Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/PYE-hSjgZdP0D_XQ2LcrtrQUhnQ.roa
File: PYE-hSjgZdP0D_XQ2LcrtrQUhnQ.roa (raw, json)
Hash identifier: g+2T+BIJZ4/ib3PZzT3DNJE0ANgyx15ZNFwnCQ0Q/rc=
Subject key identifier: 3D:81:3E:85:28:E0:65:D3:F4:0F:F5:D0:D8:B7:2B:B6:B4:14:86:74
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 018823C5EC076AD85DCCCB49128813351E97
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/PYE-hSjgZdP0D_XQ2LcrtrQUhnQ.roa
Signing time: Tue 16 May 2023 08:55:53 +0000
ROA not before: Tue 16 May 2023 08:55:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25317
IP address blocks: 213.244.56.0/21 maxlen: 21
213.244.38.0/24 maxlen: 24
213.244.37.0/24 maxlen: 24
213.244.35.0/24 maxlen: 24
213.244.34.0/24 maxlen: 24
213.244.36.0/24 maxlen: 24
213.244.33.0/24 maxlen: 24
213.244.32.0/24 maxlen: 24
213.244.39.0/24 maxlen: 24
213.244.44.0/22 maxlen: 22
213.244.48.0/21 maxlen: 21
2a0a:6840::/30 maxlen: 30
2a0a:6844::/30 maxlen: 30
Validation: Failed, certificate revoked on Fri 26 May 2023 04:08:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:c5:ec:07:6a:d8:5d:cc:cb:49:12:88:13:35:1e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: May 16 08:55:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d813e8528e065d3f40ff5d0d8b72bb6b4148674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:af:df:2a:55:26:ca:c9:b0:b9:66:97:2a:a8:
ab:2a:ed:1a:17:8d:37:16:b3:a8:ac:41:68:23:21:
5e:ff:3f:fc:17:c0:db:8a:89:58:a0:12:4a:b3:a3:
3b:d8:2b:38:18:a6:7e:55:e4:37:70:7f:6b:e0:51:
72:a4:d7:ad:33:01:94:5d:80:1b:91:07:52:af:57:
77:9a:4a:19:37:44:35:d0:e8:09:36:27:bf:4b:45:
d8:d1:e1:83:c0:b4:f0:fa:99:17:9e:75:1c:90:e1:
10:21:4f:96:58:7e:4b:45:e4:cf:41:00:6f:06:3d:
e6:74:7c:35:a1:a5:2a:cf:1a:a2:2b:31:e4:aa:5e:
42:f5:76:5d:64:ed:92:79:77:60:16:1e:68:e7:27:
a8:ba:dc:92:db:be:bc:28:66:7d:36:f3:02:d5:69:
2d:dc:1c:bf:50:40:d4:72:b2:ab:35:34:02:92:c1:
f5:e7:9a:4b:20:35:91:26:99:0f:22:32:52:d3:77:
fe:9b:cd:33:20:a8:d7:84:fb:2e:78:2e:af:f0:e6:
7c:41:54:7d:58:8e:e2:13:79:d8:4f:bd:c1:ba:de:
48:cf:e9:42:bc:2c:02:92:58:21:02:d5:34:86:b7:
6e:8b:e7:d4:b5:98:7c:e7:1b:b2:be:91:36:fb:40:
76:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:81:3E:85:28:E0:65:D3:F4:0F:F5:D0:D8:B7:2B:B6:B4:14:86:74
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/PYE-hSjgZdP0D_XQ2LcrtrQUhnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.244.32.0/21
213.244.44.0-213.244.63.255
IPv6:
2a0a:6840::/29
Signature Algorithm: sha256WithRSAEncryption
9a:7e:90:6a:4e:e8:1c:6b:ea:cf:fc:73:dd:59:3b:90:e6:73:
11:1e:16:b8:7e:d4:53:37:76:4f:4b:04:8c:0b:2f:7b:46:67:
ee:db:16:f9:4f:be:aa:e5:73:b8:ab:13:fb:ee:32:a8:ff:71:
22:d9:54:13:5a:1b:8a:e4:e8:8a:14:45:50:17:d5:5b:3e:70:
e8:e0:8a:49:93:4b:7c:12:02:a4:e6:f3:e0:7e:6b:78:f3:e6:
60:fa:72:d9:df:38:9c:40:26:81:06:9c:d8:51:61:99:1d:d8:
ce:2c:c2:65:c2:e4:e7:7a:78:10:a7:42:5e:9b:2e:1c:f7:b6:
cb:a1:6d:75:2e:50:eb:4e:53:d9:7d:17:7f:14:df:9f:e8:e9:
95:93:b1:ba:c5:92:85:dc:bd:06:4b:d3:f0:20:57:45:54:bb:
87:f6:3f:6b:11:df:d6:57:2a:d1:ed:10:9b:36:40:04:9c:9a:
68:97:88:f7:0b:6c:d9:5d:c5:ef:13:c1:5b:db:9d:c5:9a:f6:
f4:f3:1c:70:9d:f2:ca:83:a5:be:d6:fa:76:3c:53:15:0f:7c:
6b:89:82:cd:a9:ed:7f:df:4b:38:3b:c5:fd:25:c7:1b:60:3a:
ab:e0:bc:ae:0f:56:ce:52:5f:2b:85:a0:19:e8:78:8e:9c:4b:
03:c7:5a:4a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYgjxewHathdzMtJEogTNR6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMwNTE2MDg1NTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgxM2U4NTI4ZTA2NWQzZjQwZmY1ZDBkOGI3MmJiNmI0MTQ4Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq/fKlUmysmwuWaXKqirKu0aF403
FrOorEFoIyFe/z/8F8DbiolYoBJKs6M72Cs4GKZ+VeQ3cH9r4FFypNetMwGUXYAb
kQdSr1d3mkoZN0Q10OgJNie/S0XY0eGDwLTw+pkXnnUckOEQIU+WWH5LReTPQQBv
Bj3mdHw1oaUqzxqiKzHkql5C9XZdZO2SeXdgFh5o5yeoutyS2768KGZ9NvMC1Wkt
3By/UEDUcrKrNTQCksH155pLIDWRJpkPIjJS03f+m80zIKjXhPsueC6v8OZ8QVR9
WI7iE3nYT73But5Iz+lCvCwCklghAtU0hrdui+fUtZh85xuyvpE2+0B2PwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD2BPoUo4GXT9A/10Ni3K7a0FIZ0MB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvUFlFLWhTamdaZFAwRF9YUTJMY3J0clFVaG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQD1fQgMAwD
BALV9CwDBAbV9AAwDQQCAAIwBwMFAyoKaEAwDQYJKoZIhvcNAQELBQADggEBAJp+
kGpO6Bxr6s/8c91ZO5DmcxEeFrh+1FM3dk9LBIwLL3tGZ+7bFvlPvqrlc7irE/vu
Mqj/cSLZVBNaG4rk6IoURVAX1Vs+cOjgikmTS3wSAqTm8+B+a3jz5mD6ctnfOJxA
JoEGnNhRYZkd2M4swmXC5Od6eBCnQl6bLhz3tsuhbXUuUOtOU9l9F38U35/o6ZWT
sbrFkoXcvQZL0/AgV0VUu4f2P2sR39ZXKtHtEJs2QAScmmiXiPcLbNldxe8TwVvb
ncWa9vTzHHCd8sqDpb7W+nY8UxUPfGuJgs2p7X/fSzg7xf0lxxtgOqvgvK4PVs5S
XyuFoBnoeI6cSwPHWko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:19 2024 by rpki-client on console-ams.rpki-client.org