Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PVF_Xqjpme1SiL71mAtIBB7SQbo.roa
File: PVF_Xqjpme1SiL71mAtIBB7SQbo.roa (raw, json)
Hash identifier: rGOHXWmvEg1/CCNQ1I+JLalTzqxcHWVBsCeU9jLn2hY=
Subject key identifier: 3D:51:7F:5E:A8:E9:99:ED:52:88:BE:F5:98:0B:48:04:1E:D2:41:BA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D8C433C83C014FC91A7C6B6E2B8A
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PVF_Xqjpme1SiL71mAtIBB7SQbo.roa
Signing time: Tue 02 Jan 2024 00:31:09 +0000
ROA not before: Tue 02 Jan 2024 00:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 91.200.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 16:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d8:c4:33:c8:3c:01:4f:c9:1a:7c:6b:6e:2b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d517f5ea8e999ed5288bef5980b48041ed241ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0a:fe:71:da:6a:e3:59:61:05:bb:09:74:e0:
b3:b9:09:b2:4c:81:09:2d:45:f3:12:5c:f9:b7:0e:
46:a0:ed:f7:c0:2b:8c:33:94:4e:0a:b7:29:0f:7c:
33:87:08:45:25:2e:7e:f3:76:3f:2b:62:07:a3:7c:
88:aa:27:42:4b:77:9d:99:cd:e0:62:88:bf:1e:a1:
f7:34:1a:55:82:66:4f:76:9d:18:6e:93:cf:32:3f:
18:61:a7:8e:ad:c7:43:58:c4:1f:fd:6d:a1:f5:c5:
c2:3b:fb:ab:29:ef:66:37:d8:89:87:ae:1f:42:9e:
7c:ca:99:02:89:af:b5:29:fb:cc:40:47:1a:e4:fb:
3e:e4:d1:01:2b:5f:b7:9e:70:29:7a:c2:88:78:b2:
ea:b6:a5:11:43:f0:21:cb:34:36:c1:81:74:5e:bb:
a8:c6:06:89:5b:f6:d3:5a:d5:0b:69:c0:5a:ed:39:
36:7d:b1:a6:53:37:73:09:1b:11:b8:a9:80:94:3e:
0f:17:56:53:89:4f:46:06:d9:d9:68:d9:c8:38:fe:
07:d2:14:3a:f1:96:fa:87:9d:59:e7:da:ec:84:0e:
4d:6b:d4:fa:e4:b9:14:a2:54:ba:dd:a7:0e:0e:62:
0e:4e:6b:d6:0a:e5:2b:39:ee:e7:f8:78:84:99:20:
6d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:51:7F:5E:A8:E9:99:ED:52:88:BE:F5:98:0B:48:04:1E:D2:41:BA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PVF_Xqjpme1SiL71mAtIBB7SQbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:52:83:96:63:44:c6:2f:5b:bf:aa:02:c8:fb:46:4d:da:91:
6d:64:63:98:11:28:3c:6f:11:ba:36:af:cb:1d:e9:97:59:18:
37:26:f2:a0:78:cd:86:62:07:8d:fc:6e:76:58:35:7e:3f:c6:
62:76:e2:f2:95:3b:ff:36:13:55:f7:76:55:e2:81:f2:2f:fd:
93:af:64:c7:d4:dd:ba:ff:29:e6:4a:16:41:59:84:18:87:68:
ba:69:4a:06:f6:c2:5f:57:cd:27:0c:57:c0:d8:10:75:cb:af:
f5:bf:ba:92:3d:c7:4a:8b:c5:b4:e6:e1:1e:d4:2f:39:21:8e:
a0:55:01:f2:b1:ea:8d:10:aa:eb:62:52:b9:30:a7:7b:aa:fd:
03:c7:bf:24:77:1d:c9:e2:6e:00:0a:42:ba:cd:9f:cc:ef:8a:
bd:19:58:ff:3d:af:37:76:f7:f6:18:3c:a2:be:5f:9d:b6:df:
fe:9b:fb:c8:87:aa:22:6d:21:81:82:43:dd:00:1f:e7:19:9b:
96:25:01:b2:64:e4:7d:05:a7:11:c5:85:f0:b4:c0:e0:1b:45:
c1:6c:73:64:95:30:5d:d1:98:f9:17:fe:58:99:c3:b5:d6:5a:
f5:aa:dc:a7:73:42:02:6f:ac:30:b7:6f:fd:cc:32:c9:ec:d3:
88:ef:96:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlNjEM8g8AU/JGnxrbiuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDUxN2Y1ZWE4ZTk5OWVkNTI4OGJlZjU5ODBiNDgwNDFlZDI0MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswr+cdpq41lhBbsJdOCzuQmyTIEJ
LUXzElz5tw5GoO33wCuMM5ROCrcpD3wzhwhFJS5+83Y/K2IHo3yIqidCS3edmc3g
Yoi/HqH3NBpVgmZPdp0YbpPPMj8YYaeOrcdDWMQf/W2h9cXCO/urKe9mN9iJh64f
Qp58ypkCia+1KfvMQEca5Ps+5NEBK1+3nnApesKIeLLqtqURQ/AhyzQ2wYF0Xruo
xgaJW/bTWtULacBa7Tk2fbGmUzdzCRsRuKmAlD4PF1ZTiU9GBtnZaNnIOP4H0hQ6
8Zb6h51Z59rshA5Na9T65LkUolS63acODmIOTmvWCuUrOe7n+HiEmSBtPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1Rf16o6ZntUoi+9ZgLSAQe0kG6MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUFZGX1hxanBtZTFTaUw3MW1BdElCQjdTUWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jcMA0G
CSqGSIb3DQEBCwUAA4IBAQCNUoOWY0TGL1u/qgLI+0ZN2pFtZGOYESg8bxG6Nq/L
HemXWRg3JvKgeM2GYgeN/G52WDV+P8ZiduLylTv/NhNV93ZV4oHyL/2Tr2TH1N26
/ynmShZBWYQYh2i6aUoG9sJfV80nDFfA2BB1y6/1v7qSPcdKi8W05uEe1C85IY6g
VQHyseqNEKrrYlK5MKd7qv0Dx78kdx3J4m4ACkK6zZ/M74q9GVj/Pa83dvf2GDyi
vl+dtt/+m/vIh6oibSGBgkPdAB/nGZuWJQGyZOR9BacRxYXwtMDgG0XBbHNklTBd
0Zj5F/5YmcO11lr1qtync0ICb6wwt2/9zDLJ7NOI75aK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org