Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a20963-fad7-4e34-bf1e-658b800a5d61/1/PFmIQKfsQXMxE8uEjB6pAcybRsU.roa
File: PFmIQKfsQXMxE8uEjB6pAcybRsU.roa (raw, json)
Hash identifier: nRNXSWK9icgqH+eSQi+H0qJpnzh8nPqO3sb2Hs15Wwo=
Subject key identifier: 3C:59:88:40:A7:EC:41:73:31:13:CB:84:8C:1E:A9:01:CC:9B:46:C5
Certificate issuer: /CN=7186e64b5823c4c61287858d9770c70df706b0cc
Certificate serial: 01856E1443CA03597701FFB3A2BE01D56DDA
Authority key identifier: 71:86:E6:4B:58:23:C4:C6:12:87:85:8D:97:70:C7:0D:F7:06:B0:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cYbmS1gjxMYSh4WNl3DHDfcGsMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/a20963-fad7-4e34-bf1e-658b800a5d61/1/PFmIQKfsQXMxE8uEjB6pAcybRsU.roa
Signing time: Sun 01 Jan 2023 16:04:59 +0000
ROA not before: Sun 01 Jan 2023 16:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30839
IP address blocks: 91.213.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:43:ca:03:59:77:01:ff:b3:a2:be:01:d5:6d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7186e64b5823c4c61287858d9770c70df706b0cc
Validity
Not Before: Jan 1 16:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c598840a7ec41733113cb848c1ea901cc9b46c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:62:9e:94:83:22:4a:60:07:62:01:92:e2:94:
6c:83:31:44:cd:42:ef:f2:15:9c:69:19:a9:42:b3:
66:98:95:bb:37:8c:39:af:e8:f0:3b:82:12:e7:dc:
4f:2b:38:9b:de:10:73:a7:b0:13:7b:ef:61:d1:7a:
85:d9:cb:7f:c4:25:28:db:ac:d5:c8:8c:a3:2f:08:
5e:a6:0c:86:c6:a1:82:5e:b4:f6:cb:7a:2a:01:e1:
f2:c3:1a:f1:0a:ec:5c:26:f2:25:46:1d:d5:bd:28:
a8:6b:c9:07:b4:d7:9f:dc:29:5b:5a:13:18:e9:4a:
ad:0a:2b:5f:55:09:35:f8:07:0b:6e:b5:79:54:08:
b1:24:61:da:41:af:61:e5:73:ba:90:81:3a:9e:8d:
3f:d4:03:9e:db:e9:c5:1a:2f:c5:8b:8d:28:21:de:
af:69:bc:82:20:8f:0a:ba:ea:e2:90:31:43:d7:f2:
af:43:58:08:b5:cb:1d:23:40:aa:ff:7a:26:e1:e1:
ba:94:95:5c:6e:0d:52:b5:23:a9:6b:2f:7a:3f:03:
6f:15:ea:7a:65:30:a6:52:5c:a0:d1:5e:b8:a3:ee:
73:ca:d1:4e:94:7a:89:76:5e:00:24:4c:32:45:4c:
eb:3a:35:0c:f4:92:9d:31:d7:c7:41:00:2f:63:8d:
42:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:59:88:40:A7:EC:41:73:31:13:CB:84:8C:1E:A9:01:CC:9B:46:C5
X509v3 Authority Key Identifier:
keyid:71:86:E6:4B:58:23:C4:C6:12:87:85:8D:97:70:C7:0D:F7:06:B0:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cYbmS1gjxMYSh4WNl3DHDfcGsMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a20963-fad7-4e34-bf1e-658b800a5d61/1/PFmIQKfsQXMxE8uEjB6pAcybRsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a20963-fad7-4e34-bf1e-658b800a5d61/1/cYbmS1gjxMYSh4WNl3DHDfcGsMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.90.0/24
Signature Algorithm: sha256WithRSAEncryption
39:89:fd:9f:c6:46:c2:d3:e2:59:a8:33:93:50:c9:16:c2:db:
db:bd:ac:ae:2c:57:4f:92:f5:db:a4:ed:18:5b:72:60:ab:2a:
d8:d8:57:17:87:48:ea:cd:2d:02:07:d7:45:ed:52:25:7e:ab:
94:eb:39:d4:f1:02:bc:14:1c:6c:da:73:45:c5:45:4d:de:32:
0c:b5:21:18:c0:1b:06:11:b7:fe:7d:f7:e1:b9:f7:d2:24:b9:
ba:39:05:30:54:2b:aa:33:d3:56:0c:b9:74:7d:00:62:bf:f1:
3e:3b:97:08:ce:93:4e:5a:fa:56:7c:4d:8e:cd:ba:5a:19:af:
70:fd:82:8b:23:39:49:ff:82:41:4c:28:b1:a6:ac:2f:52:d7:
f7:d9:a8:84:ff:27:b2:5e:6d:4b:a7:1d:00:a7:d2:b1:f9:24:
61:fb:53:dd:2f:08:1c:7d:a3:42:d8:80:86:86:a4:9d:3a:21:
2d:3d:a3:cb:34:ff:22:c4:33:b7:90:95:63:08:d2:a3:a7:19:
b0:8b:93:8d:db:96:d9:a3:d8:23:bf:d8:48:f0:39:d6:be:98:
50:c7:54:ca:cf:be:ab:36:1f:5b:9f:e1:53:4c:8e:88:fa:40:
8f:57:11:99:22:9e:50:e5:47:26:00:20:54:00:f8:2a:b7:f8:
b2:59:90:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFEPKA1l3Af+zor4B1W3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxODZlNjRiNTgyM2M0YzYxMjg3ODU4ZDk3NzBjNzBkZjcw
NmIwY2MwHhcNMjMwMTAxMTYwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU5ODg0MGE3ZWM0MTczMzExM2NiODQ4YzFlYTkwMWNjOWI0NmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2KelIMiSmAHYgGS4pRsgzFEzULv
8hWcaRmpQrNmmJW7N4w5r+jwO4IS59xPKzib3hBzp7ATe+9h0XqF2ct/xCUo26zV
yIyjLwhepgyGxqGCXrT2y3oqAeHywxrxCuxcJvIlRh3VvSioa8kHtNef3ClbWhMY
6UqtCitfVQk1+AcLbrV5VAixJGHaQa9h5XO6kIE6no0/1AOe2+nFGi/Fi40oId6v
abyCII8KuurikDFD1/KvQ1gItcsdI0Cq/3om4eG6lJVcbg1StSOpay96PwNvFep6
ZTCmUlyg0V64o+5zytFOlHqJdl4AJEwyRUzrOjUM9JKdMdfHQQAvY41CgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxZiECn7EFzMRPLhIweqQHMm0bFMB8GA1UdIwQY
MBaAFHGG5ktYI8TGEoeFjZdwxw33BrDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1libVMxZ2p4TVlTaDRXTmwzREhEZmNHc013LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hMjA5NjMtZmFkNy00ZTM0LWJmMWUt
NjU4YjgwMGE1ZDYxLzEvUEZtSVFLZnNRWE14RTh1RWpCNnBBY3liUnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hMjA5NjMtZmFkNy00ZTM0LWJmMWUtNjU4YjgwMGE1ZDYx
LzEvY1libVMxZ2p4TVlTaDRXTmwzREhEZmNHc013LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9VaMA0G
CSqGSIb3DQEBCwUAA4IBAQA5if2fxkbC0+JZqDOTUMkWwtvbvayuLFdPkvXbpO0Y
W3JgqyrY2FcXh0jqzS0CB9dF7VIlfquU6znU8QK8FBxs2nNFxUVN3jIMtSEYwBsG
Ebf+fffhuffSJLm6OQUwVCuqM9NWDLl0fQBiv/E+O5cIzpNOWvpWfE2OzbpaGa9w
/YKLIzlJ/4JBTCixpqwvUtf32aiE/yeyXm1Lpx0Ap9Kx+SRh+1PdLwgcfaNC2ICG
hqSdOiEtPaPLNP8ixDO3kJVjCNKjpxmwi5ON25bZo9gjv9hI8DnWvphQx1TKz76r
Nh9bn+FTTI6I+kCPVxGZIp5Q5UcmACBUAPgqt/iyWZCE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:00 2024 by rpki-client on console-ams.rpki-client.org