Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/Pq3eC4XS4C4dxDbvBLZ3y5m7UW8.roa
File: Pq3eC4XS4C4dxDbvBLZ3y5m7UW8.roa (raw, json)
Hash identifier: T1DrgE/BTBk/4Nq40sUpT2X9Uy2PiBIxcDl17aA8ZPs=
Subject key identifier: 3E:AD:DE:0B:85:D2:E0:2E:1D:C4:36:EF:04:B6:77:CB:99:BB:51:6F
Certificate issuer: /CN=5920d670649a4a4a9cb2e66772170741adf7c51a
Certificate serial: 01856CC1450A5BB1BE054AF91DA73DC81A0D
Authority key identifier: 59:20:D6:70:64:9A:4A:4A:9C:B2:E6:67:72:17:07:41:AD:F7:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WSDWcGSaSkqcsuZnchcHQa33xRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/Pq3eC4XS4C4dxDbvBLZ3y5m7UW8.roa
Signing time: Sun 01 Jan 2023 09:54:43 +0000
ROA not before: Sun 01 Jan 2023 09:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 194.59.152.0/23 maxlen: 23
194.59.152.0/24 maxlen: 24
194.49.21.0/24 maxlen: 24
194.59.154.0/24 maxlen: 24
194.59.153.0/24 maxlen: 24
2001:67c:2950::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:45:0a:5b:b1:be:05:4a:f9:1d:a7:3d:c8:1a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5920d670649a4a4a9cb2e66772170741adf7c51a
Validity
Not Before: Jan 1 09:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eadde0b85d2e02e1dc436ef04b677cb99bb516f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9a:c4:5e:53:3f:35:4e:b4:10:8b:d2:01:24:
3e:29:df:01:13:8b:9d:7d:92:09:fb:c6:ca:03:38:
d5:94:f3:fe:b7:87:43:25:a3:9f:c7:d5:61:40:b0:
0e:00:0d:a6:17:b9:1e:1e:8c:54:3d:08:41:a3:cf:
f2:da:66:93:c8:1f:89:6c:7d:fa:70:55:9f:ca:4a:
36:ec:8e:a8:78:fe:eb:34:28:ca:b9:15:e3:1c:81:
63:70:a1:f0:6e:98:61:43:6c:a1:c8:44:d0:eb:70:
7d:14:49:05:4e:95:1d:60:7b:99:3c:ff:f7:5c:02:
48:b4:95:23:5c:1e:1b:94:fc:17:8a:a0:67:84:f3:
ac:c2:e7:00:93:e2:74:fb:b1:1f:6e:65:13:22:ec:
0d:20:aa:88:1c:a6:54:13:73:c1:1b:7a:f4:ad:8f:
f0:8f:8b:ad:08:c8:8f:ac:58:f2:f8:a2:57:48:b6:
0d:63:f9:cb:cf:61:d6:e0:32:b7:dc:22:87:99:e2:
c1:ac:8d:37:e9:81:f8:17:4b:19:47:db:a0:47:48:
9d:34:79:70:79:f1:95:20:b2:bb:0f:0b:c8:b0:d8:
a8:44:ee:17:c9:bf:7b:11:5b:41:b7:e1:fc:e5:4c:
02:90:84:3a:44:bd:9a:dd:73:33:92:72:0b:ff:f6:
c1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AD:DE:0B:85:D2:E0:2E:1D:C4:36:EF:04:B6:77:CB:99:BB:51:6F
X509v3 Authority Key Identifier:
keyid:59:20:D6:70:64:9A:4A:4A:9C:B2:E6:67:72:17:07:41:AD:F7:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WSDWcGSaSkqcsuZnchcHQa33xRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/Pq3eC4XS4C4dxDbvBLZ3y5m7UW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/2b8e6d-a2c8-4e7d-96ca-ac764c952357/1/WSDWcGSaSkqcsuZnchcHQa33xRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.21.0/24
194.59.152.0-194.59.154.255
IPv6:
2001:67c:2950::/48
Signature Algorithm: sha256WithRSAEncryption
2b:5c:24:bd:6f:0c:04:e1:9e:1e:ff:7a:4d:4d:fa:4f:22:72:
38:4c:b9:ad:75:2c:71:c0:a2:d7:84:10:27:8a:50:73:87:45:
c8:02:b2:67:52:4c:bd:58:7c:d9:4a:c6:9b:fa:9c:a8:e0:aa:
10:77:ae:13:aa:9f:96:2b:93:d6:58:27:1c:2b:75:a0:55:f0:
18:9e:63:b5:9b:26:de:58:f4:62:79:d2:ec:e9:20:72:64:33:
60:3e:ae:1c:96:f7:22:aa:fa:b2:38:c6:93:13:14:71:89:4c:
bc:5b:9e:d6:38:f8:91:59:b2:f1:8f:3a:79:f3:c8:7c:c6:a9:
b8:ea:7f:71:f7:29:85:1a:e2:e3:c6:f4:6d:b7:be:08:5f:e6:
c3:ac:92:c3:5a:a4:2e:47:24:02:ab:f1:b3:0e:6c:0d:7b:59:
d1:ce:7a:1e:a5:c4:26:d1:b1:b0:d4:f0:68:33:53:69:eb:fa:
fd:1b:36:f4:b8:81:a7:67:ee:06:7c:e7:86:71:a8:96:b5:9e:
26:96:e8:4a:b8:75:ff:da:a7:9c:fb:00:71:c8:fa:02:09:89:
61:43:18:06:90:66:70:47:18:1a:20:b7:cd:a1:19:3b:ea:1a:
66:be:db:04:0b:50:18:36:2e:bd:f3:fb:cb:a5:cb:68:be:be:
11:bf:1c:bf
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVswUUKW7G+BUr5Hac9yBoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MjBkNjcwNjQ5YTRhNGE5Y2IyZTY2NzcyMTcwNzQxYWRm
N2M1MWEwHhcNMjMwMTAxMDk1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWFkZGUwYjg1ZDJlMDJlMWRjNDM2ZWYwNGI2NzdjYjk5YmI1MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzprEXlM/NU60EIvSASQ+Kd8BE4ud
fZIJ+8bKAzjVlPP+t4dDJaOfx9VhQLAOAA2mF7keHoxUPQhBo8/y2maTyB+JbH36
cFWfyko27I6oeP7rNCjKuRXjHIFjcKHwbphhQ2yhyETQ63B9FEkFTpUdYHuZPP/3
XAJItJUjXB4blPwXiqBnhPOswucAk+J0+7EfbmUTIuwNIKqIHKZUE3PBG3r0rY/w
j4utCMiPrFjy+KJXSLYNY/nLz2HW4DK33CKHmeLBrI036YH4F0sZR9ugR0idNHlw
efGVILK7DwvIsNioRO4Xyb97EVtBt+H85UwCkIQ6RL2a3XMzknIL//bBZQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFD6t3guF0uAuHcQ27wS2d8uZu1FvMB8GA1UdIwQY
MBaAFFkg1nBkmkpKnLLmZ3IXB0Gt98UaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1NEV2NHU2FTa3Fjc3VabmNoY0hRYTMzeFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8yYjhlNmQtYTJjOC00ZTdkLTk2Y2Et
YWM3NjRjOTUyMzU3LzEvUHEzZUM0WFM0QzRkeERidkJMWjN5NW03VVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8yYjhlNmQtYTJjOC00ZTdkLTk2Y2EtYWM3NjRjOTUyMzU3
LzEvV1NEV2NHU2FTa3Fjc3VabmNoY0hRYTMzeFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAwjEVMAwD
BAPCO5gDBADCO5owDwQCAAIwCQMHACABBnwpUDANBgkqhkiG9w0BAQsFAAOCAQEA
K1wkvW8MBOGeHv96TU36TyJyOEy5rXUsccCi14QQJ4pQc4dFyAKyZ1JMvVh82UrG
m/qcqOCqEHeuE6qfliuT1lgnHCt1oFXwGJ5jtZsm3lj0YnnS7OkgcmQzYD6uHJb3
Iqr6sjjGkxMUcYlMvFue1jj4kVmy8Y86efPIfMapuOp/cfcphRri48b0bbe+CF/m
w6ySw1qkLkckAqvxsw5sDXtZ0c56HqXEJtGxsNTwaDNTaev6/Rs29LiBp2fuBnzn
hnGolrWeJpboSrh1/9qnnPsAccj6AgmJYUMYBpBmcEcYGiC3zaEZO+oaZr7bBAtQ
GDYuvfP7y6XLaL6+Eb8cvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:18 2024 by rpki-client on console-fra.rpki-client.org