Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/PXm5ZtSm-NSnsse_1QcSYkKHXOo.roa
File: PXm5ZtSm-NSnsse_1QcSYkKHXOo.roa (raw, json)
Hash identifier: Lidv0WFoW8MArqWqoI/4IXCyek7ghBBA65ENtiMW+i4=
Subject key identifier: 3D:79:B9:66:D4:A6:F8:D4:A7:B2:C7:BF:D5:07:12:62:42:87:5C:EA
Certificate issuer: /CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Certificate serial: 018CC8DF29BF86F3C82A9BBB0DDED2F8436C
Authority key identifier: 69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/PXm5ZtSm-NSnsse_1QcSYkKHXOo.roa
Signing time: Tue 02 Jan 2024 06:31:57 +0000
ROA not before: Tue 02 Jan 2024 06:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41535
IP address blocks: 89.253.192.0/21 maxlen: 21
89.253.200.0/21 maxlen: 21
89.253.203.0/24 maxlen: 24
89.253.202.0/24 maxlen: 24
193.32.198.0/23 maxlen: 23
89.253.208.0/21 maxlen: 21
89.253.216.0/21 maxlen: 21
89.253.224.0/21 maxlen: 21
89.253.232.0/21 maxlen: 21
89.253.240.0/21 maxlen: 21
89.253.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 13 Feb 2024 10:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:29:bf:86:f3:c8:2a:9b:bb:0d:de:d2:f8:43:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Validity
Not Before: Jan 2 06:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d79b966d4a6f8d4a7b2c7bfd507126242875cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:07:83:6e:43:20:04:7e:d4:22:e0:cc:3f:1f:
a1:ae:be:3b:4f:64:09:38:03:25:5a:32:b8:59:27:
7a:55:e4:f7:00:d3:79:a5:80:c7:6c:a4:7a:b6:16:
d6:a7:d8:9d:d3:7c:80:37:e3:ff:e6:f7:4f:f2:4a:
b9:a4:3b:c7:ef:d0:cb:6a:e7:f4:3a:da:01:4a:7d:
86:06:58:27:6c:de:20:90:56:0f:3a:c7:0a:3f:aa:
ca:f2:0b:be:a5:82:f7:4f:01:27:50:93:db:35:aa:
ff:61:de:e6:01:c9:fd:86:04:95:00:bd:b2:4d:80:
4a:59:42:b5:70:c9:98:16:47:2f:a7:29:49:5e:6f:
80:ff:cc:b7:97:6a:36:ec:34:7e:27:c2:92:8f:c6:
1c:7b:a6:c6:ae:c4:8a:eb:65:21:fa:b1:5b:85:4c:
ad:b5:68:d9:67:56:26:54:0c:5b:3f:5e:62:38:e3:
9e:1d:53:c6:9a:70:cf:ab:59:da:a1:a6:5e:25:a2:
04:20:af:c7:04:c9:81:d4:bd:f6:f1:49:d6:c0:6e:
c0:82:04:00:d5:2a:d6:c3:a6:f1:e2:b9:52:09:e1:
38:df:f0:6c:a2:fa:9c:3f:45:e1:86:6a:7f:8b:e4:
91:0c:01:20:70:40:37:22:f3:7a:07:01:31:55:05:
5d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:79:B9:66:D4:A6:F8:D4:A7:B2:C7:BF:D5:07:12:62:42:87:5C:EA
X509v3 Authority Key Identifier:
keyid:69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/PXm5ZtSm-NSnsse_1QcSYkKHXOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.253.192.0/18
193.32.198.0/23
Signature Algorithm: sha256WithRSAEncryption
16:58:0e:97:e8:64:77:86:a8:e6:76:e0:ae:79:6f:10:a6:88:
78:60:a4:72:5b:32:ed:79:0a:c1:6b:43:4f:f5:c1:c4:bd:4f:
ea:65:c9:79:38:4e:f1:74:ec:fe:66:1c:6e:ea:2f:74:5d:29:
29:37:b8:12:6c:d7:47:c5:3a:ea:5e:7b:b3:36:f6:6e:ed:a5:
8f:e7:73:f9:b9:c5:18:a1:28:41:31:9c:96:5f:34:f3:a1:1f:
c3:4a:6c:70:e9:5e:62:cd:7c:27:51:a8:d9:b5:30:e1:15:f5:
77:ed:26:48:55:4c:ed:43:ff:c2:d3:63:cf:02:f9:53:48:ae:
6a:d6:61:41:da:af:83:78:d6:0e:96:f2:fe:2b:23:55:01:63:
38:ee:1a:40:26:91:45:4f:3b:09:4d:46:a2:b2:19:3c:ec:51:
6b:f8:2d:52:e9:d4:98:a9:4d:be:4a:37:27:c4:8d:de:18:09:
d5:19:1a:13:bf:2b:14:f1:9a:f6:98:09:13:9d:39:6d:13:be:
1b:8c:0c:05:51:01:df:1f:3b:b3:a1:d5:48:2c:77:7f:4b:b9:
d8:2e:3a:0f:1a:ed:7c:b6:e2:6f:48:65:58:8a:76:ba:55:ea:
e2:a1:b2:ae:ee:b9:15:a5:c5:53:4e:28:32:61:98:cf:4f:a8:
7b:f5:6d:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3ym/hvPIKpu7Dd7S+ENsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTRkNjkxNmI5MzE1OWFhODA5ODRhOWIzNzc0NjgzYmI1
NTBlYmQwHhcNMjQwMTAyMDYzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDc5Yjk2NmQ0YTZmOGQ0YTdiMmM3YmZkNTA3MTI2MjQyODc1Y2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAeDbkMgBH7UIuDMPx+hrr47T2QJ
OAMlWjK4WSd6VeT3ANN5pYDHbKR6thbWp9id03yAN+P/5vdP8kq5pDvH79DLauf0
OtoBSn2GBlgnbN4gkFYPOscKP6rK8gu+pYL3TwEnUJPbNar/Yd7mAcn9hgSVAL2y
TYBKWUK1cMmYFkcvpylJXm+A/8y3l2o27DR+J8KSj8Yce6bGrsSK62Uh+rFbhUyt
tWjZZ1YmVAxbP15iOOOeHVPGmnDPq1naoaZeJaIEIK/HBMmB1L328UnWwG7AggQA
1SrWw6bx4rlSCeE43/BsovqcP0Xhhmp/i+SRDAEgcEA3IvN6BwExVQVdewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD15uWbUpvjUp7LHv9UHEmJCh1zqMB8GA1UdIwQY
MBaAFGmk1pFrkxWaqAmEqbN3RoO7VQ69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUt
MzE5NzExMDA5N2M5LzEvUFhtNVp0U20tTlNuc3NlXzFRY1NZa0tIWE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUtMzE5NzExMDA5N2M5
LzEvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGWf3AAwQB
wSDGMA0GCSqGSIb3DQEBCwUAA4IBAQAWWA6X6GR3hqjmduCueW8Qpoh4YKRyWzLt
eQrBa0NP9cHEvU/qZcl5OE7xdOz+Zhxu6i90XSkpN7gSbNdHxTrqXnuzNvZu7aWP
53P5ucUYoShBMZyWXzTzoR/DSmxw6V5izXwnUajZtTDhFfV37SZIVUztQ//C02PP
AvlTSK5q1mFB2q+DeNYOlvL+KyNVAWM47hpAJpFFTzsJTUaishk87FFr+C1S6dSY
qU2+SjcnxI3eGAnVGRoTvysU8Zr2mAkTnTltE74bjAwFUQHfHzuzodVILHd/S7nY
LjoPGu18tuJvSGVYina6VeriobKu7rkVpcVTTigyYZjPT6h79W1e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:09 2024 by rpki-client on console-ams.rpki-client.org