Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/PYKZClxooQWuepuiCeLRS55oOnk.roa
File: PYKZClxooQWuepuiCeLRS55oOnk.roa (raw, json)
Hash identifier: K1L401eTPI0dIWcb0wxfY8ax0X8OyQjj0z2ZjVy4T80=
Subject key identifier: 3D:82:99:0A:5C:68:A1:05:AE:7A:9B:A2:09:E2:D1:4B:9E:68:3A:79
Certificate issuer: /CN=d7498cd327ea33bff8629d7f49d6be3adc5ff32c
Certificate serial: 01856B6EB2456916C743ABE6523760D68DAF
Authority key identifier: D7:49:8C:D3:27:EA:33:BF:F8:62:9D:7F:49:D6:BE:3A:DC:5F:F3:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10mM0yfqM7_4Yp1_Sda-Otxf8yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/PYKZClxooQWuepuiCeLRS55oOnk.roa
Signing time: Sun 01 Jan 2023 03:44:54 +0000
ROA not before: Sun 01 Jan 2023 03:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 193.247.190.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:b2:45:69:16:c7:43:ab:e6:52:37:60:d6:8d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7498cd327ea33bff8629d7f49d6be3adc5ff32c
Validity
Not Before: Jan 1 03:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d82990a5c68a105ae7a9ba209e2d14b9e683a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:2d:52:f3:c0:7d:db:f3:34:d5:ee:45:b8:
06:e1:ca:e2:91:4c:71:1e:27:28:a4:44:fd:95:c1:
60:f8:27:67:dd:c7:98:bc:40:9e:e0:84:18:84:71:
d4:49:37:91:56:da:83:36:ea:e4:e9:6c:a7:e5:65:
85:75:b7:72:4e:a8:b9:ea:68:89:e2:5d:41:d1:f0:
83:a7:ba:f9:9c:48:c1:5e:ea:23:d8:73:1e:24:e6:
72:94:86:9a:6f:e8:42:e4:25:b7:90:52:03:e9:4e:
73:3f:4d:ee:f1:18:f1:7a:a4:e3:65:de:6e:54:7c:
c6:ed:3c:a4:79:64:dd:90:97:bb:0b:b1:99:ee:21:
b3:25:72:28:e7:21:32:07:db:be:9d:c3:83:e9:09:
f6:5f:b5:a7:d4:78:a5:e0:a0:76:20:2e:2b:64:0d:
b3:eb:a0:f7:0f:51:c4:26:76:01:0f:f1:10:db:f7:
2f:fa:d7:86:83:89:67:18:5d:23:42:ac:51:9f:ef:
f0:64:3d:c2:b4:bc:3b:d2:c6:92:89:e6:ea:f5:ff:
27:c6:03:99:c4:80:0c:6f:4f:f6:81:97:4d:a1:0b:
85:d9:d9:88:b1:43:14:53:b6:cd:6c:7a:c5:2f:7a:
dc:c6:ed:1f:34:8d:ae:be:0d:32:7d:00:f2:16:47:
3b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:82:99:0A:5C:68:A1:05:AE:7A:9B:A2:09:E2:D1:4B:9E:68:3A:79
X509v3 Authority Key Identifier:
keyid:D7:49:8C:D3:27:EA:33:BF:F8:62:9D:7F:49:D6:BE:3A:DC:5F:F3:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10mM0yfqM7_4Yp1_Sda-Otxf8yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/PYKZClxooQWuepuiCeLRS55oOnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/10mM0yfqM7_4Yp1_Sda-Otxf8yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.190.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:38:b2:9d:d0:5e:84:32:90:9f:6c:e7:f2:eb:ca:c2:b8:f3:
aa:5d:fa:31:1b:8a:e6:da:9b:51:0c:99:5b:0d:96:44:ed:00:
c9:6e:cc:a9:56:90:5b:1c:ad:a3:e6:65:7b:83:6f:15:a1:80:
b5:c5:f3:31:95:7d:5e:8f:60:a6:93:e8:b0:ed:db:25:2b:1a:
45:f1:f4:b6:63:eb:33:75:5d:43:6a:67:aa:30:5d:7f:41:f4:
60:f4:7d:6c:ba:f7:53:76:11:b7:51:0a:1e:f6:cd:4b:7b:17:
8a:9b:12:6f:28:3d:ca:48:02:23:9a:d1:86:ac:00:dc:d7:1a:
04:94:be:55:90:a6:b8:7c:30:0b:50:7b:e1:21:a3:90:8b:af:
fe:af:40:f4:59:48:28:dd:99:7c:51:6e:23:bc:80:71:85:f5:
6f:1e:16:63:98:be:f4:ac:f0:c4:09:e3:ee:2f:2d:56:05:5c:
f5:39:b4:3b:26:ac:f1:74:99:bf:47:a6:62:39:3f:e3:28:7d:
3f:1f:48:d4:46:77:6a:a8:04:20:a2:fd:26:b9:01:43:c7:bc:
d9:f4:fb:85:5e:34:1a:fb:55:fe:86:bf:2a:af:c7:92:7e:df:
69:32:36:a3:3a:0d:50:4b:e1:56:f9:35:41:a3:6e:61:91:ce:
5f:42:40:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrbrJFaRbHQ6vmUjdg1o2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDk4Y2QzMjdlYTMzYmZmODYyOWQ3ZjQ5ZDZiZTNhZGM1
ZmYzMmMwHhcNMjMwMTAxMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgyOTkwYTVjNjhhMTA1YWU3YTliYTIwOWUyZDE0YjllNjgzYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmREtUvPAfdvzNNXuRbgG4crikUxx
HicopET9lcFg+Cdn3ceYvECe4IQYhHHUSTeRVtqDNurk6Wyn5WWFdbdyTqi56miJ
4l1B0fCDp7r5nEjBXuoj2HMeJOZylIaab+hC5CW3kFID6U5zP03u8RjxeqTjZd5u
VHzG7TykeWTdkJe7C7GZ7iGzJXIo5yEyB9u+ncOD6Qn2X7Wn1Hil4KB2IC4rZA2z
66D3D1HEJnYBD/EQ2/cv+teGg4lnGF0jQqxRn+/wZD3CtLw70saSiebq9f8nxgOZ
xIAMb0/2gZdNoQuF2dmIsUMUU7bNbHrFL3rcxu0fNI2uvg0yfQDyFkc7owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2CmQpcaKEFrnqbogni0UueaDp5MB8GA1UdIwQY
MBaAFNdJjNMn6jO/+GKdf0nWvjrcX/MsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBtTTB5ZnFNN180WXAxX1NkYS1PdHhmOHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yN2M0YzEtMTU3Ny00ZWUxLWFhMjQt
YWRlMmJhYmNiOGQwLzEvUFlLWkNseG9vUVd1ZXB1aUNlTFJTNTVvT25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yN2M0YzEtMTU3Ny00ZWUxLWFhMjQtYWRlMmJhYmNiOGQw
LzEvMTBtTTB5ZnFNN180WXAxX1NkYS1PdHhmOHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwfe+MA0G
CSqGSIb3DQEBCwUAA4IBAQCaOLKd0F6EMpCfbOfy68rCuPOqXfoxG4rm2ptRDJlb
DZZE7QDJbsypVpBbHK2j5mV7g28VoYC1xfMxlX1ej2Cmk+iw7dslKxpF8fS2Y+sz
dV1DameqMF1/QfRg9H1suvdTdhG3UQoe9s1LexeKmxJvKD3KSAIjmtGGrADc1xoE
lL5VkKa4fDALUHvhIaOQi6/+r0D0WUgo3Zl8UW4jvIBxhfVvHhZjmL70rPDECePu
Ly1WBVz1ObQ7JqzxdJm/R6ZiOT/jKH0/H0jURndqqAQgov0muQFDx7zZ9PuFXjQa
+1X+hr8qr8eSft9pMjajOg1QS+FW+TVBo25hkc5fQkDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:59 2024 by rpki-client on console-fra.rpki-client.org