Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PxGNVVCpmwdY8x4zlrPezTcUXqU.roa
File: PxGNVVCpmwdY8x4zlrPezTcUXqU.roa (raw, json)
Hash identifier: 6NiAttuzzlxi/vatkamsJhYG3XWd3cVQnN1RnySBMNU=
Subject key identifier: 3F:11:8D:55:50:A9:9B:07:58:F3:1E:33:96:B3:DE:CD:37:14:5E:A5
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0185CBB571E456992C9681C7A10551B77E69
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PxGNVVCpmwdY8x4zlrPezTcUXqU.roa
Signing time: Thu 19 Jan 2023 20:25:44 +0000
ROA not before: Thu 19 Jan 2023 20:25:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 91.200.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 20:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cb:b5:71:e4:56:99:2c:96:81:c7:a1:05:51:b7:7e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 19 20:25:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f118d5550a99b0758f31e3396b3decd37145ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:7b:12:09:cf:49:79:42:12:42:05:ca:e5:
cf:cd:69:24:1c:4d:63:79:2e:ad:c3:ae:2f:f3:cd:
71:36:d2:9b:ab:27:54:33:47:f8:32:a6:ba:45:28:
23:d9:57:d8:7e:23:bb:93:58:f5:2c:6b:29:ba:aa:
b4:b9:be:8a:18:7f:98:32:b1:76:57:6d:3a:9e:d6:
d6:7b:e0:f1:71:12:51:f5:70:27:00:d6:30:26:21:
8f:15:da:3f:ed:76:76:0d:da:67:d9:61:a7:d8:9e:
24:47:33:01:03:25:d9:87:a2:de:11:c9:bb:40:ca:
8e:72:a9:6b:63:1a:c8:63:da:45:50:12:73:c5:56:
2e:1e:14:e4:93:1a:d2:54:7c:d8:f8:2c:b1:07:ff:
f9:f3:28:f2:f8:52:df:bb:95:35:57:48:22:c3:ba:
cb:e0:cf:8f:c0:fe:82:c6:36:c3:a9:b0:a5:4a:4e:
f3:ec:1e:a8:fb:8e:3d:a8:b6:77:a6:cb:7d:d0:6f:
fa:5e:a8:d0:b0:be:03:cc:29:76:13:42:d0:ae:b1:
ab:67:ed:44:cf:4c:a3:18:8c:a4:66:87:5f:7e:08:
50:59:80:44:1b:6b:5f:cd:85:62:64:c5:c9:4b:49:
64:58:15:52:a8:a4:bf:69:cf:f3:2f:1b:6b:5e:d0:
39:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:11:8D:55:50:A9:9B:07:58:F3:1E:33:96:B3:DE:CD:37:14:5E:A5
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PxGNVVCpmwdY8x4zlrPezTcUXqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
Signature Algorithm: sha256WithRSAEncryption
99:33:86:33:12:43:4c:ad:83:42:07:38:b9:4e:2b:ba:58:45:
35:2a:08:ca:01:8a:91:45:c8:c5:58:dc:9d:e0:cc:7c:bf:58:
ac:df:f4:f6:63:69:84:28:b9:4a:01:26:8b:67:c1:eb:03:13:
bb:b1:4d:02:9c:3b:08:77:d2:1d:32:0e:53:f9:9e:ef:2c:4b:
44:b0:60:91:e0:a8:28:67:87:42:82:db:b6:d9:6b:61:fd:27:
bf:ad:cf:15:dc:40:31:66:a8:12:12:56:1b:44:85:1c:6e:13:
3c:a3:95:68:34:40:9a:28:30:c6:ef:27:25:98:d5:27:69:51:
3a:9f:02:e8:94:67:c2:56:90:29:04:8e:92:46:35:5d:78:9a:
bf:3a:db:e9:30:ad:79:8f:e3:d8:b9:58:48:86:57:0c:76:68:
7d:c7:0d:38:91:3d:74:ae:2d:2e:b6:f7:1c:f7:c1:6f:a7:e5:
7b:05:ea:aa:73:ea:91:58:fd:cd:e7:f8:41:9e:84:c3:76:f1:
9f:04:c0:c5:50:26:64:c4:38:7e:e1:22:32:00:ed:dc:70:d0:
fe:7c:18:57:69:ae:2d:4c:cf:f5:11:fa:1d:3b:e9:cc:72:1d:
8e:25:fd:9b:6b:de:8e:8e:68:bf:d1:fb:b3:ae:0e:ee:3f:b3:
a8:d6:b2:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXLtXHkVpksloHHoQVRt35pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMTE5MjAyNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjExOGQ1NTUwYTk5YjA3NThmMzFlMzM5NmIzZGVjZDM3MTQ1ZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGN7EgnPSXlCEkIFyuXPzWkkHE1j
eS6tw64v881xNtKbqydUM0f4Mqa6RSgj2VfYfiO7k1j1LGspuqq0ub6KGH+YMrF2
V206ntbWe+DxcRJR9XAnANYwJiGPFdo/7XZ2Ddpn2WGn2J4kRzMBAyXZh6LeEcm7
QMqOcqlrYxrIY9pFUBJzxVYuHhTkkxrSVHzY+CyxB//58yjy+FLfu5U1V0giw7rL
4M+PwP6CxjbDqbClSk7z7B6o+449qLZ3pst90G/6XqjQsL4DzCl2E0LQrrGrZ+1E
z0yjGIykZodffghQWYBEG2tfzYViZMXJS0lkWBVSqKS/ac/zLxtrXtA5ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8RjVVQqZsHWPMeM5az3s03FF6lMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUHhHTlZWQ3Btd2RZOHg0emxyUGV6VGNVWHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jcMA0G
CSqGSIb3DQEBCwUAA4IBAQCZM4YzEkNMrYNCBzi5Tiu6WEU1KgjKAYqRRcjFWNyd
4Mx8v1is3/T2Y2mEKLlKASaLZ8HrAxO7sU0CnDsId9IdMg5T+Z7vLEtEsGCR4Kgo
Z4dCgtu22Wth/Se/rc8V3EAxZqgSElYbRIUcbhM8o5VoNECaKDDG7yclmNUnaVE6
nwLolGfCVpApBI6SRjVdeJq/OtvpMK15j+PYuVhIhlcMdmh9xw04kT10ri0utvcc
98Fvp+V7Beqqc+qRWP3N5/hBnoTDdvGfBMDFUCZkxDh+4SIyAO3ccND+fBhXaa4t
TM/1EfodO+nMch2OJf2ba96Ojmi/0fuzrg7uP7Oo1rLR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org