Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/PnnNBF_S3QupbGwzKw94M6gkvb8.roa
File: PnnNBF_S3QupbGwzKw94M6gkvb8.roa (raw, json)
Hash identifier: 4N/JgrYRGRrVKopWA5JFVpXuosgjrdnwfQ8oMLFjf3o=
Subject key identifier: 3E:79:CD:04:5F:D2:DD:0B:A9:6C:6C:33:2B:0F:78:33:A8:24:BD:BF
Certificate issuer: /CN=beba48c7e2c9e05eda546d899146b89f799df85d
Certificate serial: 0185712788200FD1FF8BAAD5A353E69F5E88
Authority key identifier: BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/PnnNBF_S3QupbGwzKw94M6gkvb8.roa
Signing time: Mon 02 Jan 2023 06:24:54 +0000
ROA not before: Mon 02 Jan 2023 06:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35631
IP address blocks: 91.215.252.0/23 maxlen: 23
91.215.254.0/24 maxlen: 24
91.215.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:88:20:0f:d1:ff:8b:aa:d5:a3:53:e6:9f:5e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beba48c7e2c9e05eda546d899146b89f799df85d
Validity
Not Before: Jan 2 06:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e79cd045fd2dd0ba96c6c332b0f7833a824bdbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d1:61:11:79:4c:08:da:6f:de:9c:33:22:ab:
07:ab:e2:c7:52:79:d5:16:ab:f3:f6:1c:18:65:bd:
ca:60:ca:2b:38:4e:b6:9d:c1:ec:c2:41:f2:bf:e5:
71:e6:2e:1a:fe:3e:35:c9:bb:9c:86:01:e5:51:84:
fe:21:73:ab:26:df:c8:92:82:56:cf:b3:12:a2:7c:
e9:b6:b2:57:f4:fa:d9:c8:d6:f2:1e:91:a0:5d:3e:
fd:ce:a6:7e:0a:30:7c:0e:35:8e:2e:7b:08:54:47:
d5:02:41:ab:60:69:65:9e:71:f4:3e:41:80:b0:ac:
6c:81:9e:f4:36:c6:a3:68:16:e7:7d:02:d4:ca:fc:
0f:1f:e8:f0:97:37:2b:0d:65:82:71:23:be:33:52:
44:1b:30:bc:52:3c:5c:4c:86:11:8d:da:7d:72:f1:
95:14:4a:ea:44:88:3b:82:b8:9c:5e:7a:3f:7b:c2:
f0:eb:6c:df:7b:17:3c:7b:3d:45:8c:b0:e1:de:20:
d2:a2:22:ae:ac:e7:b0:8f:db:3b:5a:a3:88:f2:1d:
00:c7:c7:ba:38:32:ee:d1:1a:97:5e:f2:7e:67:18:
63:ca:65:27:0e:72:22:d0:9f:53:77:c2:24:84:1d:
0e:e6:7e:a7:0e:8c:50:aa:e9:99:12:91:c7:d9:e7:
84:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:79:CD:04:5F:D2:DD:0B:A9:6C:6C:33:2B:0F:78:33:A8:24:BD:BF
X509v3 Authority Key Identifier:
keyid:BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/PnnNBF_S3QupbGwzKw94M6gkvb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.252.0/22
Signature Algorithm: sha256WithRSAEncryption
94:e1:3e:c6:68:71:05:6a:15:98:aa:15:80:ad:27:86:3c:5a:
7a:4e:14:e6:83:ef:5e:92:0a:c5:67:5e:04:b1:cf:cb:74:e6:
6c:4f:e2:eb:03:aa:87:51:dc:8e:53:e1:16:0c:80:be:28:5f:
9f:4e:d4:2e:6c:93:26:4d:62:b2:09:98:77:c6:c0:b7:7d:61:
48:de:e1:19:83:46:46:42:21:20:87:91:5d:73:25:b6:e8:1d:
8b:4b:11:61:40:39:16:ca:3f:fe:6d:1e:62:47:51:f9:b1:45:
a4:02:33:3a:72:e9:79:37:fb:57:d8:a0:81:ea:70:4e:4f:cb:
08:96:0d:03:bd:80:14:a2:68:e0:cc:23:ae:f3:a1:3f:d3:d2:
b5:f7:35:aa:4a:e7:00:00:80:f7:cc:25:8e:e1:cd:81:fa:d2:
52:85:e3:cd:aa:02:fc:5b:36:20:8a:09:e6:a6:43:5b:c2:0b:
2f:43:70:c8:f2:3c:64:ae:87:f0:6a:84:fc:2c:7d:fd:99:ea:
78:e0:8b:f2:b9:3e:83:31:0c:33:da:af:a1:fe:b6:12:04:53:
0d:aa:83:ee:e6:0e:41:c0:a7:aa:7e:58:8b:0d:cf:6a:65:aa:
6a:78:05:dd:4f:00:de:8a:58:5d:7d:98:aa:fe:7b:d0:6d:a9:
06:95:b7:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ4ggD9H/i6rVo1Pmn16IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYmE0OGM3ZTJjOWUwNWVkYTU0NmQ4OTkxNDZiODlmNzk5
ZGY4NWQwHhcNMjMwMTAyMDYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc5Y2QwNDVmZDJkZDBiYTk2YzZjMzMyYjBmNzgzM2E4MjRiZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtFhEXlMCNpv3pwzIqsHq+LHUnnV
Fqvz9hwYZb3KYMorOE62ncHswkHyv+Vx5i4a/j41ybuchgHlUYT+IXOrJt/IkoJW
z7MSonzptrJX9PrZyNbyHpGgXT79zqZ+CjB8DjWOLnsIVEfVAkGrYGllnnH0PkGA
sKxsgZ70NsajaBbnfQLUyvwPH+jwlzcrDWWCcSO+M1JEGzC8UjxcTIYRjdp9cvGV
FErqRIg7gricXno/e8Lw62zfexc8ez1FjLDh3iDSoiKurOewj9s7WqOI8h0Ax8e6
ODLu0RqXXvJ+ZxhjymUnDnIi0J9Td8IkhB0O5n6nDoxQqumZEpHH2eeEPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD55zQRf0t0LqWxsMysPeDOoJL2/MB8GA1UdIwQY
MBaAFL66SMfiyeBe2lRtiZFGuJ95nfhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYt
M2Q1MjIxODFhMmM0LzEvUG5uTkJGX1MzUXVwYkd3ekt3OTRNNmdrdmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYtM2Q1MjIxODFhMmM0
LzEvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9f8MA0G
CSqGSIb3DQEBCwUAA4IBAQCU4T7GaHEFahWYqhWArSeGPFp6ThTmg+9ekgrFZ14E
sc/LdOZsT+LrA6qHUdyOU+EWDIC+KF+fTtQubJMmTWKyCZh3xsC3fWFI3uEZg0ZG
QiEgh5FdcyW26B2LSxFhQDkWyj/+bR5iR1H5sUWkAjM6cul5N/tX2KCB6nBOT8sI
lg0DvYAUomjgzCOu86E/09K19zWqSucAAID3zCWO4c2B+tJShePNqgL8WzYgignm
pkNbwgsvQ3DI8jxkrofwaoT8LH39mep44IvyuT6DMQwz2q+h/rYSBFMNqoPu5g5B
wKeqfliLDc9qZapqeAXdTwDeilhdfZiq/nvQbakGlbc9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:06 2024 by rpki-client on console-fra.rpki-client.org