Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/PsNzA9iSCdSfmM-I1GHz83l9sB4.roa
File: PsNzA9iSCdSfmM-I1GHz83l9sB4.roa (raw, json)
Hash identifier: 1Y1zujdD8000o7E3lV0Fz/FH2nSBPXjYuAJ9Z4+8eE4=
Subject key identifier: 3E:C3:73:03:D8:92:09:D4:9F:98:CF:88:D4:61:F3:F3:79:7D:B0:1E
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 018571279E6CE3D519B89B45EC7D2402428A
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/PsNzA9iSCdSfmM-I1GHz83l9sB4.roa
Signing time: Mon 02 Jan 2023 06:24:59 +0000
ROA not before: Mon 02 Jan 2023 06:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34615
IP address blocks: 192.109.30.0/24 maxlen: 24
192.109.37.0/24 maxlen: 24
192.109.38.0/24 maxlen: 24
2a0f:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 28 Aug 2023 14:54:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:9e:6c:e3:d5:19:b8:9b:45:ec:7d:24:02:42:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Jan 2 06:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ec37303d89209d49f98cf88d461f3f3797db01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b1:99:d7:c9:28:98:08:4b:10:89:ad:d3:ba:
26:df:e5:6e:2f:8d:a1:4c:5c:82:0a:5b:a9:df:c8:
c8:ad:bd:e1:a1:fc:fa:8c:94:82:ea:78:b3:3c:4f:
c4:3c:61:6e:a1:b0:d1:22:57:a6:e8:3b:7b:57:c4:
fd:5e:ea:b2:ca:e2:71:64:fd:c8:d1:19:eb:8d:66:
51:61:50:cd:78:44:74:0c:ec:fd:87:8a:98:25:a8:
71:4f:e1:26:d3:61:a6:1e:15:68:6d:90:98:46:20:
02:54:19:20:aa:c3:b2:f7:78:ee:7b:08:8b:76:31:
58:54:1c:02:c4:2f:74:91:27:d4:ce:25:f1:73:1b:
7c:5e:78:e4:aa:5c:1b:a2:94:ec:23:28:0a:35:c5:
b5:31:59:55:d2:cc:8a:75:e0:cf:4d:07:26:20:a0:
b1:c2:42:4f:87:80:18:ac:f4:24:92:19:48:aa:f6:
c6:5f:69:02:7e:d0:e8:0c:80:f2:94:e2:aa:b7:10:
11:ef:aa:2c:61:aa:ec:2c:bc:aa:0a:3c:16:8c:54:
c1:7c:15:52:26:77:3a:49:7a:6f:5b:6e:3a:f0:2b:
8d:89:e6:3a:b6:de:77:de:2c:35:2e:e8:86:99:40:
9b:41:f1:a6:3c:ba:fc:43:bb:e1:6e:cf:99:a8:74:
85:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C3:73:03:D8:92:09:D4:9F:98:CF:88:D4:61:F3:F3:79:7D:B0:1E
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/PsNzA9iSCdSfmM-I1GHz83l9sB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.30.0/24
192.109.37.0-192.109.38.255
IPv6:
2a0f:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
53:3f:38:d5:d1:e9:da:b3:28:0c:53:25:55:8c:b6:0a:95:bd:
d5:4c:07:d9:4a:3b:63:43:56:2c:5c:41:b6:c5:07:25:3f:c4:
17:73:15:2d:1b:f5:9c:1b:63:3c:7c:fe:94:a3:db:3b:e3:8c:
0b:31:b9:f4:ed:b9:70:6c:4a:29:6b:37:df:48:ed:79:41:5f:
90:e7:db:23:dd:14:59:61:58:40:e2:42:f1:00:a0:40:b3:06:
a5:22:00:a5:3d:d1:5e:34:52:07:8f:4b:cc:72:53:e5:ef:76:
13:17:d8:89:b7:32:8f:b3:ea:5f:d7:2f:60:db:33:fa:36:a0:
ff:e0:03:16:22:da:c0:5d:32:df:1d:76:f9:a1:93:ed:8a:e4:
ce:d5:69:61:2f:77:4c:d4:28:49:19:4d:28:28:c7:71:73:9f:
84:6c:f8:18:92:5e:6c:a6:3a:e1:da:9e:af:29:ae:c5:3d:fc:
d6:a3:b0:be:4e:5c:5b:a6:be:f9:e8:c3:e1:d5:73:ae:95:aa:
54:16:be:7b:69:dc:85:e0:8d:8a:0f:82:d1:19:0a:ff:b6:37:
00:cd:67:71:1f:89:8b:a9:6e:bb:b5:fe:8e:e5:46:dc:3c:cd:
bf:7f:b4:dc:98:5d:02:95:4f:ad:bd:7a:a8:2b:33:64:40:78:
4c:26:67:88
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxJ55s49UZuJtF7H0kAkKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjMwMTAyMDYyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWMzNzMwM2Q4OTIwOWQ0OWY5OGNmODhkNDYxZjNmMzc5N2RiMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbGZ18komAhLEImt07om3+VuL42h
TFyCClup38jIrb3hofz6jJSC6nizPE/EPGFuobDRIlem6Dt7V8T9XuqyyuJxZP3I
0RnrjWZRYVDNeER0DOz9h4qYJahxT+Em02GmHhVobZCYRiACVBkgqsOy93juewiL
djFYVBwCxC90kSfUziXxcxt8XnjkqlwbopTsIygKNcW1MVlV0syKdeDPTQcmIKCx
wkJPh4AYrPQkkhlIqvbGX2kCftDoDIDylOKqtxAR76osYarsLLyqCjwWjFTBfBVS
Jnc6SXpvW2468CuNieY6tt533iw1LuiGmUCbQfGmPLr8Q7vhbs+ZqHSF+QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD7DcwPYkgnUn5jPiNRh8/N5fbAeMB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvUHNOekE5aVNDZFNmbU0tSTFHSHo4M2w5c0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAwG0eMAwD
BADAbSUDBADAbSYwDQQCAAIwBwMFAyoPbEAwDQYJKoZIhvcNAQELBQADggEBAFM/
ONXR6dqzKAxTJVWMtgqVvdVMB9lKO2NDVixcQbbFByU/xBdzFS0b9ZwbYzx8/pSj
2zvjjAsxufTtuXBsSilrN99I7XlBX5Dn2yPdFFlhWEDiQvEAoECzBqUiAKU90V40
UgePS8xyU+XvdhMX2Im3Mo+z6l/XL2DbM/o2oP/gAxYi2sBdMt8ddvmhk+2K5M7V
aWEvd0zUKEkZTSgox3Fzn4Rs+BiSXmymOuHanq8prsU9/NajsL5OXFumvvnow+HV
c66VqlQWvntp3IXgjYoPgtEZCv+2NwDNZ3EfiYupbru1/o7lRtw8zb9/tNyYXQKV
T629eqgrM2RAeEwmZ4g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:57 2024 by rpki-client on console-ams.rpki-client.org