Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/PRY5AEydRyhJB7YpIFD4azFvL4U.roa
File: PRY5AEydRyhJB7YpIFD4azFvL4U.roa (raw, json)
Hash identifier: 9+JOFZBpb00gRSo53/QJUGQCMN1PR8+I0AtBQHEpAPs=
Subject key identifier: 3D:16:39:00:4C:9D:47:28:49:07:B6:29:20:50:F8:6B:31:6F:2F:85
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 0185714C10A55AE6072B973D11BB8BBE792F
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/PRY5AEydRyhJB7YpIFD4azFvL4U.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16211
IP address blocks: 176.57.32.0/21 maxlen: 21
62.193.32.0/19 maxlen: 19
95.141.96.0/20 maxlen: 20
78.109.240.0/20 maxlen: 20
185.41.4.0/22 maxlen: 22
2a01:4e00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:10:a5:5a:e6:07:2b:97:3d:11:bb:8b:be:79:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d1639004c9d47284907b6292050f86b316f2f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:38:b5:95:78:79:3d:7a:ec:17:47:65:57:60:
6b:40:c2:65:64:f2:b9:cb:2a:44:bf:be:e8:53:28:
ee:97:cd:fd:7e:2a:03:a9:3d:e7:6c:5a:11:fb:37:
d8:41:31:d1:7f:1c:6c:67:c5:0c:80:da:6b:4a:f0:
2f:fc:bd:47:d5:79:92:27:16:58:4d:03:7a:71:42:
08:2a:44:ee:0b:53:4b:4d:2d:a9:b1:33:06:d8:82:
e1:b2:31:cd:f8:1f:4f:d6:fe:f3:e1:50:8d:b6:1d:
4f:8a:6d:a5:a0:d2:1d:1f:d1:f5:97:1e:85:ae:9e:
d9:2c:48:98:a5:25:92:d7:ff:00:c4:b6:af:19:79:
28:df:42:6f:0c:dc:f9:17:0b:1e:96:50:ff:24:d7:
9a:e9:aa:56:dd:f6:de:2d:06:66:bc:18:ea:a3:a4:
48:e1:8d:0e:6f:18:01:34:fe:f5:44:c0:bd:9a:87:
39:0c:33:ae:43:a1:d2:d0:91:9e:0e:8d:4a:8a:3e:
09:ef:e6:fb:a2:8d:e8:af:07:d0:33:98:5c:f5:f9:
28:35:67:ac:0d:e7:cd:1d:37:14:41:d6:62:84:c2:
c9:da:fd:fe:e5:c6:2a:b2:93:2e:f5:09:63:1f:f9:
35:5d:c4:39:f3:2f:64:32:ed:80:af:70:92:3d:9e:
2e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:16:39:00:4C:9D:47:28:49:07:B6:29:20:50:F8:6B:31:6F:2F:85
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/PRY5AEydRyhJB7YpIFD4azFvL4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.193.32.0/19
78.109.240.0/20
95.141.96.0/20
176.57.32.0/21
185.41.4.0/22
IPv6:
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
32:52:b1:a2:b0:98:21:a4:6d:bb:cc:3a:5e:9f:af:5c:41:01:
d3:7b:0f:cb:60:bc:e4:14:1d:76:10:48:b4:53:85:e7:c9:78:
94:ec:87:74:08:3d:a0:85:0f:8a:8c:a8:e7:0d:56:1c:b8:fc:
34:66:5c:8a:d1:24:88:d5:4c:8b:9c:af:d7:f9:41:24:1c:bb:
88:2e:db:16:f2:9d:2a:3b:92:11:0d:c2:3f:6a:ce:dc:f0:09:
8e:cc:77:0c:36:63:d4:fa:a4:e2:20:b3:da:8f:b6:17:33:1f:
fe:ed:ae:a5:61:7b:9f:7f:8c:9c:4d:8b:00:f7:4f:e7:2d:9a:
70:5c:12:06:4f:21:99:82:8f:d2:d9:f2:5a:96:ef:21:c6:d6:
24:be:3c:75:41:bc:f6:41:42:d5:a7:28:b2:6e:c4:87:83:e3:
f1:ae:d4:fc:ec:bd:46:28:af:a0:29:2b:a1:81:cc:8a:d1:dc:
3f:5e:2b:28:8b:ac:f9:c8:71:43:44:46:81:13:3e:bb:d6:5a:
e6:d9:58:15:7a:19:c8:e0:3a:3b:3c:23:db:5d:a9:52:c5:d9:
92:8f:a2:fd:4a:c4:c9:15:6c:d9:1a:f0:4c:9c:39:10:f8:5d:
40:5a:46:1b:62:a6:29:ce:ea:91:8c:a1:e7:01:8e:f4:2d:3b:
22:d2:c8:16
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVxTBClWuYHK5c9EbuLvnkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE2MzkwMDRjOWQ0NzI4NDkwN2I2MjkyMDUwZjg2YjMxNmYyZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTi1lXh5PXrsF0dlV2BrQMJlZPK5
yypEv77oUyjul839fioDqT3nbFoR+zfYQTHRfxxsZ8UMgNprSvAv/L1H1XmSJxZY
TQN6cUIIKkTuC1NLTS2psTMG2ILhsjHN+B9P1v7z4VCNth1Pim2loNIdH9H1lx6F
rp7ZLEiYpSWS1/8AxLavGXko30JvDNz5FwsellD/JNea6apW3fbeLQZmvBjqo6RI
4Y0ObxgBNP71RMC9moc5DDOuQ6HS0JGeDo1Kij4J7+b7oo3orwfQM5hc9fkoNWes
DefNHTcUQdZihMLJ2v3+5cYqspMu9QljH/k1XcQ58y9kMu2Ar3CSPZ4uTQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD0WOQBMnUcoSQe2KSBQ+Gsxby+FMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvUFJZNUFFeWRSeWhKQjdZcElGRDRhekZ2TDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPsEgAwQE
Tm3wAwQEX41gAwQDsDkgAwQCuSkEMA0EAgACMAcDBQAqAU4AMA0GCSqGSIb3DQEB
CwUAA4IBAQAyUrGisJghpG27zDpen69cQQHTew/LYLzkFB12EEi0U4XnyXiU7Id0
CD2ghQ+KjKjnDVYcuPw0ZlyK0SSI1UyLnK/X+UEkHLuILtsW8p0qO5IRDcI/as7c
8AmOzHcMNmPU+qTiILPaj7YXMx/+7a6lYXuff4ycTYsA90/nLZpwXBIGTyGZgo/S
2fJalu8hxtYkvjx1Qbz2QULVpyiybsSHg+PxrtT87L1GKK+gKSuhgcyK0dw/Xiso
i6z5yHFDREaBEz671lrm2VgVehnI4Do7PCPbXalSxdmSj6L9SsTJFWzZGvBMnDkQ
+F1AWkYbYqYpzuqRjKHnAY70LTsi0sgW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org