Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/PUS9obeYiWtvopddH9krsA_ZcLs.roa
File: PUS9obeYiWtvopddH9krsA_ZcLs.roa (raw, json)
Hash identifier: qBE965gayzJB9n2xZ217iUrUJDCIBkTQpvSQtHmpl88=
Subject key identifier: 3D:44:BD:A1:B7:98:89:6B:6F:A2:97:5D:1F:D9:2B:B0:0F:D9:70:BB
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A4582C9513083F6E4979F8BA9AE47
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/PUS9obeYiWtvopddH9krsA_ZcLs.roa
Signing time: Sun 01 Jan 2023 03:05:07 +0000
ROA not before: Sun 01 Jan 2023 03:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207935
IP address blocks: 141.101.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:45:82:c9:51:30:83:f6:e4:97:9f:8b:a9:ae:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d44bda1b798896b6fa2975d1fd92bb00fd970bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:32:11:d0:75:81:c7:fe:5c:67:14:37:31:
a1:29:8c:b9:e4:2d:1f:1a:e6:87:b4:78:0a:71:64:
d0:8c:39:ca:a9:a1:0a:75:1c:42:64:c5:22:e2:a9:
b4:b8:52:07:01:f2:ad:8f:91:23:7d:8e:5a:e0:f2:
e3:8e:82:de:f1:45:98:ca:f9:6d:29:ec:44:c6:c4:
f3:68:d4:83:a5:e9:19:51:68:8d:11:75:a6:42:6b:
b0:3d:ce:cc:4d:9d:4a:1b:8f:7c:cf:1f:fa:1d:54:
fc:ae:0c:1b:ac:12:79:3e:47:aa:87:25:17:86:d9:
a1:18:a0:0e:26:a3:45:89:2f:f2:a3:71:b5:f7:ed:
48:8f:0c:11:14:69:b3:1e:82:ce:41:39:86:3b:df:
5c:cd:8d:be:65:45:3a:9c:a2:6e:83:84:07:dd:bb:
8b:3f:05:ca:cf:8a:11:73:0b:96:af:9d:19:ac:76:
a2:5d:86:4f:94:21:4a:1f:7b:27:2b:1c:23:03:01:
80:a5:15:10:30:90:bf:80:d7:21:38:e6:97:5a:25:
3a:7d:f7:7d:8f:25:48:14:c1:83:ff:29:9d:3d:75:
75:a9:5c:88:14:68:6c:7f:fd:3f:5f:36:39:57:45:
30:17:66:5f:40:ac:6a:a0:84:62:26:5a:91:a6:63:
c9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:44:BD:A1:B7:98:89:6B:6F:A2:97:5D:1F:D9:2B:B0:0F:D9:70:BB
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/PUS9obeYiWtvopddH9krsA_ZcLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.221.0/24
Signature Algorithm: sha256WithRSAEncryption
21:66:f7:bf:ad:50:1c:47:c6:3f:e0:e7:03:1d:ad:9d:8a:bf:
3d:11:17:4d:e2:b5:7d:e5:88:61:16:ba:6b:c4:d7:7a:8b:74:
2e:3d:f9:05:d3:1e:1a:7a:e4:87:5b:c8:8a:94:1e:e7:85:25:
e8:eb:5d:20:20:df:0b:2b:e5:ad:98:89:d9:c0:ee:8c:27:9e:
ac:97:03:0c:e3:c0:22:2f:4c:95:1f:58:b3:ba:86:8b:02:93:
02:a5:1d:ed:c9:4b:95:ab:36:34:6f:65:92:4b:17:d1:be:c0:
74:6b:fd:b6:81:89:71:ef:c7:25:9c:c7:fe:62:fd:dd:c2:cc:
75:e2:e5:03:80:dc:ff:25:a8:b7:6d:86:09:9b:4a:b3:60:ac:
b8:01:59:26:27:82:4a:db:d5:2d:0a:01:7a:2a:21:71:14:cf:
54:35:29:95:48:8a:ec:4f:93:c7:a5:d4:b9:31:5e:b3:6f:0e:
18:99:56:de:e5:e3:d1:fd:aa:90:80:f5:00:20:28:0f:66:37:
ab:33:7c:3b:ce:c1:a8:23:c1:3c:89:f1:97:45:39:c1:75:34:
3d:12:71:a7:1f:20:c4:68:38:df:ef:3f:6e:8f:9f:79:62:e9:
22:96:2f:0d:31:6c:90:3a:72:51:d2:23:14:6d:43:ff:76:2f:
12:e5:bc:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSkWCyVEwg/bkl5+Lqa5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQ0YmRhMWI3OTg4OTZiNmZhMjk3NWQxZmQ5MmJiMDBmZDk3MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlYyEdB1gcf+XGcUNzGhKYy55C0f
GuaHtHgKcWTQjDnKqaEKdRxCZMUi4qm0uFIHAfKtj5EjfY5a4PLjjoLe8UWYyvlt
KexExsTzaNSDpekZUWiNEXWmQmuwPc7MTZ1KG498zx/6HVT8rgwbrBJ5PkeqhyUX
htmhGKAOJqNFiS/yo3G19+1IjwwRFGmzHoLOQTmGO99czY2+ZUU6nKJug4QH3buL
PwXKz4oRcwuWr50ZrHaiXYZPlCFKH3snKxwjAwGApRUQMJC/gNchOOaXWiU6ffd9
jyVIFMGD/ymdPXV1qVyIFGhsf/0/XzY5V0UwF2ZfQKxqoIRiJlqRpmPJtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1EvaG3mIlrb6KXXR/ZK7AP2XC7MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvUFVTOW9iZVlpV3R2b3BkZEg5a3JzQV9aY0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWXdMA0G
CSqGSIb3DQEBCwUAA4IBAQAhZve/rVAcR8Y/4OcDHa2dir89ERdN4rV95YhhFrpr
xNd6i3QuPfkF0x4aeuSHW8iKlB7nhSXo610gIN8LK+WtmInZwO6MJ56slwMM48Ai
L0yVH1izuoaLApMCpR3tyUuVqzY0b2WSSxfRvsB0a/22gYlx78clnMf+Yv3dwsx1
4uUDgNz/Jai3bYYJm0qzYKy4AVkmJ4JK29UtCgF6KiFxFM9UNSmVSIrsT5PHpdS5
MV6zbw4YmVbe5ePR/aqQgPUAICgPZjerM3w7zsGoI8E8ifGXRTnBdTQ9EnGnHyDE
aDjf7z9uj595Yukili8NMWyQOnJR0iMUbUP/di8S5bya
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:50 2024 by rpki-client on console-fra.rpki-client.org