Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/PisRFUpFNY3-IEG3IUmDsrrghaA.roa
File: PisRFUpFNY3-IEG3IUmDsrrghaA.roa (raw, json)
Hash identifier: +hPxtPv7mSjoHZYDlUtoelgr6bB1VH2AsmVKsa8VkP8=
Subject key identifier: 3E:2B:11:15:4A:45:35:8D:FE:20:41:B7:21:49:83:B2:BA:E0:85:A0
Certificate issuer: /CN=624c494f56193b4e9adf3db72e4f01978c587f18
Certificate serial: 018571832B714E8DC05429B42C8DB7B3ABD8
Authority key identifier: 62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/PisRFUpFNY3-IEG3IUmDsrrghaA.roa
Signing time: Mon 02 Jan 2023 08:04:59 +0000
ROA not before: Mon 02 Jan 2023 08:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57363
IP address blocks: 91.231.234.0/24 maxlen: 24
91.231.235.0/24 maxlen: 24
91.231.236.0/24 maxlen: 24
91.231.237.0/24 maxlen: 24
91.231.239.0/24 maxlen: 24
91.238.108.0/24 maxlen: 24
91.238.109.0/24 maxlen: 24
91.238.110.0/24 maxlen: 24
185.31.112.0/24 maxlen: 24
185.31.114.0/24 maxlen: 24
185.31.115.0/24 maxlen: 24
91.240.170.0/24 maxlen: 24
91.240.168.0/24 maxlen: 24
91.240.169.0/24 maxlen: 24
151.236.109.0/24 maxlen: 24
151.236.110.0/23 maxlen: 23
151.236.111.0/24 maxlen: 24
151.236.106.0/24 maxlen: 24
151.236.107.0/24 maxlen: 24
151.236.113.0/24 maxlen: 24
151.236.122.0/23 maxlen: 23
151.236.123.0/24 maxlen: 24
151.236.125.0/24 maxlen: 24
151.236.64.0/24 maxlen: 24
151.236.65.0/24 maxlen: 24
151.236.67.0/24 maxlen: 24
151.236.68.0/24 maxlen: 24
151.236.70.0/24 maxlen: 24
151.236.74.0/24 maxlen: 24
151.236.75.0/24 maxlen: 24
151.236.77.0/24 maxlen: 24
151.236.78.0/24 maxlen: 24
151.236.72.0/24 maxlen: 24
151.236.73.0/24 maxlen: 24
151.236.81.0/24 maxlen: 24
151.236.83.0/24 maxlen: 24
151.236.84.0/24 maxlen: 24
151.236.85.0/24 maxlen: 24
151.236.80.0/24 maxlen: 24
151.236.89.0/24 maxlen: 24
151.236.90.0/24 maxlen: 24
151.236.91.0/24 maxlen: 24
151.236.86.0/24 maxlen: 24
151.236.87.0/24 maxlen: 24
151.236.95.0/24 maxlen: 24
151.236.96.0/24 maxlen: 24
151.236.102.0/24 maxlen: 24
151.236.99.0/24 maxlen: 24
151.236.100.0/24 maxlen: 24
2a02:aec0:3::/48 maxlen: 48
2a02:aec0:7::/48 maxlen: 48
2a02:aec0:8::/48 maxlen: 48
2a02:aec0:1::/48 maxlen: 48
2a02:aec0:5::/48 maxlen: 48
2a02:aec0:2::/48 maxlen: 48
2a02:aec0:9::/48 maxlen: 48
2a02:aec0:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 May 2023 16:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:2b:71:4e:8d:c0:54:29:b4:2c:8d:b7:b3:ab:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624c494f56193b4e9adf3db72e4f01978c587f18
Validity
Not Before: Jan 2 08:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e2b11154a45358dfe2041b7214983b2bae085a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:da:53:19:05:69:61:7c:a9:4a:9a:f6:4e:32:
90:37:b9:30:d7:8e:60:e7:fb:11:75:db:8f:47:c1:
46:da:87:e3:29:39:af:7b:96:b0:08:a7:bc:79:65:
18:04:29:28:27:12:e3:b9:06:87:77:8a:64:17:cf:
bc:b9:12:fd:82:b7:06:44:29:03:65:c2:f3:f4:38:
0e:ee:5d:00:bb:81:df:95:3b:2a:be:df:ac:d5:9a:
55:64:42:6e:69:bd:8d:b7:05:61:22:59:f0:a2:09:
bb:82:e8:a1:62:c3:ad:86:69:47:4e:37:0f:71:7d:
30:eb:d0:65:8d:9d:58:df:4d:10:00:b8:d6:19:c3:
cb:4c:64:8b:bb:6e:40:93:d4:46:7b:b0:34:ab:84:
8b:c6:be:a3:6a:59:72:6c:85:fb:79:87:3d:72:8f:
ed:82:15:fc:ca:b7:a1:e1:45:31:05:4e:82:ee:4d:
56:43:a4:55:18:6d:25:e2:69:46:54:58:2a:2d:58:
67:54:1b:cc:c0:d0:d9:a9:2f:08:0c:e6:7c:b1:bf:
1d:82:38:52:0e:88:80:0e:e8:08:87:72:30:02:79:
c5:8c:7d:42:7b:d8:d7:e2:9a:87:28:94:e6:1f:b0:
17:cc:57:fb:22:fd:e6:c1:02:6d:ac:15:c3:8c:06:
a4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2B:11:15:4A:45:35:8D:FE:20:41:B7:21:49:83:B2:BA:E0:85:A0
X509v3 Authority Key Identifier:
keyid:62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/PisRFUpFNY3-IEG3IUmDsrrghaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.234.0-91.231.237.255
91.231.239.0/24
91.238.108.0-91.238.110.255
91.240.168.0-91.240.170.255
151.236.64.0/23
151.236.67.0-151.236.68.255
151.236.70.0/24
151.236.72.0/22
151.236.77.0-151.236.78.255
151.236.80.0/23
151.236.83.0-151.236.87.255
151.236.89.0-151.236.91.255
151.236.95.0-151.236.96.255
151.236.99.0-151.236.100.255
151.236.102.0/24
151.236.106.0/23
151.236.109.0-151.236.111.255
151.236.113.0/24
151.236.122.0/23
151.236.125.0/24
185.31.112.0/24
185.31.114.0/23
IPv6:
2a02:aec0:1::-2a02:aec0:3:ffff:ffff:ffff:ffff:ffff
2a02:aec0:5::-2a02:aec0:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:73:9a:d9:2d:8d:26:27:66:8e:f4:1e:d2:e5:1a:09:7b:a6:
f0:91:7c:bd:c0:aa:10:a6:4f:bb:87:11:01:21:85:bc:56:f7:
72:61:21:28:f4:62:20:47:ac:eb:d9:a2:7e:9a:3f:fd:85:3a:
14:7a:2e:61:81:4b:b2:25:42:11:5e:96:f5:ed:fa:ca:20:67:
94:dc:b1:12:f1:67:aa:9e:06:a3:22:d1:a2:75:d8:64:b6:f6:
62:14:be:56:fe:d1:90:b4:2f:00:09:41:80:44:80:f9:e8:bb:
52:3d:5f:9a:1d:c4:4b:9a:22:73:3a:66:37:d5:6d:bb:bf:0a:
76:73:3d:6f:d2:a1:c4:d7:39:50:f8:3d:90:9c:4e:d0:b8:60:
11:7b:ed:e7:b7:27:39:16:14:e0:b8:45:0b:f5:1c:2a:2d:ac:
ba:1b:1e:7c:f3:20:77:6e:02:84:32:16:d1:8f:66:51:dd:3c:
54:06:6d:e9:29:44:cc:5b:f2:94:aa:e7:16:86:27:3e:0d:ee:
1e:40:41:ed:5f:f9:5f:b2:ce:b7:b8:2a:04:99:eb:a4:48:86:
89:a4:20:a9:14:2f:76:31:2b:c1:15:32:47:b8:12:12:9e:b6:
13:b8:e9:db:56:10:1a:d4:14:ba:0e:24:71:23:88:5b:fa:ef:
78:dd:6a:6f
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYVxgytxTo3AVCm0LI23s6vYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGM0OTRmNTYxOTNiNGU5YWRmM2RiNzJlNGYwMTk3OGM1
ODdmMTgwHhcNMjMwMTAyMDgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTJiMTExNTRhNDUzNThkZmUyMDQxYjcyMTQ5ODNiMmJhZTA4NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdpTGQVpYXypSpr2TjKQN7kw145g
5/sRdduPR8FG2ofjKTmve5awCKe8eWUYBCkoJxLjuQaHd4pkF8+8uRL9grcGRCkD
ZcLz9DgO7l0Au4HflTsqvt+s1ZpVZEJuab2NtwVhIlnwogm7guihYsOthmlHTjcP
cX0w69BljZ1Y300QALjWGcPLTGSLu25Ak9RGe7A0q4SLxr6jallybIX7eYc9co/t
ghX8yreh4UUxBU6C7k1WQ6RVGG0l4mlGVFgqLVhnVBvMwNDZqS8IDOZ8sb8dgjhS
DoiADugIh3IwAnnFjH1Ce9jX4pqHKJTmH7AXzFf7Iv3mwQJtrBXDjAakkQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFD4rERVKRTWN/iBBtyFJg7K64IWgMB8GA1UdIwQY
MBaAFGJMSU9WGTtOmt89ty5PAZeMWH8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2Mt
N2FhYjZlZjk1NWExLzEvUGlzUkZVcEZOWTMtSUVHM0lVbURzcnJnaGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2MtN2FhYjZlZjk1NWEx
LzEvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCB2wQCAAEwgdQw
DAMEAVvn6gMEAVvn7AMEAFvn7zAMAwQCW+5sAwQAW+5uMAwDBANb8KgDBABb8KoD
BAGX7EAwDAMEAJfsQwMEAJfsRAMEAJfsRgMEApfsSDAMAwQAl+xNAwQAl+xOAwQB
l+xQMAwDBACX7FMDBAOX7FAwDAMEAJfsWQMEApfsWDAMAwQAl+xfAwQAl+xgMAwD
BACX7GMDBACX7GQDBACX7GYDBAGX7GowDAMEAJfsbQMEBJfsYAMEAJfscQMEAZfs
egMEAJfsfQMEALkfcAMEAbkfcjAuBAIAAjAoMBIDBwAqAq7AAAEDBwIqAq7AAAAw
EgMHACoCrsAABQMHASoCrsAACDANBgkqhkiG9w0BAQsFAAOCAQEAfXOa2S2NJidm
jvQe0uUaCXum8JF8vcCqEKZPu4cRASGFvFb3cmEhKPRiIEes69mifpo//YU6FHou
YYFLsiVCEV6W9e36yiBnlNyxEvFnqp4GoyLRonXYZLb2YhS+Vv7RkLQvAAlBgESA
+ei7Uj1fmh3ES5oiczpmN9Vtu78KdnM9b9KhxNc5UPg9kJxO0LhgEXvt57cnORYU
4LhFC/UcKi2suhsefPMgd24ChDIW0Y9mUd08VAZt6SlEzFvylKrnFoYnPg3uHkBB
7V/5X7LOt7gqBJnrpEiGiaQgqRQvdjErwRUyR7gSEp62E7jp21YQGtQUug4kcSOI
W/rveN1qbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:22 2024 by rpki-client on console-ams.rpki-client.org