Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PjWIx5SZukfJ41S0GRAGBUFJwxc.roa
File: PjWIx5SZukfJ41S0GRAGBUFJwxc.roa (raw, json)
Hash identifier: 3CWKtSXwMD62ONkOZ2XNIw8sGjMQn1JGkX9kzHnW/lo=
Subject key identifier: 3E:35:88:C7:94:99:BA:47:C9:E3:54:B4:19:10:06:05:41:49:C3:17
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0186CB6A19F8E603F22816DE555F6FA512A2
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PjWIx5SZukfJ41S0GRAGBUFJwxc.roa
Signing time: Fri 10 Mar 2023 12:06:13 +0000
ROA not before: Fri 10 Mar 2023 12:06:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 64.137.39.0/24 maxlen: 24
64.137.76.0/24 maxlen: 24
64.137.102.0/24 maxlen: 24
64.137.114.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:6a:19:f8:e6:03:f2:28:16:de:55:5f:6f:a5:12:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 10 12:06:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e3588c79499ba47c9e354b4191006054149c317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:58:03:77:18:cb:51:04:ad:12:17:99:0e:
e7:3d:17:89:df:39:43:29:aa:07:12:da:93:4c:bc:
48:d5:65:22:fd:6b:cb:00:88:f5:e6:e9:54:6e:4f:
60:1b:b3:31:25:bd:3a:cc:e4:60:e8:85:d6:12:2f:
4f:7d:ef:97:eb:52:f3:19:ad:51:89:0b:52:8a:02:
af:58:3f:10:75:65:10:c6:1a:10:04:af:a6:13:78:
70:5a:e2:7e:78:31:82:22:52:2e:61:a6:bc:39:41:
33:68:26:73:be:0d:54:00:e6:33:55:84:6e:dc:05:
db:2f:da:c2:e7:ca:c8:31:61:56:71:7c:52:c5:00:
f2:75:1c:9a:a0:f3:9d:19:5b:4f:c8:2c:04:3c:e0:
6c:8d:fb:f3:0f:aa:1d:28:f6:41:ab:e5:4c:7f:2d:
43:1b:9c:f6:96:3f:26:97:35:b4:bd:7b:1d:d2:7e:
05:c9:06:4f:c0:29:4d:36:a0:a2:32:65:d9:6e:5d:
52:75:2d:e4:43:d3:dd:0c:94:7d:28:1f:29:59:b5:
05:f1:1d:3d:db:ae:8b:df:0b:9c:86:ca:9b:13:6f:
04:2e:89:d4:a2:6f:3b:e3:a0:38:92:c2:a7:fe:65:
9a:73:d4:1b:54:0a:9e:3d:00:71:13:6f:bc:80:90:
ba:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:35:88:C7:94:99:BA:47:C9:E3:54:B4:19:10:06:05:41:49:C3:17
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PjWIx5SZukfJ41S0GRAGBUFJwxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.39.0/24
64.137.76.0/24
64.137.102.0/24
64.137.114.0/24
Signature Algorithm: sha256WithRSAEncryption
35:63:ea:ee:2e:55:03:60:2d:05:64:41:2b:6d:84:a3:25:b7:
41:16:85:b0:61:d5:81:aa:ad:13:04:0f:6a:20:7a:c5:b1:62:
04:54:db:a6:1f:00:6e:10:c1:fc:84:2b:45:34:b7:ef:ab:42:
0d:95:43:4d:9c:9d:4b:73:c9:a0:09:61:fe:19:5c:94:eb:f7:
22:11:ee:9e:51:c8:56:8f:51:69:13:eb:25:34:17:e7:0a:d6:
0d:19:bc:2f:a5:96:15:9e:32:66:2b:75:b6:89:f9:ea:f1:41:
f3:e3:72:d1:af:83:c6:4b:db:58:de:01:51:f6:cb:79:95:2e:
71:fa:e9:0d:56:9b:5e:8a:c6:1d:1e:3f:66:10:04:00:fa:b2:
9a:fe:1a:7f:a9:35:29:3e:bb:51:ff:ec:39:73:39:31:8e:e9:
bd:d6:47:3c:12:56:83:0e:76:6c:bc:36:e7:96:b4:44:5e:80:
2d:f7:89:cd:95:69:3f:e7:8b:58:11:f2:71:34:e6:bd:07:b3:
b3:68:41:d5:fb:f5:96:a6:83:03:3f:f2:c1:64:8f:d5:98:94:
0a:b9:d5:00:6f:d6:70:ea:63:f7:f6:be:51:87:12:31:fd:3e:
48:45:40:44:35:0c:91:54:20:a9:3d:8a:1f:b8:2c:45:17:18:
1c:08:2a:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbLahn45gPyKBbeVV9vpRKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzEwMTIwNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM1ODhjNzk0OTliYTQ3YzllMzU0YjQxOTEwMDYwNTQxNDljMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpVYA3cYy1EErRIXmQ7nPReJ3zlD
KaoHEtqTTLxI1WUi/WvLAIj15ulUbk9gG7MxJb06zORg6IXWEi9Pfe+X61LzGa1R
iQtSigKvWD8QdWUQxhoQBK+mE3hwWuJ+eDGCIlIuYaa8OUEzaCZzvg1UAOYzVYRu
3AXbL9rC58rIMWFWcXxSxQDydRyaoPOdGVtPyCwEPOBsjfvzD6odKPZBq+VMfy1D
G5z2lj8mlzW0vXsd0n4FyQZPwClNNqCiMmXZbl1SdS3kQ9PdDJR9KB8pWbUF8R09
266L3wuchsqbE28ELonUom8746A4ksKn/mWac9QbVAqePQBxE2+8gJC6bQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD41iMeUmbpHyeNUtBkQBgVBScMXMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUGpXSXg1U1p1a2ZKNDFTMEdSQUdCVUZKd3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIknAwQA
QIlMAwQAQIlmAwQAQIlyMA0GCSqGSIb3DQEBCwUAA4IBAQA1Y+ruLlUDYC0FZEEr
bYSjJbdBFoWwYdWBqq0TBA9qIHrFsWIEVNumHwBuEMH8hCtFNLfvq0INlUNNnJ1L
c8mgCWH+GVyU6/ciEe6eUchWj1FpE+slNBfnCtYNGbwvpZYVnjJmK3W2ifnq8UHz
43LRr4PGS9tY3gFR9st5lS5x+ukNVpteisYdHj9mEAQA+rKa/hp/qTUpPrtR/+w5
czkxjum91kc8ElaDDnZsvDbnlrREXoAt94nNlWk/54tYEfJxNOa9B7OzaEHV+/WW
poMDP/LBZI/VmJQKudUAb9Zw6mP39r5RhxIx/T5IRUBENQyRVCCpPYofuCxFFxgc
CCoK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org