Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/PYPCW8grLl6Uibft3Pa1ie1eLkQ.roa
File: PYPCW8grLl6Uibft3Pa1ie1eLkQ.roa (raw, json)
Hash identifier: AbwK5E9OUgjV3m9GVajlp2rPWoPDhNE7LodD9P41wjs=
Subject key identifier: 3D:83:C2:5B:C8:2B:2E:5E:94:89:B7:ED:DC:F6:B5:89:ED:5E:2E:44
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01921E4061F1464181E88B3432C240AA0E7E
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/PYPCW8grLl6Uibft3Pa1ie1eLkQ.roa
Signing time: Mon 23 Sep 2024 09:39:48 +0000
ROA not before: Mon 23 Sep 2024 09:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 23
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 23
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 22
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Sep 2024 10:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:40:61:f1:46:41:81:e8:8b:34:32:c2:40:aa:0e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Sep 23 09:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d83c25bc82b2e5e9489b7eddcf6b589ed5e2e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:39:e9:8b:fd:45:e1:d3:5b:9e:eb:0e:c6:aa:
48:7a:dc:d5:36:70:b9:42:d6:22:a5:f3:15:77:70:
46:cc:40:2a:b8:9b:eb:89:42:28:65:64:47:0d:3f:
ce:4a:91:8b:5a:35:41:6f:33:c5:ea:bf:55:ed:7e:
a4:34:e3:b4:55:c4:bc:ea:0e:61:73:5f:1c:6b:43:
69:3b:7a:da:69:10:ea:3e:95:dc:d0:26:9d:cb:a4:
46:76:86:f3:23:79:9c:5f:86:25:d1:3b:28:68:54:
13:3f:b7:bb:5b:48:db:ce:bf:c6:54:1f:ec:ae:19:
da:d6:37:e0:bc:f8:27:a4:d1:a0:c2:52:03:fe:0e:
0d:b4:cc:bb:5f:71:b6:e1:90:58:a1:3b:19:18:28:
9f:d1:d8:8d:53:0e:98:1f:60:25:0d:2b:29:30:66:
a4:ca:23:fd:07:23:2d:c9:33:c2:68:80:cf:28:12:
26:a7:48:cc:6c:43:c8:09:00:ed:97:f5:e7:ff:0c:
94:8d:7e:ce:1a:16:b9:a4:46:98:74:3d:34:2c:f3:
bb:d4:20:25:8b:eb:aa:d6:41:f2:a7:fb:a2:5d:bf:
9b:32:bc:73:7d:26:ec:a2:b2:03:7b:99:aa:97:4c:
fa:5f:a6:f0:22:aa:1a:9d:58:ce:88:c5:a3:55:2a:
9d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:83:C2:5B:C8:2B:2E:5E:94:89:B7:ED:DC:F6:B5:89:ED:5E:2E:44
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/PYPCW8grLl6Uibft3Pa1ie1eLkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
c3:aa:ed:5a:86:6f:fa:ab:e6:84:d3:11:ec:f2:ae:a0:3d:0f:
48:02:39:b1:3d:98:02:a3:c7:77:62:d5:79:d4:a1:c6:1f:26:
fa:29:8a:68:38:91:e9:b5:60:57:86:d3:57:08:07:9d:6d:ba:
0f:dc:04:c8:7c:88:ea:e9:3e:3a:3b:f7:af:32:73:9c:22:16:
86:9f:a2:0f:62:b4:23:ef:65:27:39:17:ef:21:11:08:60:1c:
47:bb:4d:bf:3b:0e:6a:a1:9e:b6:20:ac:76:9b:3c:46:12:89:
8d:3a:d3:6c:c9:4a:73:fe:34:79:3f:3b:a7:58:9b:9a:3d:25:
36:b2:67:63:84:3a:96:97:17:db:e5:bf:13:8f:d8:a3:96:87:
64:2c:19:c3:0e:a2:c6:82:9a:86:9f:66:03:3c:8f:12:9e:3b:
a6:76:e5:6b:7a:38:07:92:97:13:c1:d4:79:a9:7b:7a:da:aa:
4f:bd:fd:f3:3c:f3:00:a4:af:ee:c1:47:18:55:83:f1:7b:17:
43:e9:b8:f0:fd:fa:7d:92:2a:9b:b9:ee:be:88:6d:5a:32:1e:
0f:c6:7e:e4:e7:a2:c7:03:90:f5:7f:af:9c:ee:0a:75:1c:a6:
b1:c7:bf:9a:2d:1d:6b:3d:5a:24:3f:5e:92:9f:3d:7d:41:3f:
b1:1d:eb:77
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZIeQGHxRkGB6Is0MsJAqg5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjQwOTIzMDkzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgzYzI1YmM4MmIyZTVlOTQ4OWI3ZWRkY2Y2YjU4OWVkNWUyZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljnpi/1F4dNbnusOxqpIetzVNnC5
QtYipfMVd3BGzEAquJvriUIoZWRHDT/OSpGLWjVBbzPF6r9V7X6kNOO0VcS86g5h
c18ca0NpO3raaRDqPpXc0Cady6RGdobzI3mcX4Yl0TsoaFQTP7e7W0jbzr/GVB/s
rhna1jfgvPgnpNGgwlID/g4NtMy7X3G24ZBYoTsZGCif0diNUw6YH2AlDSspMGak
yiP9ByMtyTPCaIDPKBImp0jMbEPICQDtl/Xn/wyUjX7OGha5pEaYdD00LPO71CAl
i+uq1kHyp/uiXb+bMrxzfSbsorIDe5mql0z6X6bwIqoanVjOiMWjVSqdxwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFD2DwlvIKy5elIm37dz2tYntXi5EMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvUFlQQ1c4Z3JMbDZVaWJmdDNQYTFpZTFlTGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAw6rtWoZv+qvmhNMR7PKuoD0PSAI5sT2YAqPHd2LV
edShxh8m+imKaDiR6bVgV4bTVwgHnW26D9wEyHyI6uk+Ojv3rzJznCIWhp+iD2K0
I+9lJzkX7yERCGAcR7tNvzsOaqGetiCsdps8RhKJjTrTbMlKc/40eT87p1ibmj0l
NrJnY4Q6lpcX2+W/E4/Yo5aHZCwZww6ixoKahp9mAzyPEp47pnbla3o4B5KXE8HU
eal7etqqT7398zzzAKSv7sFHGFWD8XsXQ+m48P36fZIqm7nuvohtWjIeD8Z+5Oei
xwOQ9X+vnO4KdRymsce/mi0daz1aJD9ekp89fUE/sR3rdw==
-----END CERTIFICATE-----
Generated at Fri May 2 23:21:56 2025 by rpki-client