Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PgEzjbW4OmTg90s6_ujFpO-QDTM.roa
File: PgEzjbW4OmTg90s6_ujFpO-QDTM.roa (raw, json)
Hash identifier: +aTqPNgY4HV+AaentwfPbvIellC2nVVNCmVittKsQa8=
Subject key identifier: 3E:01:33:8D:B5:B8:3A:64:E0:F7:4B:3A:FE:E8:C5:A4:EF:90:0D:33
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 018E80645E53912F2F06A47F10DDC6274343
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PgEzjbW4OmTg90s6_ujFpO-QDTM.roa
Signing time: Wed 27 Mar 2024 14:50:44 +0000
ROA not before: Wed 27 Mar 2024 14:50:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51264
IP address blocks: 91.228.218.0/24 maxlen: 24
194.0.206.0/24 maxlen: 24
194.143.146.0/24 maxlen: 24
195.14.123.0/24 maxlen: 24
195.93.173.0/24 maxlen: 24
2001:678:cfc::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 19:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:80:64:5e:53:91:2f:2f:06:a4:7f:10:dd:c6:27:43:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Mar 27 14:50:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e01338db5b83a64e0f74b3afee8c5a4ef900d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dd:a7:1e:33:43:87:7f:10:38:2e:bd:30:38:
dc:db:73:ba:1c:74:c8:dd:b0:b2:90:f7:a2:2a:04:
9c:66:ef:6d:4c:9e:2a:d6:3a:07:74:e9:09:bd:28:
c7:9c:fe:35:1f:8f:98:b9:14:03:5e:6a:fe:e0:a2:
2e:0b:1d:aa:d3:ed:34:1e:b0:55:60:04:c5:03:ed:
3c:d3:ba:33:d3:a3:55:1a:33:ed:a6:91:8e:11:8c:
dc:a2:22:3e:bf:45:57:00:44:43:20:f2:9d:9a:29:
fe:0e:81:62:4f:b2:5c:96:5a:d8:75:da:b2:4d:6f:
70:54:7a:4d:30:a5:e4:8c:61:ed:68:91:55:6f:ec:
29:80:1b:5d:5c:54:12:48:6b:24:ca:89:a4:b0:c1:
3a:0c:6e:4e:57:e5:5f:23:6e:02:e2:a6:ab:43:c3:
9a:85:f0:dc:23:ce:b4:44:a7:62:c3:b7:0d:a4:f3:
d6:a4:22:bf:97:84:f0:10:f5:27:77:9a:3c:8e:20:
68:3c:42:ce:4e:5f:85:d1:85:e2:d4:fa:c0:8d:76:
60:e8:6e:65:be:23:b1:9b:2b:f1:b7:db:c2:15:28:
0d:0c:40:69:c8:0f:eb:4d:7e:ad:6e:77:de:cd:42:
1c:b1:c1:8a:f3:ad:e7:f7:b6:9e:4d:f1:79:54:32:
ae:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:01:33:8D:B5:B8:3A:64:E0:F7:4B:3A:FE:E8:C5:A4:EF:90:0D:33
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PgEzjbW4OmTg90s6_ujFpO-QDTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.218.0/24
194.0.206.0/24
194.143.146.0/24
195.14.123.0/24
195.93.173.0/24
IPv6:
2001:678:cfc::/48
Signature Algorithm: sha256WithRSAEncryption
22:cd:80:59:de:26:5e:6d:19:b7:35:0c:a2:58:a0:bd:f6:18:
b9:ca:b4:23:55:55:be:27:d5:41:f0:af:cd:15:bc:00:59:f4:
5c:cf:01:99:79:e7:26:dd:40:f0:7c:45:82:ee:a3:0b:e3:5e:
f4:92:a6:3d:d1:eb:28:63:54:81:b5:4e:d5:1b:2c:13:57:f6:
a1:e5:15:51:60:36:3f:4a:bc:99:65:45:7f:ed:d0:22:8d:dd:
1c:3e:f4:46:be:3a:a5:1b:e9:49:e7:d3:78:7f:90:44:3c:d8:
25:5c:93:b3:28:ab:af:62:10:e0:88:77:c3:63:24:ee:31:6c:
2b:a0:c0:3c:1f:61:03:60:42:92:45:52:2c:c9:32:81:67:bc:
95:64:a5:3b:5a:7a:41:f3:f4:94:48:c5:ee:d4:65:62:c8:2a:
b6:10:49:aa:51:ce:69:60:35:4b:9a:1b:b0:c6:23:d9:4a:b9:
f2:9b:7f:52:91:f8:f1:03:69:c1:2d:c5:0c:eb:96:e6:bb:a7:
f3:fc:6b:7e:18:e5:4e:9d:89:9b:ed:37:df:4b:41:a1:f2:4f:
61:08:45:fd:fa:b6:8a:28:aa:92:79:58:ec:4d:b6:4b:f5:b9:
37:fc:c4:2e:39:3c:6f:72:7d:7a:d1:96:11:4c:42:29:95:42:
d3:23:2a:40
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY6AZF5TkS8vBqR/EN3GJ0NDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjQwMzI3MTQ1MDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTAxMzM4ZGI1YjgzYTY0ZTBmNzRiM2FmZWU4YzVhNGVmOTAwZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN2nHjNDh38QOC69MDjc23O6HHTI
3bCykPeiKgScZu9tTJ4q1joHdOkJvSjHnP41H4+YuRQDXmr+4KIuCx2q0+00HrBV
YATFA+0807oz06NVGjPtppGOEYzcoiI+v0VXAERDIPKdmin+DoFiT7JcllrYddqy
TW9wVHpNMKXkjGHtaJFVb+wpgBtdXFQSSGskyomksME6DG5OV+VfI24C4qarQ8Oa
hfDcI860RKdiw7cNpPPWpCK/l4TwEPUnd5o8jiBoPELOTl+F0YXi1PrAjXZg6G5l
viOxmyvxt9vCFSgNDEBpyA/rTX6tbnfezUIcscGK863n97aeTfF5VDKuFQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFD4BM421uDpk4PdLOv7oxaTvkA0zMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvUGdFempiVzRPbVRnOTBzNl91akZwTy1RRFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW+TaAwQA
wgDOAwQAwo+SAwQAww57AwQAw12tMA8EAgACMAkDBwAgAQZ4DPwwDQYJKoZIhvcN
AQELBQADggEBACLNgFneJl5tGbc1DKJYoL32GLnKtCNVVb4n1UHwr80VvABZ9FzP
AZl55ybdQPB8RYLuowvjXvSSpj3R6yhjVIG1TtUbLBNX9qHlFVFgNj9KvJllRX/t
0CKN3Rw+9Ea+OqUb6Unn03h/kEQ82CVck7Moq69iEOCId8NjJO4xbCugwDwfYQNg
QpJFUizJMoFnvJVkpTtaekHz9JRIxe7UZWLIKrYQSapRzmlgNUuaG7DGI9lKufKb
f1KR+PEDacEtxQzrlua7p/P8a34Y5U6diZvtN99LQaHyT2EIRf36toooqpJ5WOxN
tkv1uTf8xC45PG9yfXrRlhFMQimVQtMjKkA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:50 2025 by rpki-client