:
2a04:2f00::/46
Signature Algorithm: sha256WithRSAEncryption
c8:cd:2a:90:7a:00:0e:d9:97:87:a1:90:43:e3:cd:99:a5:c0:
f6:66:2e:a3:dd:01:9c:84:61:c3:d0:f7:0a:e3:40:7c:3d:f5:
d6:d6:e0:ad:d2:ca:0c:13:b7:76:b1:f8:08:0c:f1:57:89:69:
78:db:f1:90:b0:e8:26:18:7d:97:49:7d:59:db:d5:48:bf:72:
57:b3:e4:70:75:e2:3f:f7:9a:9d:57:d3:28:da:18:37:14:53:
f2:b0:1d:5e:b1:66:6c:ae:58:c8:0d:38:95:f5:c7:5a:de:9b:
c3:6e:e0:bb:d3:24:21:fe:a8:67:59:3b:9c:c2:79:2b:17:fb:
39:5b:0b:10:69:5a:1b:48:96:68:5b:a7:08:51:f2:5b:0b:7e:
da:fe:ee:e9:0b:88:c5:37:74:4c:f8:78:2f:bd:09:29:80:ed:
5f:44:7c:50:6c:3f:0f:6b:88:c4:12:86:35:68:43:a3:d3:fd:
42:71:b8:e3:d9:f2:d8:d3:5b:01:c4:6b:de:66:d5:a2:27:53:
22:19:26:49:c4:66:72:f6:5c:eb:24:37:8b:c7:23:4b:58:b0:
cc:de:e9:9b:70:a5:07:9f:b4:0b:0f:04:22:75:72:0a:81:9e:
a2:de:fe:39:9d:86:15:09:a6:78:45:6f:5c:6f:c6:87:a2:0d:
40:32:73:a9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYfw/3Lw/BO5XRSNcmXbgIkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjMwNTA2MTIxODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTJiZmU3MTMyNDdkZjc0ZDUxMGRjOWMyZDhhNTFjNWZmNzZlYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8NSRClw1hokwP0UBxFBq1DakQkU
utpoaIpt56Cxn3QB+7VYYZ9C2wgnpdTSF0729bxBuTzty6alqEBFPlZVaoDKJsIn
KT35VH7SiOpfxK7/Q1RwE2W2QBWnkRTBCS746nhy1HK6tirGidKeVP0iu4gWH/Ye
/+3rKYg3WBY/4XyEAtChTZV+Yt+O4R3hvGHymU+ywASw1Cl+KECdLMNuY7dmHFiV
QTRTXeOPoUPxpNVEYyiGXNA8RDxyuGd28c2zHmCtcxDvw79tRZ2hoM5ouGUMsUaS
03eslKtaWBRYX9VRKUezSxwdkVPgOX2YspBsVUcz1AjQFfZw0VIcuI02tQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFD4r/nEyR9901RDcnC2KUcX/duxVMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvUGl2LWNUSkgzM1RWRU55Y0xZcFJ4ZjkyN0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAAFkXED
BAAFkXIwDAMEAAWRdQMEAwWRcAMEAbkY/DAPBAIAAjAJAwcCKgQvAAAAMA0GCSqG
SIb3DQEBCwUAA4IBAQDIzSqQegAO2ZeHoZBD482ZpcD2Zi6j3QGchGHD0PcK40B8
PfXW1uCt0soME7d2sfgIDPFXiWl42/GQsOgmGH2XSX1Z29VIv3JXs+RwdeI/95qd
V9Mo2hg3FFPysB1esWZsrljIDTiV9cda3pvDbuC70yQh/qhnWTucwnkrF/s5WwsQ
aVobSJZoW6cIUfJbC37a/u7pC4jFN3RM+HgvvQkpgO1fRHxQbD8Pa4jEEoY1aEOj
0/1Ccbjj2fLY01sBxGveZtWiJ1MiGSZJxGZy9lzrJDeLxyNLWLDM3umbcKUHn7QL
DwQidXIKgZ6i3v45nYYVCaZ4RW9cb8aHog1AMnOp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:21 2023 by rpki-client on console-fra.rpki-client.org