Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/PWRYhvNgaiio24H_QdlIe7fYU0s.roa
File: PWRYhvNgaiio24H_QdlIe7fYU0s.roa (raw, json)
Hash identifier: LUFe0wkzMhZDYOIm8pjDu4679lg8088kdkDa6gujiMY=
Subject key identifier: 3D:64:58:86:F3:60:6A:28:A8:DB:81:FF:41:D9:48:7B:B7:D8:53:4B
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018BA8F25AD279020B8343052CD21355CBC9
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/PWRYhvNgaiio24H_QdlIe7fYU0s.roa
Signing time: Tue 07 Nov 2023 08:42:17 +0000
ROA not before: Tue 07 Nov 2023 08:42:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3216
IP address blocks: 195.209.160.0/20 maxlen: 20
194.85.128.0/19 maxlen: 19
194.85.129.0/28 maxlen: 28
194.85.129.16/28 maxlen: 28
194.85.154.0/24 maxlen: 24
194.85.153.240/28 maxlen: 28
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:f2:5a:d2:79:02:0b:83:43:05:2c:d2:13:55:cb:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Nov 7 08:42:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d645886f3606a28a8db81ff41d9487bb7d8534b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:bd:c5:d4:98:a4:62:da:56:f4:94:60:62:f1:
12:66:43:cc:bb:13:60:10:88:10:cc:8a:55:ab:09:
86:15:54:24:e3:a4:c2:2e:9f:1b:78:1c:ac:b9:c2:
f4:38:da:b1:50:92:76:c9:e9:55:b0:16:dc:4d:f9:
23:47:98:5e:f4:d9:76:71:a9:12:c3:e3:d6:57:09:
be:04:c2:b8:43:71:13:11:7e:4c:12:cc:0c:0f:cd:
01:78:0c:45:28:0f:f5:c3:88:f4:9a:80:52:2b:cb:
2e:53:bc:68:3a:4a:96:1b:60:ca:aa:4a:68:06:72:
1b:00:9e:bd:b7:9f:29:f7:85:74:bd:46:33:77:6c:
bf:42:5f:3b:a8:aa:d9:35:4d:3b:b5:b3:9d:1a:53:
db:aa:be:8f:b4:ad:3a:a0:52:83:6b:c3:da:ab:09:
c1:b2:a8:4b:4b:8e:c5:54:30:20:da:06:e5:3d:73:
21:12:14:80:80:55:4f:bd:a1:fb:01:7c:14:ad:20:
2c:71:4e:ed:ef:d7:ec:6d:1f:0b:97:ee:7b:d5:0b:
e9:d7:4b:65:c3:21:0d:91:08:db:b4:99:f3:a4:86:
40:30:c2:43:b7:24:b7:22:3d:e3:8e:fb:2d:ef:ee:
c4:92:f2:b8:28:9b:86:73:29:2e:94:69:2e:c1:8a:
f4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:64:58:86:F3:60:6A:28:A8:DB:81:FF:41:D9:48:7B:B7:D8:53:4B
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/PWRYhvNgaiio24H_QdlIe7fYU0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.128.0/19
195.209.160.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:34:e9:96:cd:da:08:f4:8f:08:31:c2:85:9c:fa:e9:2f:a0:
54:27:1b:69:56:12:05:2f:3f:e1:f8:31:14:b7:ab:f2:49:c7:
3a:b4:34:cf:38:0e:d0:fd:83:02:72:cc:bc:44:99:c3:62:82:
ce:94:89:e7:e2:0e:b8:6e:1f:39:11:34:3a:43:af:5e:e5:9a:
34:22:d3:c2:13:0e:c4:a0:68:71:2b:11:0b:db:6d:5f:9a:8b:
57:33:95:fe:3b:ce:bf:c3:c5:65:bc:af:a1:b5:e1:09:9b:fa:
39:af:74:af:6c:d5:aa:12:5d:99:d9:c2:6f:f7:6f:1d:ea:ad:
85:7c:78:d8:47:72:9c:b5:3f:5f:b7:1d:b6:15:62:70:95:fa:
da:ed:d8:9b:c1:c9:f2:7d:77:74:ab:1c:b2:84:d3:f8:ae:bf:
68:f1:40:55:71:23:4c:42:5c:e1:f5:9c:75:d3:fc:65:fa:5b:
ce:8e:e4:b6:a9:1a:39:48:28:53:fe:85:6e:1b:88:e5:70:ca:
de:d1:ff:8d:c5:74:91:4a:1e:4c:32:69:96:ad:4f:9d:f6:5d:
86:63:ee:44:d1:91:c7:57:7f:fc:06:ac:c1:b2:91:a4:4b:54:
00:d2:73:ed:09:68:26:10:61:de:33:d0:87:c2:f6:e1:ac:5e:
a0:03:3f:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuo8lrSeQILg0MFLNITVcvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMxMTA3MDg0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY0NTg4NmYzNjA2YTI4YThkYjgxZmY0MWQ5NDg3YmI3ZDg1MzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh73F1JikYtpW9JRgYvESZkPMuxNg
EIgQzIpVqwmGFVQk46TCLp8beBysucL0ONqxUJJ2yelVsBbcTfkjR5he9Nl2cakS
w+PWVwm+BMK4Q3ETEX5MEswMD80BeAxFKA/1w4j0moBSK8suU7xoOkqWG2DKqkpo
BnIbAJ69t58p94V0vUYzd2y/Ql87qKrZNU07tbOdGlPbqr6PtK06oFKDa8PaqwnB
sqhLS47FVDAg2gblPXMhEhSAgFVPvaH7AXwUrSAscU7t79fsbR8Ll+571Qvp10tl
wyENkQjbtJnzpIZAMMJDtyS3Ij3jjvst7+7EkvK4KJuGcykulGkuwYr01QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1kWIbzYGooqNuB/0HZSHu32FNLMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvUFdSWWh2TmdhaWlvMjRIX1FkbEllN2ZZVTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFwlWAAwQE
w9GgMA0GCSqGSIb3DQEBCwUAA4IBAQAPNOmWzdoI9I8IMcKFnPrpL6BUJxtpVhIF
Lz/h+DEUt6vyScc6tDTPOA7Q/YMCcsy8RJnDYoLOlInn4g64bh85ETQ6Q69e5Zo0
ItPCEw7EoGhxKxEL221fmotXM5X+O86/w8VlvK+hteEJm/o5r3SvbNWqEl2Z2cJv
928d6q2FfHjYR3KctT9ftx22FWJwlfra7dibwcnyfXd0qxyyhNP4rr9o8UBVcSNM
Qlzh9Zx10/xl+lvOjuS2qRo5SChT/oVuG4jlcMre0f+NxXSRSh5MMmmWrU+d9l2G
Y+5E0ZHHV3/8BqzBspGkS1QA0nPtCWgmEGHeM9CHwvbhrF6gAz9x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org