Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/PSQnbPcLd8jxskJ-64UsfadrFR4.roa
File: PSQnbPcLd8jxskJ-64UsfadrFR4.roa (raw, json)
Hash identifier: eVhptSgQAS5oMgu42+8byHv0hNPma37xV4xLJL20cbw=
Subject key identifier: 3D:24:27:6C:F7:0B:77:C8:F1:B2:42:7E:EB:85:2C:7D:A7:6B:15:1E
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 0193E2A6E3CBE12AE89801F0F71FA6C03290
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/PSQnbPcLd8jxskJ-64UsfadrFR4.roa
Signing time: Fri 20 Dec 2024 06:00:08 +0000
ROA not before: Fri 20 Dec 2024 06:00:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28761
IP address blocks: 91.224.30.0/23 maxlen: 23
91.232.116.0/24 maxlen: 24
91.232.118.0/23 maxlen: 23
185.76.80.0/24 maxlen: 24
188.191.16.0/22 maxlen: 22
188.191.16.0/24 maxlen: 24
188.191.17.0/24 maxlen: 24
188.191.18.0/24 maxlen: 24
188.191.19.0/24 maxlen: 24
188.191.24.0/24 maxlen: 24
188.191.25.0/24 maxlen: 24
188.191.26.0/24 maxlen: 24
188.191.27.0/24 maxlen: 24
193.188.254.0/24 maxlen: 24
194.140.228.0/24 maxlen: 24
195.26.80.0/24 maxlen: 24
195.26.81.0/24 maxlen: 24
195.26.82.0/23 maxlen: 23
195.49.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e2:a6:e3:cb:e1:2a:e8:98:01:f0:f7:1f:a6:c0:32:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Dec 20 06:00:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d24276cf70b77c8f1b2427eeb852c7da76b151e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9e:4c:53:59:ca:ea:00:25:a1:49:18:4e:7d:
68:33:33:b0:be:c5:31:fa:36:ed:ff:31:8d:3d:fa:
7b:31:a0:a6:f1:6b:9d:e6:31:86:1e:01:05:83:82:
39:17:a2:b0:13:3a:f2:76:e4:15:8a:3b:95:8b:e3:
a3:49:33:51:37:e4:b9:25:4f:cd:1b:30:a3:78:fa:
f7:22:9a:88:e3:a1:40:f5:9b:dd:08:06:5a:14:af:
d8:b7:96:5c:66:0e:6d:a3:d8:23:d4:46:0d:4c:1c:
31:95:14:89:a6:06:bf:b9:39:13:c7:f2:9c:aa:80:
ff:57:05:e0:2e:db:2f:c8:23:0a:09:65:c9:0f:f8:
00:a9:8e:73:3b:06:17:ad:2d:23:6d:c1:8e:cb:2e:
43:b4:01:35:1c:10:2f:e6:d6:34:64:b3:20:66:6f:
ee:a8:ad:ab:a1:e5:85:e0:60:3a:b0:fb:8e:e2:39:
25:53:cb:0d:6c:71:37:af:2b:23:8d:8f:c9:5b:13:
5a:5c:8d:23:44:01:07:c5:f0:f7:e2:c2:56:fe:ca:
df:9c:a7:92:35:d1:43:45:ba:87:94:b4:df:fb:24:
6c:b6:04:1d:9b:a7:61:14:bb:b2:7f:1f:be:ac:75:
12:ff:e5:68:53:da:8c:a3:ca:3f:e5:81:e7:2f:a4:
29:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:24:27:6C:F7:0B:77:C8:F1:B2:42:7E:EB:85:2C:7D:A7:6B:15:1E
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/PSQnbPcLd8jxskJ-64UsfadrFR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.30.0/23
91.232.116.0/24
91.232.118.0/23
185.76.80.0/24
188.191.16.0/22
188.191.24.0/22
193.188.254.0/24
194.140.228.0/24
195.26.80.0/22
195.49.204.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:a6:7c:8f:c2:f7:b5:7d:6b:8b:8b:6f:34:e8:6e:55:c1:a8:
c6:49:04:34:f2:58:56:3a:f0:b4:78:de:f1:6a:b5:f1:ec:7b:
8e:98:cb:01:4b:d5:e2:97:91:2c:b2:30:23:ce:dd:ce:91:88:
d3:6e:b1:bc:01:67:b9:b7:72:1a:35:8e:6d:a2:6f:f6:72:1d:
0e:90:c9:48:e3:a6:9b:34:ee:13:da:39:98:0e:59:a8:83:12:
8a:d0:d9:3e:2b:6f:92:c9:d8:e0:ac:68:01:8e:e7:23:24:a3:
6d:8c:7b:e9:cd:b4:c4:c9:37:a9:47:a8:08:a2:fb:9d:c0:ed:
93:2f:32:64:bc:42:02:af:82:37:8e:7c:8b:0a:ed:b4:37:4d:
68:db:0a:81:3c:48:43:15:39:88:11:64:1e:48:a7:91:01:c8:
a9:46:8b:c3:36:ad:3b:cd:b4:f0:6f:ae:75:c3:7c:ad:44:d1:
98:a1:f6:2f:aa:67:46:03:af:d6:9b:1a:6a:62:0c:05:ad:4f:
eb:fc:47:d5:d3:9b:f2:61:d0:a3:6d:25:29:8c:ce:c6:3f:86:
08:4a:00:3f:68:4d:59:d9:fa:de:1f:15:8b:24:c4:e6:e8:80:
7a:59:3c:6b:74:13:73:b2:4d:b6:25:02:b6:93:33:c6:7d:ed:
58:0c:fc:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZPipuPL4SromAHw9x+mwDKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQxMjIwMDYwMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDI0Mjc2Y2Y3MGI3N2M4ZjFiMjQyN2VlYjg1MmM3ZGE3NmIxNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ5MU1nK6gAloUkYTn1oMzOwvsUx
+jbt/zGNPfp7MaCm8Wud5jGGHgEFg4I5F6KwEzryduQVijuVi+OjSTNRN+S5JU/N
GzCjePr3IpqI46FA9ZvdCAZaFK/Yt5ZcZg5to9gj1EYNTBwxlRSJpga/uTkTx/Kc
qoD/VwXgLtsvyCMKCWXJD/gAqY5zOwYXrS0jbcGOyy5DtAE1HBAv5tY0ZLMgZm/u
qK2roeWF4GA6sPuO4jklU8sNbHE3rysjjY/JWxNaXI0jRAEHxfD34sJW/srfnKeS
NdFDRbqHlLTf+yRstgQdm6dhFLuyfx++rHUS/+VoU9qMo8o/5YHnL6Qp+QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFD0kJ2z3C3fI8bJCfuuFLH2naxUeMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvUFNRbmJQY0xkOGp4c2tKLTY0VXNmYWRyRlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBW+AeAwQA
W+h0AwQBW+h2AwQAuUxQAwQCvL8QAwQCvL8YAwQAwbz+AwQAwozkAwQCwxpQAwQB
wzHMMA0GCSqGSIb3DQEBCwUAA4IBAQANpnyPwve1fWuLi2806G5VwajGSQQ08lhW
OvC0eN7xarXx7HuOmMsBS9Xil5EssjAjzt3OkYjTbrG8AWe5t3IaNY5tom/2ch0O
kMlI46abNO4T2jmYDlmogxKK0Nk+K2+SydjgrGgBjucjJKNtjHvpzbTEyTepR6gI
ovudwO2TLzJkvEICr4I3jnyLCu20N01o2wqBPEhDFTmIEWQeSKeRAcipRovDNq07
zbTwb651w3ytRNGYofYvqmdGA6/WmxpqYgwFrU/r/EfV05vyYdCjbSUpjM7GP4YI
SgA/aE1Z2freHxWLJMTm6IB6WTxrdBNzsk22JQK2kzPGfe1YDPwJ
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:23:13 2025 by rpki-client