Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/PPIWTF7YXkGe7o-Np2CcXH-JzXQ.roa
File: PPIWTF7YXkGe7o-Np2CcXH-JzXQ.roa (raw, json)
Hash identifier: Cw/GKhGBfrXAb1mospn49ypTsBBERGipqwaYF0JWBno=
Subject key identifier: 3C:F2:16:4C:5E:D8:5E:41:9E:EE:8F:8D:A7:60:9C:5C:7F:89:CD:74
Certificate issuer: /CN=5b70f736a4b0524a476f6f1be2964ae99b64789f
Certificate serial: 018AD7870F126997F19265AB6A24D4D2C52C
Authority key identifier: 5B:70:F7:36:A4:B0:52:4A:47:6F:6F:1B:E2:96:4A:E9:9B:64:78:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/PPIWTF7YXkGe7o-Np2CcXH-JzXQ.roa
Signing time: Wed 27 Sep 2023 16:44:27 +0000
ROA not before: Wed 27 Sep 2023 16:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5378
IP address blocks: 83.146.4.0/23 maxlen: 23
83.146.0.0/22 maxlen: 22
83.146.0.0/18 maxlen: 18
87.74.0.0/15 maxlen: 15
212.158.192.0/18 maxlen: 18
84.9.0.0/16 maxlen: 16
87.75.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 28 Sep 2023 12:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:87:0f:12:69:97:f1:92:65:ab:6a:24:d4:d2:c5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b70f736a4b0524a476f6f1be2964ae99b64789f
Validity
Not Before: Sep 27 16:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cf2164c5ed85e419eee8f8da7609c5c7f89cd74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:61:2f:ea:6d:df:d6:0a:f1:64:48:ac:50:63:
48:c0:8e:48:1a:31:33:8e:7e:ef:4f:46:a6:d0:b0:
35:39:c1:30:95:b6:86:bf:74:43:12:61:3a:71:43:
5f:11:b1:7b:84:d8:09:6c:c3:8e:07:e8:5e:e0:b4:
2d:91:cb:d6:e9:69:6a:ab:cf:1d:c4:89:9b:30:00:
1b:38:87:3c:b5:66:99:b7:5d:52:97:d1:41:db:2c:
70:de:df:06:e6:43:ee:5b:b6:f6:5d:4d:2b:bc:84:
e4:c7:01:5f:d7:0b:65:43:26:db:0a:1f:01:51:37:
a2:af:da:f0:cd:f0:d5:75:eb:10:71:2b:fd:22:27:
7a:1b:b7:62:6d:77:4d:d0:63:d6:78:21:53:48:62:
2e:00:75:a6:de:66:0d:15:53:88:31:5e:76:19:ae:
96:dc:55:6d:de:09:d4:33:0a:c9:93:32:a6:0a:31:
a3:32:f9:fc:6f:94:e0:46:b5:06:be:f4:59:26:22:
ee:89:42:24:a7:dd:ad:37:cb:e9:55:eb:d7:95:4b:
ef:c5:ec:7a:d8:ec:f8:ac:c2:11:8b:75:5f:60:8c:
88:73:2d:a4:f2:95:55:13:6d:55:fe:5f:49:be:9f:
72:7d:a8:17:e5:98:8c:61:53:57:84:6c:11:1e:57:
ad:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F2:16:4C:5E:D8:5E:41:9E:EE:8F:8D:A7:60:9C:5C:7F:89:CD:74
X509v3 Authority Key Identifier:
keyid:5B:70:F7:36:A4:B0:52:4A:47:6F:6F:1B:E2:96:4A:E9:9B:64:78:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/PPIWTF7YXkGe7o-Np2CcXH-JzXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.146.0.0/18
84.9.0.0/16
87.74.0.0/15
212.158.192.0/18
Signature Algorithm: sha256WithRSAEncryption
ba:54:ee:6b:54:2d:35:6c:2a:74:60:74:8d:15:9b:74:5f:81:
e8:cd:81:28:54:1b:d3:ca:e8:f3:ff:44:67:f4:a8:f8:ca:50:
ef:a1:3e:a6:85:1d:cf:ec:94:af:c7:27:e7:e4:c8:7a:a3:0c:
41:23:dd:29:48:e8:d5:86:f7:4a:ee:54:79:d3:2b:28:8b:55:
ff:90:b9:f7:e5:47:9d:1e:0b:28:cd:83:31:0b:41:da:95:ab:
c9:61:3e:bf:dc:26:03:98:12:99:39:55:f1:d3:7c:15:ee:0d:
53:e4:7d:cb:ec:21:e7:0e:10:d9:cb:b5:43:9a:97:c5:51:1c:
3c:fa:5c:f1:fb:b6:24:d9:1d:28:73:d3:11:4f:a1:4d:b9:cb:
70:b8:21:7b:2b:55:66:61:32:bb:82:bf:9f:9e:78:a4:58:92:
11:23:3d:ba:85:d5:64:9f:e3:92:bf:24:dc:39:8a:a9:c5:ed:
df:4d:75:76:39:e1:29:ab:52:94:83:1b:67:d2:7c:f4:1f:57:
4d:a1:d4:04:a7:0b:10:4d:0d:00:02:da:10:60:de:2d:b5:c5:
90:6c:2a:5f:f8:ed:a4:79:44:ef:f8:d7:fe:1a:6b:0a:0e:88:
a0:df:4b:2c:80:1d:8a:a5:55:a8:6a:a9:d4:4a:a6:03:b4:51:
09:65:8d:6e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYrXhw8SaZfxkmWraiTU0sUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNzBmNzM2YTRiMDUyNGE0NzZmNmYxYmUyOTY0YWU5OWI2
NDc4OWYwHhcNMjMwOTI3MTY0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2YyMTY0YzVlZDg1ZTQxOWVlZThmOGRhNzYwOWM1YzdmODljZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2Ev6m3f1grxZEisUGNIwI5IGjEz
jn7vT0am0LA1OcEwlbaGv3RDEmE6cUNfEbF7hNgJbMOOB+he4LQtkcvW6Wlqq88d
xImbMAAbOIc8tWaZt11Sl9FB2yxw3t8G5kPuW7b2XU0rvITkxwFf1wtlQybbCh8B
UTeir9rwzfDVdesQcSv9Iid6G7dibXdN0GPWeCFTSGIuAHWm3mYNFVOIMV52Ga6W
3FVt3gnUMwrJkzKmCjGjMvn8b5TgRrUGvvRZJiLuiUIkp92tN8vpVevXlUvvxex6
2Oz4rMIRi3VfYIyIcy2k8pVVE21V/l9Jvp9yfagX5ZiMYVNXhGwRHlet8wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDzyFkxe2F5Bnu6PjadgnFx/ic10MB8GA1UdIwQY
MBaAFFtw9zaksFJKR29vG+KWSumbZHifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNEM05xU3dVa3BIYjI4YjRwWks2WnRrZUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YTM4NDYtODVkOS00ZDk0LTllYjAt
Mjk3ODRkN2I2OGEyLzEvUFBJV1RGN1lYa0dlN28tTnAyQ2NYSC1KelhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YTM4NDYtODVkOS00ZDk0LTllYjAtMjk3ODRkN2I2OGEy
LzEvVzNEM05xU3dVa3BIYjI4YjRwWks2WnRrZUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwQGU5IAAwMA
VAkDAwFXSgMEBtSewDANBgkqhkiG9w0BAQsFAAOCAQEAulTua1QtNWwqdGB0jRWb
dF+B6M2BKFQb08ro8/9EZ/So+MpQ76E+poUdz+yUr8cn5+TIeqMMQSPdKUjo1Yb3
Su5UedMrKItV/5C59+VHnR4LKM2DMQtB2pWryWE+v9wmA5gSmTlV8dN8Fe4NU+R9
y+wh5w4Q2cu1Q5qXxVEcPPpc8fu2JNkdKHPTEU+hTbnLcLgheytVZmEyu4K/n554
pFiSESM9uoXVZJ/jkr8k3DmKqcXt3011djnhKatSlIMbZ9J89B9XTaHUBKcLEE0N
AALaEGDeLbXFkGwqX/jtpHlE7/jX/hprCg6IoN9LLIAdiqVVqGqp1EqmA7RRCWWN
bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org