Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/IZhA888SVRCSA-vwBZh3jWdjvnM.roa
File: IZhA888SVRCSA-vwBZh3jWdjvnM.roa (raw, json)
Hash identifier: a6Rg3KMg+gwlNtSIgRPVhnyhP7WwzhE8MIN16ppa+UA=
Subject key identifier: 21:98:40:F3:CF:12:55:10:92:03:EB:F0:05:98:77:8D:67:63:BE:73
Certificate issuer: /CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Certificate serial: 018A3D5C63ADD524E17DD24C542DA13A845A
Authority key identifier: 34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/IZhA888SVRCSA-vwBZh3jWdjvnM.roa
Signing time: Mon 28 Aug 2023 18:16:19 +0000
ROA not before: Mon 28 Aug 2023 18:16:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211600
IP address blocks: 91.195.150.0/23 maxlen: 24
2001:678:2e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3d:5c:63:ad:d5:24:e1:7d:d2:4c:54:2d:a1:3a:84:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Validity
Not Before: Aug 28 18:16:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=219840f3cf1255109203ebf00598778d6763be73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b5:55:a9:d3:03:7d:19:9d:a9:81:af:34:ea:
1b:5b:20:69:ee:bf:08:4e:c5:c9:18:ad:91:68:f7:
4a:97:8b:87:3a:ce:d6:9a:23:d4:22:c1:af:bf:a3:
67:a5:e5:6d:49:a5:4e:fd:82:c8:2f:1e:e4:20:39:
ae:19:0f:02:62:35:7c:30:e5:db:c6:a5:e0:08:e4:
c6:66:da:37:06:2b:65:af:d7:bb:08:37:b2:69:03:
c2:0c:50:c1:ac:8a:ac:9d:7d:b8:57:cd:be:4b:da:
c4:64:0a:e6:b5:00:e4:bb:f9:a8:8c:21:7c:a2:55:
5c:d4:5b:2a:0f:ad:95:cf:40:e5:e9:f8:39:05:a9:
11:24:8e:6f:d5:66:4d:50:6a:89:88:d0:00:f8:90:
56:73:68:f8:2c:70:d6:89:eb:23:0f:a5:ef:c0:2a:
9b:ce:d2:61:53:a7:d6:44:39:2d:56:a4:15:c3:2a:
96:67:4c:fa:b8:a6:a3:07:96:99:35:3f:01:ca:29:
f0:3c:32:a8:d6:4d:57:0d:33:12:54:16:78:75:59:
fe:9d:07:53:cd:52:e3:b5:27:d8:43:7e:64:3c:18:
51:f2:9a:46:83:6c:98:29:00:39:c6:f7:11:67:cd:
9d:a3:9c:55:92:8f:f4:79:c8:86:6d:20:6e:e9:3b:
3e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:98:40:F3:CF:12:55:10:92:03:EB:F0:05:98:77:8D:67:63:BE:73
X509v3 Authority Key Identifier:
keyid:34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/IZhA888SVRCSA-vwBZh3jWdjvnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.150.0/23
IPv6:
2001:678:2e0::/48
Signature Algorithm: sha256WithRSAEncryption
1b:f5:9b:d1:35:fb:79:71:c9:4f:5e:82:86:40:25:c4:42:26:
70:04:3d:67:20:5f:1e:ba:6a:cd:13:0c:ea:64:08:b2:5a:de:
82:d2:0e:d3:43:f9:ee:7f:c5:10:76:e7:25:7e:5c:d3:11:62:
99:24:4d:71:4d:60:ec:e8:a7:44:44:46:22:92:76:c7:d0:8f:
79:54:a5:07:84:f1:d1:37:26:70:17:d3:35:b9:71:ec:80:ec:
8f:42:84:6d:ed:29:28:37:8a:1a:6a:d1:d0:dc:c1:6d:ee:35:
87:77:82:d5:a2:d3:e3:4a:77:37:99:0b:fb:9c:bb:b0:dd:ed:
21:5d:52:48:26:3a:bb:bb:0a:36:b0:05:83:43:27:29:d3:1d:
03:29:8e:ec:1c:ba:2d:0d:f6:69:db:a8:0d:2a:9c:de:24:a2:
0b:5a:9a:67:3f:18:a0:de:24:0f:14:14:94:92:d3:90:4b:39:
0b:ca:0a:4c:8b:f7:b2:3d:37:b9:1a:51:f3:db:28:62:e0:98:
e2:0b:49:56:a3:32:d4:6c:e4:ac:fa:40:c9:3f:a1:f0:58:4c:
29:ac:03:cc:21:cb:a6:40:2f:58:94:50:09:79:9b:96:f9:8b:
d7:ab:34:22:61:fe:0a:29:ff:19:c4:23:2f:bc:31:c4:a6:96:
68:f3:e2:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo9XGOt1SThfdJMVC2hOoRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0Y2I5NTZlYzNhMTRmNmY1ZTRiNzZkNTQzNDJmYTk4ZDU5
Yzc3YTYwHhcNMjMwODI4MTgxNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTk4NDBmM2NmMTI1NTEwOTIwM2ViZjAwNTk4Nzc4ZDY3NjNiZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibVVqdMDfRmdqYGvNOobWyBp7r8I
TsXJGK2RaPdKl4uHOs7WmiPUIsGvv6NnpeVtSaVO/YLILx7kIDmuGQ8CYjV8MOXb
xqXgCOTGZto3Bitlr9e7CDeyaQPCDFDBrIqsnX24V82+S9rEZArmtQDku/mojCF8
olVc1FsqD62Vz0Dl6fg5BakRJI5v1WZNUGqJiNAA+JBWc2j4LHDWiesjD6XvwCqb
ztJhU6fWRDktVqQVwyqWZ0z6uKajB5aZNT8ByinwPDKo1k1XDTMSVBZ4dVn+nQdT
zVLjtSfYQ35kPBhR8ppGg2yYKQA5xvcRZ82do5xVko/0eciGbSBu6Ts+GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCGYQPPPElUQkgPr8AWYd41nY75zMB8GA1UdIwQY
MBaAFDTLlW7DoU9vXkt21UNC+pjVnHemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQt
OWE2ODgwODBhNTc5LzEvSVpoQTg4OFNWUkNTQS12d0JaaDNqV2Rqdm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQtOWE2ODgwODBhNTc5
LzEvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8OWMA8E
AgACMAkDBwAgAQZ4AuAwDQYJKoZIhvcNAQELBQADggEBABv1m9E1+3lxyU9egoZA
JcRCJnAEPWcgXx66as0TDOpkCLJa3oLSDtND+e5/xRB25yV+XNMRYpkkTXFNYOzo
p0RERiKSdsfQj3lUpQeE8dE3JnAX0zW5ceyA7I9ChG3tKSg3ihpq0dDcwW3uNYd3
gtWi0+NKdzeZC/ucu7Dd7SFdUkgmOru7CjawBYNDJynTHQMpjuwcui0N9mnbqA0q
nN4kogtammc/GKDeJA8UFJSS05BLOQvKCkyL97I9N7kaUfPbKGLgmOILSVajMtRs
5Kz6QMk/ofBYTCmsA8why6ZAL1iUUAl5m5b5i9erNCJh/gop/xnEIy+8McSmlmjz
4gs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:43 2024 by rpki-client on console-ams.rpki-client.org