Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/PYNP3Xw9XIN3gcVYe-o5HpYfSGc.roa
File: PYNP3Xw9XIN3gcVYe-o5HpYfSGc.roa (raw, json)
Hash identifier: EfIrKLJ/LbgPPPfzcppd8KCx6MLmlHDUpMPpMgMX5sU=
Subject key identifier: 3D:83:4F:DD:7C:3D:5C:83:77:81:C5:58:7B:EA:39:1E:96:1F:48:67
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 01856BEED823921E598B1B70E58EB198BFD5
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/PYNP3Xw9XIN3gcVYe-o5HpYfSGc.roa
Signing time: Sun 01 Jan 2023 06:04:52 +0000
ROA not before: Sun 01 Jan 2023 06:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205708
IP address blocks: 193.192.161.0/24 maxlen: 24
193.192.162.0/24 maxlen: 24
193.192.160.0/24 maxlen: 24
193.192.163.0/24 maxlen: 24
77.65.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:d8:23:92:1e:59:8b:1b:70:e5:8e:b1:98:bf:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 06:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d834fdd7c3d5c837781c5587bea391e961f4867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cb:6c:ac:6f:14:8d:0b:49:f1:4c:22:34:92:
05:d8:16:ff:62:2e:7d:5e:6e:29:72:f3:6c:3e:29:
8f:b9:f7:18:3a:aa:70:a6:85:fe:3c:a3:ac:c6:fc:
c6:8e:2a:b4:83:1a:96:83:05:d6:ac:7f:8d:e0:35:
c0:d9:4e:8f:0f:ba:c3:d2:42:c5:02:0b:e6:64:9b:
4b:f4:f4:a8:3f:a8:34:50:c1:58:d0:2d:6c:37:09:
59:2f:d9:de:a8:28:04:fa:ea:fa:28:35:45:2c:70:
96:2b:58:ab:7c:44:3b:0d:25:b8:45:0f:96:6d:f9:
dc:08:14:ae:31:cb:5b:6d:d3:a9:d7:6f:56:7a:d0:
66:ab:3f:84:c7:ea:99:af:4d:8d:48:38:c3:12:65:
a9:8e:40:d0:c3:22:29:6e:b9:3a:cf:e1:60:f7:c5:
06:04:ca:1f:0d:28:a3:98:b1:41:c5:0c:71:80:e1:
82:0e:3f:4c:55:53:00:3c:86:f2:44:04:8c:35:75:
cd:34:d6:25:2f:44:26:60:7e:c5:9c:3c:c4:d7:99:
a8:f4:ca:7b:61:1d:9f:d4:e6:f2:d6:48:b1:e2:36:
5d:67:dd:d7:6b:69:df:6f:73:97:c6:9b:72:b4:3e:
0d:ed:3f:73:0b:6c:ac:29:2d:66:5b:8f:f0:34:83:
5e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:83:4F:DD:7C:3D:5C:83:77:81:C5:58:7B:EA:39:1E:96:1F:48:67
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/PYNP3Xw9XIN3gcVYe-o5HpYfSGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.65.141.0/24
193.192.160.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:27:4d:16:b3:fc:e4:95:cb:81:5e:ff:20:52:94:aa:f9:b6:
75:32:a1:c7:f0:55:73:8b:d2:70:97:67:12:26:db:7f:39:27:
71:9a:e4:08:44:df:ca:f3:39:26:4b:04:43:14:d8:25:e5:5a:
21:7a:90:9c:c1:ce:9a:a4:d8:5a:3b:61:18:12:31:fb:7c:ba:
3d:c5:37:62:8c:e4:62:da:df:1e:5c:09:3a:e0:4f:09:c4:47:
00:c4:d0:2c:18:19:f7:61:ca:d8:50:e3:ba:1d:60:62:61:23:
28:78:93:7f:79:1d:dd:a6:b6:96:c1:1e:a2:bb:38:54:20:ea:
fb:34:ec:7e:94:db:f4:f7:08:05:89:9c:68:4e:03:9f:dd:9c:
fd:31:ae:39:57:60:ee:f6:c1:df:78:04:85:98:c0:99:0a:0a:
89:ba:79:f6:48:2b:15:74:6d:40:78:d7:27:a3:46:1b:84:bf:
78:80:58:9b:5a:de:0a:29:1e:5f:87:87:15:1e:84:94:e4:46:
be:15:da:60:25:cf:f6:a2:cf:dc:ec:63:19:fd:19:92:3f:96:
82:6c:2b:c4:32:da:85:30:51:85:4e:2a:65:11:f2:a7:22:fc:
ee:f3:59:62:e5:46:1e:30:a8:ad:3d:d5:bf:18:f5:57:26:6f:
11:83:55:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr7tgjkh5Zixtw5Y6xmL/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgzNGZkZDdjM2Q1YzgzNzc4MWM1NTg3YmVhMzkxZTk2MWY0ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyctsrG8UjQtJ8UwiNJIF2Bb/Yi59
Xm4pcvNsPimPufcYOqpwpoX+PKOsxvzGjiq0gxqWgwXWrH+N4DXA2U6PD7rD0kLF
AgvmZJtL9PSoP6g0UMFY0C1sNwlZL9neqCgE+ur6KDVFLHCWK1irfEQ7DSW4RQ+W
bfncCBSuMctbbdOp129WetBmqz+Ex+qZr02NSDjDEmWpjkDQwyIpbrk6z+Fg98UG
BMofDSijmLFBxQxxgOGCDj9MVVMAPIbyRASMNXXNNNYlL0QmYH7FnDzE15mo9Mp7
YR2f1Oby1kix4jZdZ93Xa2nfb3OXxptytD4N7T9zC2ysKS1mW4/wNINeKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2DT918PVyDd4HFWHvqOR6WH0hnMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvUFlOUDNYdzlYSU4zZ2NWWWUtbzVIcFlmU0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUGNAwQC
wcCgMA0GCSqGSIb3DQEBCwUAA4IBAQB8J00Ws/zklcuBXv8gUpSq+bZ1MqHH8FVz
i9Jwl2cSJtt/OSdxmuQIRN/K8zkmSwRDFNgl5VohepCcwc6apNhaO2EYEjH7fLo9
xTdijORi2t8eXAk64E8JxEcAxNAsGBn3YcrYUOO6HWBiYSMoeJN/eR3dpraWwR6i
uzhUIOr7NOx+lNv09wgFiZxoTgOf3Zz9Ma45V2Du9sHfeASFmMCZCgqJunn2SCsV
dG1AeNcno0YbhL94gFibWt4KKR5fh4cVHoSU5Ea+FdpgJc/2os/c7GMZ/RmSP5aC
bCvEMtqFMFGFTiplEfKnIvzu81li5UYeMKitPdW/GPVXJm8Rg1U6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org