Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d6db46-85b1-420c-8ce7-f7dabb0d2787/1/pJzzrI_SanoAM6g8SX6aEqFOnSM.roa
File: pJzzrI_SanoAM6g8SX6aEqFOnSM.roa (raw, json)
Hash identifier: nNJ5yiN39jFutw9ru+HKsiWZhxnR5/VbulOzPcPWfWI=
Subject key identifier: A4:9C:F3:AC:8F:D2:6A:7A:00:33:A8:3C:49:7E:9A:12:A1:4E:9D:23
Certificate issuer: /CN=21eb7f9b58952b9e80afcf7bbdba32b26a34d0a1
Certificate serial: 01857315C73B437215BD0F75C832E11123BB
Authority key identifier: 21:EB:7F:9B:58:95:2B:9E:80:AF:CF:7B:BD:BA:32:B2:6A:34:D0:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iet_m1iVK56Ar897vboysmo00KE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d6db46-85b1-420c-8ce7-f7dabb0d2787/1/pJzzrI_SanoAM6g8SX6aEqFOnSM.roa
Signing time: Mon 02 Jan 2023 15:24:45 +0000
ROA not before: Mon 02 Jan 2023 15:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198684
IP address blocks: 91.238.132.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:c7:3b:43:72:15:bd:0f:75:c8:32:e1:11:23:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21eb7f9b58952b9e80afcf7bbdba32b26a34d0a1
Validity
Not Before: Jan 2 15:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a49cf3ac8fd26a7a0033a83c497e9a12a14e9d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:62:d0:0a:78:16:75:6e:31:4c:88:57:37:4e:
84:66:1d:e8:3b:52:c6:03:c6:ec:cf:a1:83:58:24:
7f:2a:ee:4c:0d:48:d3:89:63:98:95:8a:13:72:a8:
e4:01:e8:47:d0:40:17:79:85:9d:68:38:33:13:6c:
be:36:9b:bf:b3:84:8d:19:b8:50:70:4c:39:9c:83:
ea:08:65:40:cc:04:36:06:65:61:fa:16:ba:fa:12:
ff:6a:83:cf:b4:2f:e8:be:1e:35:59:0d:49:d2:84:
2f:59:4a:ab:51:ae:18:e2:6b:79:4e:e0:fb:48:95:
db:ba:99:45:ec:08:11:66:99:a8:b7:29:7b:3c:10:
8e:3b:b6:c7:54:1c:c7:b6:56:02:92:65:c9:bf:90:
92:08:6d:e1:58:ab:88:04:6b:fe:fd:e0:8a:8c:75:
41:5f:aa:14:c0:7c:97:6f:83:4d:9d:23:25:96:33:
48:a8:1b:9d:9f:92:23:c5:22:72:73:ab:26:fd:19:
37:a2:be:40:44:c7:2e:01:ba:f6:c9:de:73:e3:b4:
79:01:40:c1:c7:99:f7:18:2c:78:d3:45:4f:35:7d:
29:2b:ba:da:78:57:9d:a6:66:fa:e5:5b:dd:6f:89:
a6:cc:79:b6:8a:81:69:ab:6e:e9:75:71:fe:b3:f1:
72:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9C:F3:AC:8F:D2:6A:7A:00:33:A8:3C:49:7E:9A:12:A1:4E:9D:23
X509v3 Authority Key Identifier:
keyid:21:EB:7F:9B:58:95:2B:9E:80:AF:CF:7B:BD:BA:32:B2:6A:34:D0:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iet_m1iVK56Ar897vboysmo00KE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d6db46-85b1-420c-8ce7-f7dabb0d2787/1/pJzzrI_SanoAM6g8SX6aEqFOnSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d6db46-85b1-420c-8ce7-f7dabb0d2787/1/Iet_m1iVK56Ar897vboysmo00KE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.132.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:4f:6c:0a:6c:f8:c5:4f:e9:2e:74:2d:a0:5e:01:10:d9:fd:
4c:d7:80:ae:a6:6b:88:c5:9d:a1:14:4b:29:f4:9c:aa:f8:5f:
c6:42:b5:0c:12:be:42:e5:02:e7:15:2a:b7:09:7a:64:d4:84:
ab:e6:19:e4:1d:7e:0f:33:30:42:e2:e5:e0:46:43:94:b2:f0:
33:5c:53:ca:18:60:d7:5b:0b:bd:9c:c1:db:ee:96:05:fe:9b:
f4:26:9b:dc:73:fe:9a:01:6f:df:87:56:66:34:a0:64:57:a6:
db:71:ad:ee:15:ec:ee:6f:84:51:11:33:03:da:b8:dd:1d:9d:
0d:bc:35:07:e6:95:56:d8:b0:43:a5:e8:cf:00:29:11:2b:5b:
66:a7:f8:4a:52:86:59:b8:ff:05:58:e3:42:41:99:17:f5:bb:
5e:ce:fc:e0:eb:03:0d:08:d9:a5:f8:c9:97:09:40:3e:65:9b:
fa:79:8d:1a:6c:5f:70:e1:e7:5b:64:d5:b6:8f:83:aa:62:17:
4a:3f:60:83:11:05:75:71:69:1f:8e:da:a8:37:54:b6:12:b9:
d2:77:f3:b7:42:29:98:80:7d:ce:c2:91:51:b0:3f:fc:e3:35:
b4:46:c1:50:fa:72:f0:aa:3a:eb:8c:c8:ce:a3:15:98:b1:b3:
86:07:6c:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFcc7Q3IVvQ91yDLhESO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZWI3ZjliNTg5NTJiOWU4MGFmY2Y3YmJkYmEzMmIyNmEz
NGQwYTEwHhcNMjMwMTAyMTUyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDljZjNhYzhmZDI2YTdhMDAzM2E4M2M0OTdlOWExMmExNGU5ZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGLQCngWdW4xTIhXN06EZh3oO1LG
A8bsz6GDWCR/Ku5MDUjTiWOYlYoTcqjkAehH0EAXeYWdaDgzE2y+Npu/s4SNGbhQ
cEw5nIPqCGVAzAQ2BmVh+ha6+hL/aoPPtC/ovh41WQ1J0oQvWUqrUa4Y4mt5TuD7
SJXbuplF7AgRZpmotyl7PBCOO7bHVBzHtlYCkmXJv5CSCG3hWKuIBGv+/eCKjHVB
X6oUwHyXb4NNnSMlljNIqBudn5IjxSJyc6sm/Rk3or5ARMcuAbr2yd5z47R5AUDB
x5n3GCx400VPNX0pK7raeFedpmb65Vvdb4mmzHm2ioFpq27pdXH+s/FyWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSc86yP0mp6ADOoPEl+mhKhTp0jMB8GA1UdIwQY
MBaAFCHrf5tYlSuegK/Pe726MrJqNNChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWV0X20xaVZLNTZBcjg5N3Zib3lzbW8wMEtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kNmRiNDYtODViMS00MjBjLThjZTct
ZjdkYWJiMGQyNzg3LzEvcEp6enJJX1Nhbm9BTTZnOFNYNmFFcUZPblNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kNmRiNDYtODViMS00MjBjLThjZTctZjdkYWJiMGQyNzg3
LzEvSWV0X20xaVZLNTZBcjg5N3Zib3lzbW8wMEtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+6EMA0G
CSqGSIb3DQEBCwUAA4IBAQCfT2wKbPjFT+kudC2gXgEQ2f1M14CupmuIxZ2hFEsp
9Jyq+F/GQrUMEr5C5QLnFSq3CXpk1ISr5hnkHX4PMzBC4uXgRkOUsvAzXFPKGGDX
Wwu9nMHb7pYF/pv0Jpvcc/6aAW/fh1ZmNKBkV6bbca3uFezub4RRETMD2rjdHZ0N
vDUH5pVW2LBDpejPACkRK1tmp/hKUoZZuP8FWONCQZkX9btezvzg6wMNCNml+MmX
CUA+ZZv6eY0abF9w4edbZNW2j4OqYhdKP2CDEQV1cWkfjtqoN1S2ErnSd/O3QimY
gH3OwpFRsD/84zW0RsFQ+nLwqjrrjMjOoxWYsbOGB2zc
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:09 2024 by rpki-client on console-fra.rpki-client.org