Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/PWiSFGdw_lPTynr5wxRzFOxz7ZM.roa
File: PWiSFGdw_lPTynr5wxRzFOxz7ZM.roa (raw, json)
Hash identifier: esfwcZoqeIvWpb/9shKc9p2Lt4ynlWoWasczEH7qthU=
Subject key identifier: 3D:68:92:14:67:70:FE:53:D3:CA:7A:F9:C3:14:73:14:EC:73:ED:93
Certificate issuer: /CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Certificate serial: 018EE8B42D38EE27984C15B6F3B8D675AC02
Authority key identifier: 04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/PWiSFGdw_lPTynr5wxRzFOxz7ZM.roa
Signing time: Tue 16 Apr 2024 20:58:25 +0000
ROA not before: Tue 16 Apr 2024 20:58:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8529
IP address blocks: 82.178.32.0/24 maxlen: 24
82.178.33.0/24 maxlen: 24
82.178.158.0/23 maxlen: 23
82.178.158.0/24 maxlen: 24
82.178.159.0/24 maxlen: 24
134.0.216.0/22 maxlen: 22
134.0.220.0/22 maxlen: 22
185.200.124.0/24 maxlen: 24
185.200.125.0/24 maxlen: 24
213.202.0.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 09 May 2024 12:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e8:b4:2d:38:ee:27:98:4c:15:b6:f3:b8:d6:75:ac:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Validity
Not Before: Apr 16 20:58:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d6892146770fe53d3ca7af9c3147314ec73ed93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:21:ab:3c:ba:ad:72:41:eb:f8:85:25:0e:d4:
2d:d2:cd:5f:21:34:5e:cd:25:17:a7:2c:83:7c:19:
95:67:06:6c:e9:8d:51:38:51:bd:02:13:20:50:85:
88:8f:4a:1d:c2:fe:b7:44:66:ed:d5:cd:70:38:a2:
82:b4:00:e9:5c:e9:5d:77:b4:b7:c7:83:fd:6a:5d:
2e:45:6c:c8:ee:95:7f:07:a9:ac:11:e1:af:dd:bb:
39:b1:03:b1:b4:10:97:62:ac:c8:30:78:69:9e:d4:
5f:d7:eb:9e:f0:0c:7b:97:14:d3:7c:2f:c9:4a:60:
7c:52:68:ca:99:57:36:d1:45:3a:5c:e8:5b:0e:30:
fd:8f:de:24:a9:7b:8c:fd:53:6e:d0:05:8d:0d:bd:
4e:7b:1a:8e:00:7a:b0:5d:20:19:26:6d:53:ec:a8:
9c:c5:e7:85:16:80:8c:7c:28:c0:6d:08:86:be:63:
70:67:83:f3:e7:c7:a1:8b:29:3c:0b:9e:64:d6:81:
8d:41:12:7b:2e:05:77:e0:59:cc:63:59:e1:55:77:
4d:76:db:92:30:d3:01:9a:ea:9b:b1:2f:91:67:dc:
1f:f0:58:e4:9c:89:cb:1d:d7:3b:e4:1f:41:47:12:
52:a3:f5:76:25:a3:42:e8:a2:61:d8:4c:8f:07:a7:
2a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:68:92:14:67:70:FE:53:D3:CA:7A:F9:C3:14:73:14:EC:73:ED:93
X509v3 Authority Key Identifier:
keyid:04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/PWiSFGdw_lPTynr5wxRzFOxz7ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.178.32.0/23
82.178.158.0/23
134.0.216.0/21
185.200.124.0/23
213.202.0.0/21
Signature Algorithm: sha256WithRSAEncryption
39:c8:87:cf:0e:e2:b3:b4:87:60:cb:2d:e8:0f:a1:0e:48:27:
13:58:c8:be:a7:9b:4b:1a:70:d0:c7:28:9e:8f:2e:c1:e0:1c:
d8:56:d2:2e:80:60:a2:aa:c0:3b:4c:08:df:e3:aa:b7:ae:0a:
58:ab:c0:97:51:53:de:96:cd:5f:3c:09:42:38:ed:1c:b4:14:
74:52:51:6f:e1:65:fa:43:1c:8b:f8:e1:b3:05:a4:0b:23:e5:
31:ea:58:a6:8f:be:b2:64:af:0f:b6:22:24:71:8f:0e:35:91:
9e:5e:2a:1a:b3:55:3a:da:a5:ad:68:0d:7e:b7:6d:a3:4e:85:
36:eb:32:af:58:df:e7:3c:98:f3:86:c5:17:17:42:dc:09:84:
94:6b:d3:c8:37:da:13:69:d4:f4:8b:6c:a8:c8:50:37:0d:96:
86:96:17:32:3b:d8:61:31:cc:e5:ca:b1:76:57:40:3c:89:56:
45:e5:54:48:a3:50:81:a6:61:cb:3a:a3:fd:3e:e5:b3:c9:04:
3f:7d:d0:a8:4f:d6:01:31:00:4c:cc:6d:49:70:8d:96:c0:7f:
6a:d8:39:f2:b1:7f:e1:19:01:54:60:dd:96:8b:d1:f5:d1:7a:
02:fc:8d:29:bc:5e:ab:db:01:da:6f:00:e8:79:c8:d0:33:43:
3c:4a:03:bd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7otC047ieYTBW287jWdawCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmQ5ZjRkNmFmZjM4M2M1OWU5ZGU3ODAyZGJlZTAyNGVl
ODg3ZGMwHhcNMjQwNDE2MjA1ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY4OTIxNDY3NzBmZTUzZDNjYTdhZjljMzE0NzMxNGVjNzNlZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriGrPLqtckHr+IUlDtQt0s1fITRe
zSUXpyyDfBmVZwZs6Y1ROFG9AhMgUIWIj0odwv63RGbt1c1wOKKCtADpXOldd7S3
x4P9al0uRWzI7pV/B6msEeGv3bs5sQOxtBCXYqzIMHhpntRf1+ue8Ax7lxTTfC/J
SmB8UmjKmVc20UU6XOhbDjD9j94kqXuM/VNu0AWNDb1OexqOAHqwXSAZJm1T7Kic
xeeFFoCMfCjAbQiGvmNwZ4Pz58ehiyk8C55k1oGNQRJ7LgV34FnMY1nhVXdNdtuS
MNMBmuqbsS+RZ9wf8FjknInLHdc75B9BRxJSo/V2JaNC6KJh2EyPB6cqNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD1okhRncP5T08p6+cMUcxTsc+2TMB8GA1UdIwQY
MBaAFAQtn01q/zg8WeneeALb7gJO6IfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEt
YWFlMTQ0NzYwM2MwLzEvUFdpU0ZHZHdfbFBUeW5yNXd4UnpGT3h6N1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEtYWFlMTQ0NzYwM2Mw
LzEvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUrIgAwQB
UrKeAwQDhgDYAwQBuch8AwQD1coAMA0GCSqGSIb3DQEBCwUAA4IBAQA5yIfPDuKz
tIdgyy3oD6EOSCcTWMi+p5tLGnDQxyiejy7B4BzYVtIugGCiqsA7TAjf46q3rgpY
q8CXUVPels1fPAlCOO0ctBR0UlFv4WX6QxyL+OGzBaQLI+Ux6limj76yZK8PtiIk
cY8ONZGeXioas1U62qWtaA1+t22jToU26zKvWN/nPJjzhsUXF0LcCYSUa9PIN9oT
adT0i2yoyFA3DZaGlhcyO9hhMczlyrF2V0A8iVZF5VRIo1CBpmHLOqP9PuWzyQQ/
fdCoT9YBMQBMzG1JcI2WwH9q2DnysX/hGQFUYN2Wi9H10XoC/I0pvF6r2wHabwDo
ecjQM0M8SgO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:48 2024 by rpki-client on console-fra.rpki-client.org