Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/PsSjsthNFgcQKRVHMG--agYEAyM.roa
File: PsSjsthNFgcQKRVHMG--agYEAyM.roa (raw, json)
Hash identifier: 5lK0TVfUPx7nuCZIU1l9TdwnHhS8ucLme2eIE+WrRik=
Subject key identifier: 3E:C4:A3:B2:D8:4D:16:07:10:29:15:47:30:6F:BE:6A:06:04:03:23
Certificate issuer: /CN=d476b006351a2f9cf2a91386de50ce27f1550595
Certificate serial: 01856F30160BAC442F0488FC6AE261C4ACE9
Authority key identifier: D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/PsSjsthNFgcQKRVHMG--agYEAyM.roa
Signing time: Sun 01 Jan 2023 21:15:00 +0000
ROA not before: Sun 01 Jan 2023 21:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 178.239.96.0/20 maxlen: 24
195.12.0.0/19 maxlen: 24
195.74.128.0/19 maxlen: 24
164.40.208.0/20 maxlen: 24
212.58.32.0/19 maxlen: 24
185.13.140.0/22 maxlen: 24
84.252.192.0/18 maxlen: 24
146.255.0.0/20 maxlen: 24
213.83.64.0/18 maxlen: 24
94.250.224.0/20 maxlen: 24
62.8.96.0/19 maxlen: 24
5.102.80.0/20 maxlen: 24
37.152.32.0/20 maxlen: 24
213.246.128.0/18 maxlen: 24
2001:4160::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:16:0b:ac:44:2f:04:88:fc:6a:e2:61:c4:ac:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d476b006351a2f9cf2a91386de50ce27f1550595
Validity
Not Before: Jan 1 21:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ec4a3b2d84d160710291547306fbe6a06040323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:07:48:4e:e1:85:f2:fd:60:28:5c:45:77:50:
e3:b8:15:d3:93:dd:d2:01:2c:30:38:eb:77:d5:7b:
60:e3:0b:5b:7d:65:00:bb:bf:88:ae:b5:12:a0:61:
f2:51:f9:a0:ac:be:fd:3a:5f:ff:b0:77:a3:47:29:
c7:6e:a5:7d:07:fe:aa:a6:3f:52:13:e3:d2:4e:77:
91:2d:71:ee:bc:ce:93:fd:a9:fd:bd:e0:a7:6a:3c:
5d:42:35:59:68:62:36:1c:54:df:ca:3c:48:ee:6d:
a2:88:22:90:e3:2a:0b:fd:25:4e:a2:2c:b8:18:b1:
3c:b5:9d:08:1d:18:06:51:f6:2e:51:55:d6:9c:0a:
62:60:5e:da:a5:8b:bb:bd:73:b5:a0:15:dc:a6:c5:
76:6e:12:6a:0d:82:b8:fb:be:76:7e:83:87:2c:98:
ab:e4:4d:07:d4:ea:ac:2c:aa:4b:fb:8f:1a:77:3c:
70:e3:9f:2b:82:d3:a2:db:3b:36:3f:06:56:86:fe:
c2:2e:e0:16:71:2e:75:c0:04:64:01:6d:16:ca:95:
b2:a9:75:ea:a2:93:b8:1f:c1:ec:56:50:76:aa:f9:
63:74:02:5c:72:be:14:50:6d:a5:7c:a4:c7:d3:bd:
d5:9f:99:48:3c:27:5c:15:35:a9:b6:2e:57:52:ed:
c7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C4:A3:B2:D8:4D:16:07:10:29:15:47:30:6F:BE:6A:06:04:03:23
X509v3 Authority Key Identifier:
keyid:D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/PsSjsthNFgcQKRVHMG--agYEAyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/1HawBjUaL5zyqROG3lDOJ_FVBZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.80.0/20
37.152.32.0/20
62.8.96.0/19
84.252.192.0/18
94.250.224.0/20
146.255.0.0/20
164.40.208.0/20
178.239.96.0/20
185.13.140.0/22
195.12.0.0/19
195.74.128.0/19
212.58.32.0/19
213.83.64.0/18
213.246.128.0/18
IPv6:
2001:4160::/32
Signature Algorithm: sha256WithRSAEncryption
78:1d:7d:b7:97:fa:52:bd:be:3a:26:6f:3a:52:c3:88:4a:87:
1d:91:1c:ec:6f:bc:38:db:1b:64:4e:f1:28:97:da:3e:f3:53:
b3:74:41:38:9d:dc:be:61:c8:2c:f9:3c:37:c0:26:e0:12:ed:
30:9d:c1:0d:3c:8d:c3:13:49:a5:af:3a:f2:aa:ba:c2:97:b6:
87:8e:16:55:83:f7:21:41:a3:f6:16:8e:11:d7:1a:05:02:f9:
ef:3a:65:3d:b3:12:46:21:4b:1b:27:06:ea:ad:83:b9:1b:de:
c9:7f:be:9e:fc:96:dc:52:64:bc:db:30:06:00:80:52:82:f7:
f7:16:f9:c2:46:2d:fe:d4:9c:bd:72:e9:0a:ef:ff:7d:18:94:
34:0e:8d:12:19:39:a2:09:a4:2a:89:ba:59:07:21:eb:c6:bf:
15:69:aa:39:04:97:f6:d8:c5:5e:48:cd:1b:3b:64:ed:a9:fd:
d6:48:f3:53:a4:45:01:d0:b9:19:1c:f3:00:2c:e5:4b:ce:cb:
16:a2:5e:56:07:ef:0d:77:06:be:2a:30:31:cc:34:96:0f:6e:
13:c7:e1:64:3e:5e:27:4b:f6:7f:c0:c3:62:4d:76:aa:1d:64:
dd:c5:0d:3c:24:8e:cc:66:3f:0c:0e:c6:01:45:11:b6:b5:40:
d0:87:8b:de
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYVvMBYLrEQvBIj8auJhxKzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzZiMDA2MzUxYTJmOWNmMmE5MTM4NmRlNTBjZTI3ZjE1
NTA1OTUwHhcNMjMwMTAxMjExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWM0YTNiMmQ4NGQxNjA3MTAyOTE1NDczMDZmYmU2YTA2MDQwMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngdITuGF8v1gKFxFd1DjuBXTk93S
ASwwOOt31Xtg4wtbfWUAu7+IrrUSoGHyUfmgrL79Ol//sHejRynHbqV9B/6qpj9S
E+PSTneRLXHuvM6T/an9veCnajxdQjVZaGI2HFTfyjxI7m2iiCKQ4yoL/SVOoiy4
GLE8tZ0IHRgGUfYuUVXWnApiYF7apYu7vXO1oBXcpsV2bhJqDYK4+752foOHLJir
5E0H1OqsLKpL+48adzxw458rgtOi2zs2PwZWhv7CLuAWcS51wARkAW0WypWyqXXq
opO4H8HsVlB2qvljdAJccr4UUG2lfKTH073Vn5lIPCdcFTWpti5XUu3HkQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFD7Eo7LYTRYHECkVRzBvvmoGBAMjMB8GA1UdIwQY
MBaAFNR2sAY1Gi+c8qkTht5QzifxVQWVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhhd0JqVWFMNXp5cVJPRzNsRE9KX0ZWQlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjIwN2YtN2UzNC00MjkyLWIxNGEt
NDRjMDdmMzE0OTA0LzEvUHNTanN0aE5GZ2NRS1JWSE1HLS1hZ1lFQXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjIwN2YtN2UzNC00MjkyLWIxNGEtNDRjMDdmMzE0OTA0
LzEvMUhhd0JqVWFMNXp5cVJPRzNsRE9KX0ZWQlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEBWZQAwQE
JZggAwQFPghgAwQGVPzAAwQEXvrgAwQEkv8AAwQEpCjQAwQEsu9gAwQCuQ2MAwQF
wwwAAwQFw0qAAwQF1DogAwQG1VNAAwQG1faAMA0EAgACMAcDBQAgAUFgMA0GCSqG
SIb3DQEBCwUAA4IBAQB4HX23l/pSvb46Jm86UsOISocdkRzsb7w42xtkTvEol9o+
81OzdEE4ndy+Ycgs+Tw3wCbgEu0wncENPI3DE0mlrzryqrrCl7aHjhZVg/chQaP2
Fo4R1xoFAvnvOmU9sxJGIUsbJwbqrYO5G97Jf76e/JbcUmS82zAGAIBSgvf3FvnC
Ri3+1Jy9cukK7/99GJQ0Do0SGTmiCaQqibpZByHrxr8Vaao5BJf22MVeSM0bO2Tt
qf3WSPNTpEUB0LkZHPMALOVLzssWol5WB+8Ndwa+KjAxzDSWD24Tx+FkPl4nS/Z/
wMNiTXaqHWTdxQ08JI7MZj8MDsYBRRG2tUDQh4ve
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:03 2024 by rpki-client on console-fra.rpki-client.org