Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/kZxIMqCrbslEXJAAVD4cs2uhf-0.roa
File: kZxIMqCrbslEXJAAVD4cs2uhf-0.roa (raw, json)
Hash identifier: mAnbyYWlMkJ9zoyL9n3qchYzZhekKCcS5wrIWkQdqWE=
Subject key identifier: 91:9C:48:32:A0:AB:6E:C9:44:5C:90:00:54:3E:1C:B3:6B:A1:7F:ED
Certificate issuer: /CN=20d617bdb5d768e395e49b41cd81217bd3163ab3
Certificate serial: 018AD1555D1DCAF6012734DFFBBC3D7957D3
Authority key identifier: 20:D6:17:BD:B5:D7:68:E3:95:E4:9B:41:CD:81:21:7B:D3:16:3A:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INYXvbXXaOOV5JtBzYEhe9MWOrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/kZxIMqCrbslEXJAAVD4cs2uhf-0.roa
Signing time: Tue 26 Sep 2023 11:52:27 +0000
ROA not before: Tue 26 Sep 2023 11:52:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198058
IP address blocks: 91.199.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:55:5d:1d:ca:f6:01:27:34:df:fb:bc:3d:79:57:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d617bdb5d768e395e49b41cd81217bd3163ab3
Validity
Not Before: Sep 26 11:52:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=919c4832a0ab6ec9445c9000543e1cb36ba17fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:43:0e:0f:4c:5f:ee:10:1d:72:74:9a:9f:6d:
f2:a5:0b:0e:af:a6:5f:95:a6:1f:56:69:4a:40:8f:
21:ff:af:4c:59:4f:af:ba:6b:10:97:1e:a5:b7:b0:
0d:4c:a2:ca:cf:6d:af:ed:1d:59:3e:ab:46:b9:5c:
e4:e6:0a:79:d1:5d:c9:f2:d2:52:57:39:35:54:99:
6c:16:73:66:c6:1c:2f:d8:8a:ed:41:da:03:92:c1:
f8:55:5f:09:e5:5a:2c:24:68:db:be:86:86:a3:ca:
74:70:a3:43:4b:5f:59:b2:e8:73:e6:e0:94:42:3f:
6b:53:4c:57:7d:45:5c:28:3b:a5:33:d6:d7:22:c9:
2f:57:f8:99:4d:71:97:aa:bb:ae:91:da:7f:3b:53:
bb:bd:ac:7f:00:d4:16:5e:f9:f5:35:15:83:f1:9a:
1e:c2:e5:5f:1f:f1:09:e3:6e:64:c2:aa:e9:50:bb:
b3:05:6a:4b:24:5f:b0:cc:2d:15:ca:d3:fe:1b:49:
81:64:3a:31:3f:a9:f7:11:c3:0a:14:5a:af:01:3b:
67:f1:74:78:61:58:31:1f:2e:fa:c9:1d:c0:52:9d:
08:84:89:e6:ba:24:ca:49:77:62:11:f8:00:08:05:
89:72:62:48:e7:61:ad:c1:ae:a6:21:a4:d4:f3:e0:
c2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9C:48:32:A0:AB:6E:C9:44:5C:90:00:54:3E:1C:B3:6B:A1:7F:ED
X509v3 Authority Key Identifier:
keyid:20:D6:17:BD:B5:D7:68:E3:95:E4:9B:41:CD:81:21:7B:D3:16:3A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INYXvbXXaOOV5JtBzYEhe9MWOrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/kZxIMqCrbslEXJAAVD4cs2uhf-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/INYXvbXXaOOV5JtBzYEhe9MWOrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.219.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:19:f5:36:06:7b:94:8b:e0:ff:c8:36:62:96:19:ce:9e:b0:
86:b5:09:06:14:52:21:d6:f5:5c:fe:63:d5:44:6b:0b:ec:2c:
56:d9:72:0c:6b:cb:b7:f0:f9:71:47:77:8c:94:f6:0a:95:27:
ed:20:8f:09:96:03:0c:b2:4a:a9:26:0a:3e:a5:97:c9:cd:f9:
45:35:91:26:80:e8:cd:62:1d:c4:b8:86:30:3a:bd:19:63:8e:
6c:7c:6d:6b:4b:10:6d:2a:25:b2:7a:cd:3c:fc:97:1c:65:f7:
e8:4b:90:af:80:06:6d:70:80:2d:3d:9f:1e:f2:1d:cd:30:dd:
c2:87:8e:dc:33:e1:90:e5:13:2f:c9:5d:83:8a:5e:3e:2d:53:
c8:97:3e:cf:4e:40:4e:21:33:e0:61:40:b5:76:05:6f:1b:43:
5e:a3:d8:15:56:57:b4:5e:72:99:5a:a8:07:62:e4:3d:bb:f1:
18:fe:f4:14:a2:eb:b7:90:39:de:3c:33:61:67:2b:54:8e:74:
d8:3c:cd:bf:dc:2b:18:77:cf:31:a9:8f:86:49:7f:8b:0d:97:
ad:f2:59:0b:84:9a:ac:ba:5a:e2:28:50:7e:1c:02:10:0b:8d:
56:01:12:8d:93:4b:fa:92:e3:e8:0d:f5:85:2f:56:12:12:39:
a9:37:09:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrRVV0dyvYBJzTf+7w9eVfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDYxN2JkYjVkNzY4ZTM5NWU0OWI0MWNkODEyMTdiZDMx
NjNhYjMwHhcNMjMwOTI2MTE1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTljNDgzMmEwYWI2ZWM5NDQ1YzkwMDA1NDNlMWNiMzZiYTE3ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUMOD0xf7hAdcnSan23ypQsOr6Zf
laYfVmlKQI8h/69MWU+vumsQlx6lt7ANTKLKz22v7R1ZPqtGuVzk5gp50V3J8tJS
Vzk1VJlsFnNmxhwv2IrtQdoDksH4VV8J5VosJGjbvoaGo8p0cKNDS19Zsuhz5uCU
Qj9rU0xXfUVcKDulM9bXIskvV/iZTXGXqruukdp/O1O7vax/ANQWXvn1NRWD8Zoe
wuVfH/EJ425kwqrpULuzBWpLJF+wzC0VytP+G0mBZDoxP6n3EcMKFFqvATtn8XR4
YVgxHy76yR3AUp0IhInmuiTKSXdiEfgACAWJcmJI52Gtwa6mIaTU8+DCIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGcSDKgq27JRFyQAFQ+HLNroX/tMB8GA1UdIwQY
MBaAFCDWF72112jjleSbQc2BIXvTFjqzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5ZWHZiWFhhT09WNUp0QnpZRWhlOU1XT3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MDg0NzEtN2RhYS00Y2QyLWE4NjAt
MDY5ZGE5Yzg0Nzg1LzEva1p4SU1xQ3Jic2xFWEpBQVZENGNzMnVoZi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84MDg0NzEtN2RhYS00Y2QyLWE4NjAtMDY5ZGE5Yzg0Nzg1
LzEvSU5ZWHZiWFhhT09WNUp0QnpZRWhlOU1XT3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8fbMA0G
CSqGSIb3DQEBCwUAA4IBAQCoGfU2BnuUi+D/yDZilhnOnrCGtQkGFFIh1vVc/mPV
RGsL7CxW2XIMa8u38PlxR3eMlPYKlSftII8JlgMMskqpJgo+pZfJzflFNZEmgOjN
Yh3EuIYwOr0ZY45sfG1rSxBtKiWyes08/JccZffoS5CvgAZtcIAtPZ8e8h3NMN3C
h47cM+GQ5RMvyV2Dil4+LVPIlz7PTkBOITPgYUC1dgVvG0Neo9gVVle0XnKZWqgH
YuQ9u/EY/vQUouu3kDnePDNhZytUjnTYPM2/3CsYd88xqY+GSX+LDZet8lkLhJqs
ulriKFB+HAIQC41WARKNk0v6kuPoDfWFL1YSEjmpNwle
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:50 2024 by rpki-client on console-fra.rpki-client.org