Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PXr0Ev0Ut2Hvzutf6CVBcHRNBdQ.roa
File: PXr0Ev0Ut2Hvzutf6CVBcHRNBdQ.roa (raw, json)
Hash identifier: iQX+xtF3Lv1gUQqKvRSC4byDa7s8h5K64uTAwNS5jd0=
Subject key identifier: 3D:7A:F4:12:FD:14:B7:61:EF:CE:EB:5F:E8:25:41:70:74:4D:05:D4
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A6EAB44CF71D6AE867CCF368EA4A8C48D
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PXr0Ev0Ut2Hvzutf6CVBcHRNBdQ.roa
Signing time: Thu 07 Sep 2023 08:03:52 +0000
ROA not before: Thu 07 Sep 2023 08:03:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47820
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 21
109.234.0.0/24 maxlen: 24
109.234.1.0/24 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 07 Sep 2023 15:10:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6e:ab:44:cf:71:d6:ae:86:7c:cf:36:8e:a4:a8:c4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 7 08:03:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d7af412fd14b761efceeb5fe8254170744d05d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ea:b7:61:90:c1:f0:16:74:3c:3a:ea:5d:f7:
ff:a1:20:f4:81:e9:af:23:0a:bb:92:e0:33:ec:55:
f7:c2:ed:63:0a:4d:68:30:aa:2c:16:91:18:5c:33:
64:07:8f:51:7f:fa:8e:38:4c:65:a5:a9:c6:bd:91:
c0:ce:65:4f:45:f1:8f:8f:16:0b:ad:42:d7:ab:db:
e1:b0:a4:87:14:94:71:8f:a6:4b:00:ed:0d:4f:66:
2d:a5:5f:2b:ff:54:07:69:49:0f:1b:ec:0c:3c:cb:
60:46:00:26:24:47:ab:c2:59:c5:b0:26:39:f1:49:
f9:4f:ad:b8:54:e4:e4:27:63:3e:39:cc:71:57:f2:
7c:30:a9:95:d1:62:8d:76:3c:5d:79:47:89:02:7e:
8d:1d:fb:59:ec:31:51:8a:26:ea:0e:06:30:f5:30:
a8:50:b0:12:00:80:2f:dc:f4:b4:86:75:bc:98:9f:
c9:8c:0b:5b:20:c3:99:ed:9a:c1:e4:65:b7:32:a0:
61:79:82:25:46:f1:d5:b8:54:1e:f6:04:c9:b8:c4:
5b:f4:6b:bc:17:ec:97:d8:0f:a8:ae:3b:4f:c9:69:
6b:24:e3:2b:07:31:87:96:03:01:1f:0b:17:4b:f5:
0d:3b:e0:08:56:08:b8:03:0d:b6:02:38:a6:88:77:
9e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7A:F4:12:FD:14:B7:61:EF:CE:EB:5F:E8:25:41:70:74:4D:05:D4
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PXr0Ev0Ut2Hvzutf6CVBcHRNBdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200::/29
Signature Algorithm: sha256WithRSAEncryption
a1:30:6d:ab:75:38:53:47:af:91:9f:3e:75:f1:90:25:7b:5b:
e1:93:52:0a:56:72:0d:fd:a5:0e:65:e3:fc:f4:be:d1:c7:e6:
cc:0b:fe:c4:9f:f9:03:55:0d:d5:23:6b:40:96:a3:9b:eb:fc:
92:91:68:c7:0b:e7:60:5f:03:9c:1b:c7:73:e4:13:e3:fd:f9:
7f:d4:27:3b:fd:4a:90:05:a9:94:ba:25:f1:a0:b6:92:e6:47:
cc:9f:82:91:25:5f:2a:78:78:c4:00:6d:e4:ca:ba:15:fe:b3:
16:04:65:45:7c:d6:1f:74:2f:cc:65:10:74:a9:5b:8f:03:5e:
38:bf:55:57:08:14:e4:1f:49:21:f7:e0:3c:98:35:e8:2a:38:
da:0b:48:df:4f:57:14:60:10:72:3c:07:3e:1e:ac:bd:d8:db:
94:3e:b0:a8:9b:7d:e6:c5:f3:64:ca:e1:2c:c8:c3:09:8f:13:
47:db:fc:a1:fb:95:b3:8a:41:e1:00:0a:63:40:af:f8:94:8f:
7f:77:8d:c1:06:aa:9c:e4:9f:64:4d:39:d4:80:52:54:f6:75:
62:94:bf:6b:1e:4d:f1:8c:72:31:9d:24:c6:d1:bb:20:6f:e1:
99:bb:a3:54:40:bf:d8:bd:da:09:19:f2:aa:c4:db:49:46:d9:
e3:62:ea:92
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYpuq0TPcdauhnzPNo6kqMSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTA3MDgwMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdhZjQxMmZkMTRiNzYxZWZjZWViNWZlODI1NDE3MDc0NGQwNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+q3YZDB8BZ0PDrqXff/oSD0gemv
Iwq7kuAz7FX3wu1jCk1oMKosFpEYXDNkB49Rf/qOOExlpanGvZHAzmVPRfGPjxYL
rULXq9vhsKSHFJRxj6ZLAO0NT2YtpV8r/1QHaUkPG+wMPMtgRgAmJEerwlnFsCY5
8Un5T624VOTkJ2M+OcxxV/J8MKmV0WKNdjxdeUeJAn6NHftZ7DFRiibqDgYw9TCo
ULASAIAv3PS0hnW8mJ/JjAtbIMOZ7ZrB5GW3MqBheYIlRvHVuFQe9gTJuMRb9Gu8
F+yX2A+orjtPyWlrJOMrBzGHlgMBHwsXS/UNO+AIVgi4Aw22AjimiHee7QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFD169BL9FLdh787rX+glQXB0TQXUMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvUFhyMEV2MFV0Mkh2enV0ZjZDVkJjSFJOQmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA0EAgACMAcDBQMqB2IAMA0GCSqGSIb3DQEBCwUAA4IB
AQChMG2rdThTR6+Rnz518ZAle1vhk1IKVnIN/aUOZeP89L7Rx+bMC/7En/kDVQ3V
I2tAlqOb6/ySkWjHC+dgXwOcG8dz5BPj/fl/1Cc7/UqQBamUuiXxoLaS5kfMn4KR
JV8qeHjEAG3kyroV/rMWBGVFfNYfdC/MZRB0qVuPA144v1VXCBTkH0kh9+A8mDXo
KjjaC0jfT1cUYBByPAc+Hqy92NuUPrCom33mxfNkyuEsyMMJjxNH2/yh+5WzikHh
AApjQK/4lI9/d43BBqqc5J9kTTnUgFJU9nVilL9rHk3xjHIxnSTG0bsgb+GZu6NU
QL/YvdoJGfKqxNtJRtnjYuqS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:51 2024 by rpki-client on console-ams.rpki-client.org