Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/PSJzhvzWlR3OqcT6t4_YnQiqDus.roa
File: PSJzhvzWlR3OqcT6t4_YnQiqDus.roa (raw, json)
Hash identifier: flg2W4e5gkqpjGwtNZE3pbSC5ogfwLD/HsXJWbvC3QE=
Subject key identifier: 3D:22:73:86:FC:D6:95:1D:CE:A9:C4:FA:B7:8F:D8:9D:08:AA:0E:EB
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 018C2A4FCB3C1D06BF52CE496386DB39FDA8
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/PSJzhvzWlR3OqcT6t4_YnQiqDus.roa
Signing time: Sat 02 Dec 2023 11:35:21 +0000
ROA not before: Sat 02 Dec 2023 11:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57172
IP address blocks: 213.152.160.0/19 maxlen: 19
109.202.96.0/24 maxlen: 24
109.202.96.0/21 maxlen: 21
109.202.97.0/24 maxlen: 24
213.152.182.0/24 maxlen: 24
188.95.48.0/21 maxlen: 21
188.95.50.0/24 maxlen: 24
37.123.208.0/24 maxlen: 24
37.123.208.0/23 maxlen: 23
188.95.54.0/24 maxlen: 24
188.95.55.0/24 maxlen: 24
109.232.224.0/21 maxlen: 21
109.232.226.0/24 maxlen: 24
2a00:1678::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:4f:cb:3c:1d:06:bf:52:ce:49:63:86:db:39:fd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Dec 2 11:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d227386fcd6951dcea9c4fab78fd89d08aa0eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:37:bd:d9:6e:c1:26:27:2b:cb:85:e9:59:8d:
de:6d:fe:6f:10:40:29:b1:f9:5c:11:7a:ed:a0:d8:
4b:d6:e6:b5:d4:9a:80:6e:ea:19:c5:16:8c:97:cf:
95:37:51:17:46:39:7d:68:09:13:a9:a6:6c:61:40:
cd:82:f1:9f:28:1e:94:16:dc:7e:50:e1:0b:82:fb:
09:5b:a0:82:20:88:e6:1d:28:cb:cf:6f:ec:5d:cc:
3b:2c:de:09:59:00:c0:ef:6b:10:50:6e:be:42:1e:
04:fe:67:bf:09:8f:cb:32:f7:1a:15:1f:aa:75:a2:
98:1c:ac:dc:3d:79:f0:db:a6:b9:74:a9:55:9d:71:
f9:5c:a4:e4:d7:12:e2:7e:61:84:34:f4:a6:a2:de:
be:ba:8c:89:d4:ad:87:f7:6d:2d:24:f7:f0:02:cf:
a2:49:33:dc:ab:77:d3:88:ea:1e:94:80:b1:60:25:
71:65:d7:1d:48:a7:a4:ec:58:15:04:6e:1a:dd:81:
87:dd:db:a0:2f:a8:89:9f:7c:67:37:ca:ec:99:3c:
c7:f1:d6:91:04:9b:91:2e:18:3c:ec:df:8b:99:71:
77:05:35:5b:ca:2e:58:2c:4d:af:d3:93:25:ff:43:
f6:19:76:b5:df:e9:d3:8e:4e:9f:13:fa:99:a8:b1:
d7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:22:73:86:FC:D6:95:1D:CE:A9:C4:FA:B7:8F:D8:9D:08:AA:0E:EB
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/PSJzhvzWlR3OqcT6t4_YnQiqDus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.208.0/23
109.202.96.0/21
109.232.224.0/21
188.95.48.0/21
213.152.160.0/19
IPv6:
2a00:1678::/32
Signature Algorithm: sha256WithRSAEncryption
14:1e:3c:7a:12:d8:06:b4:43:e8:6d:2b:d7:49:ff:d4:7f:3c:
e9:39:09:da:85:85:8c:a8:51:4d:72:a8:12:e7:2f:ba:13:a9:
aa:2b:b0:17:68:dc:6d:b1:62:a9:8a:54:aa:9e:83:1a:5e:d5:
f9:a4:c5:47:3a:ad:9b:c3:35:62:2e:86:e0:1c:77:30:5e:67:
ed:9a:7c:c6:cd:a6:85:8b:10:70:76:42:2c:fe:e1:37:12:cc:
d5:a7:9e:25:41:d9:07:2c:f9:ac:41:5b:86:1f:ec:8d:70:5f:
81:01:b7:39:4c:71:9f:49:48:80:c0:68:1a:81:e4:60:23:cc:
95:ba:bf:e9:55:d6:f9:21:b3:22:1e:8b:d6:62:7d:85:23:cd:
55:48:1f:06:6b:5d:2a:68:0b:7a:36:bb:d9:a3:8a:d2:ce:3c:
5d:bf:e7:9b:86:c8:5a:f0:ea:ca:2f:f2:b1:32:2b:42:78:f5:
c4:ab:fc:a5:e0:9d:e7:04:08:1b:52:3b:ba:56:7d:73:e1:6d:
8f:c5:fb:f9:87:35:9e:86:b0:a1:6b:80:e6:bb:bd:e1:9f:ae:
5c:4e:e1:e2:94:25:4f:c5:a0:ac:0f:47:68:ac:ec:fd:30:32:
89:ef:f6:18:7b:22:18:f6:db:68:87:70:e0:ba:f3:a7:3f:49:
b0:24:be:3d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYwqT8s8HQa/Us5JY4bbOf2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjMxMjAyMTEzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDIyNzM4NmZjZDY5NTFkY2VhOWM0ZmFiNzhmZDg5ZDA4YWEwZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDe92W7BJicry4XpWY3ebf5vEEAp
sflcEXrtoNhL1ua11JqAbuoZxRaMl8+VN1EXRjl9aAkTqaZsYUDNgvGfKB6UFtx+
UOELgvsJW6CCIIjmHSjLz2/sXcw7LN4JWQDA72sQUG6+Qh4E/me/CY/LMvcaFR+q
daKYHKzcPXnw26a5dKlVnXH5XKTk1xLifmGENPSmot6+uoyJ1K2H920tJPfwAs+i
STPcq3fTiOoelICxYCVxZdcdSKek7FgVBG4a3YGH3dugL6iJn3xnN8rsmTzH8daR
BJuRLhg87N+LmXF3BTVbyi5YLE2v05Ml/0P2GXa13+nTjk6fE/qZqLHXOwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD0ic4b81pUdzqnE+reP2J0Iqg7rMB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvUFNKemh2eldsUjNPcWNUNnQ0X1luUWlxRHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBJXvQAwQD
bcpgAwQDbejgAwQDvF8wAwQF1ZigMA0EAgACMAcDBQAqABZ4MA0GCSqGSIb3DQEB
CwUAA4IBAQAUHjx6EtgGtEPobSvXSf/UfzzpOQnahYWMqFFNcqgS5y+6E6mqK7AX
aNxtsWKpilSqnoMaXtX5pMVHOq2bwzViLobgHHcwXmftmnzGzaaFixBwdkIs/uE3
EszVp54lQdkHLPmsQVuGH+yNcF+BAbc5THGfSUiAwGgageRgI8yVur/pVdb5IbMi
HovWYn2FI81VSB8Ga10qaAt6NrvZo4rSzjxdv+ebhsha8OrKL/KxMitCePXEq/yl
4J3nBAgbUju6Vn1z4W2Pxfv5hzWehrCha4Dmu73hn65cTuHilCVPxaCsD0dorOz9
MDKJ7/YYeyIY9ttoh3DguvOnP0mwJL49
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:46 2024 by rpki-client on console-ams.rpki-client.org