Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/PZtWzkRT7idDiaiH1MPFP6ZVf0s.roa
File: PZtWzkRT7idDiaiH1MPFP6ZVf0s.roa (raw, json)
Hash identifier: 8fs6nbtu7zLoVdR1ZUPPSp4lcZEKlbr/uNLup6Z5fmc=
Subject key identifier: 3D:9B:56:CE:44:53:EE:27:43:89:A8:87:D4:C3:C5:3F:A6:55:7F:4B
Certificate issuer: /CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Certificate serial: 01857295E1113E9AC04B07CEBEC68CB5350D
Authority key identifier: A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/PZtWzkRT7idDiaiH1MPFP6ZVf0s.roa
Signing time: Mon 02 Jan 2023 13:05:03 +0000
ROA not before: Mon 02 Jan 2023 13:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 91.208.162.0/24 maxlen: 24
91.208.184.0/24 maxlen: 24
91.208.197.0/24 maxlen: 24
91.208.206.0/24 maxlen: 24
2a0f:5f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Mar 2023 12:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:e1:11:3e:9a:c0:4b:07:ce:be:c6:8c:b5:35:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Validity
Not Before: Jan 2 13:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d9b56ce4453ee274389a887d4c3c53fa6557f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:66:ab:73:b2:12:73:fa:fd:fb:e8:45:ac:ea:
1d:7b:68:a0:48:93:93:a7:18:98:cf:d5:8d:60:d5:
a3:f9:9a:e4:8b:ab:69:a4:5a:b2:06:ab:fb:67:20:
60:dd:1d:8d:cb:3b:7b:5f:9b:06:ab:1a:95:d4:e4:
cf:d2:ab:65:c3:97:1b:2a:f0:1e:fe:4b:7f:6d:92:
f5:d6:3f:ae:37:89:dd:f9:f1:13:3c:c5:a5:3e:9b:
58:76:5c:33:35:83:0d:ff:77:89:14:55:f6:ce:86:
be:7a:7b:96:aa:ab:af:68:b1:cd:18:84:d9:2d:b4:
b4:f4:4e:ff:bd:49:8b:27:d7:38:24:9e:e0:9a:38:
ca:52:51:4d:51:11:5b:3b:0b:4c:9b:61:dc:2a:bc:
35:25:61:c1:fc:1c:7e:57:89:d3:aa:c3:90:23:21:
64:76:fd:a7:9f:f1:57:8a:ff:01:84:0d:62:67:f6:
d1:07:94:87:e7:a2:42:d9:83:f1:0b:b1:bd:e8:f7:
7f:01:70:02:12:10:ad:47:90:14:40:be:3e:20:4d:
02:31:42:5f:4b:de:6f:50:2b:1c:0b:38:b0:c7:71:
4a:50:d7:ab:95:85:b1:e0:99:c0:4f:dc:69:76:3c:
47:39:0f:76:ce:a7:62:df:b5:b9:37:b2:e7:f7:ed:
ba:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9B:56:CE:44:53:EE:27:43:89:A8:87:D4:C3:C5:3F:A6:55:7F:4B
X509v3 Authority Key Identifier:
keyid:A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/PZtWzkRT7idDiaiH1MPFP6ZVf0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.162.0/24
91.208.184.0/24
91.208.197.0/24
91.208.206.0/24
IPv6:
2a0f:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
67:a1:40:46:1c:14:d5:81:16:59:80:2e:9e:10:5e:04:39:15:
0a:96:8c:67:e6:c4:24:8e:8a:90:66:65:41:ec:cf:09:93:9b:
a9:b5:7c:99:a2:9f:c1:b4:8a:03:80:35:22:d8:dc:17:f2:d2:
e5:eb:87:93:3e:1d:81:4f:14:bc:12:a3:b3:5d:03:54:be:aa:
b8:8d:d6:8f:32:1c:86:3a:80:d6:75:5f:e4:bc:fb:fd:98:ff:
d3:d7:3f:c7:98:ad:91:0b:f9:d4:fd:a5:4f:39:10:90:91:2c:
a6:2b:e3:da:d4:a6:b7:64:77:95:0d:8e:06:c0:c2:81:4f:06:
da:fd:52:d3:39:89:08:39:9a:4c:01:b4:f9:87:d1:e5:24:8c:
a5:4d:99:06:9e:19:f4:52:e8:22:75:93:c5:ed:23:60:19:c4:
04:5c:b6:59:68:c6:a8:14:30:43:c8:d3:a4:60:d2:ad:46:47:
85:de:a1:37:82:36:e6:3c:f4:1b:3e:ea:ca:7b:9c:59:de:4d:
d3:10:71:e4:5f:b2:10:bc:7f:9d:88:11:af:87:b8:80:2f:1e:
2f:1b:f9:85:cb:2a:94:ae:ec:5d:37:fa:b3:ab:93:75:f5:8c:
e9:43:3d:06:f7:cc:8f:20:dc:1d:45:10:37:65:2a:98:f3:7a:
23:0c:75:34
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyleERPprASwfOvsaMtTUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZWQ0NDJiOTFkNGU4M2E2ZGUzOWZiNjc5NzFhMWU3OWM2
YjFlZDUwHhcNMjMwMTAyMTMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDliNTZjZTQ0NTNlZTI3NDM4OWE4ODdkNGMzYzUzZmE2NTU3ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2arc7ISc/r9++hFrOode2igSJOT
pxiYz9WNYNWj+Zrki6tppFqyBqv7ZyBg3R2Nyzt7X5sGqxqV1OTP0qtlw5cbKvAe
/kt/bZL11j+uN4nd+fETPMWlPptYdlwzNYMN/3eJFFX2zoa+enuWqquvaLHNGITZ
LbS09E7/vUmLJ9c4JJ7gmjjKUlFNURFbOwtMm2HcKrw1JWHB/Bx+V4nTqsOQIyFk
dv2nn/FXiv8BhA1iZ/bRB5SH56JC2YPxC7G96Pd/AXACEhCtR5AUQL4+IE0CMUJf
S95vUCscCziwx3FKUNerlYWx4JnAT9xpdjxHOQ92zqdi37W5N7Ln9+26ZQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFD2bVs5EU+4nQ4moh9TDxT+mVX9LMB8GA1UdIwQY
MBaAFKbtRCuR1Og6beOftnlxoeecax7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQt
OTdjNWQ1OWIwYmJmLzEvUFp0V3prUlQ3aWREaWFpSDFNUEZQNlpWZjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQtOTdjNWQ1OWIwYmJm
LzEvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9CiAwQA
W9C4AwQAW9DFAwQAW9DOMA0EAgACMAcDBQMqD19AMA0GCSqGSIb3DQEBCwUAA4IB
AQBnoUBGHBTVgRZZgC6eEF4EORUKloxn5sQkjoqQZmVB7M8Jk5uptXyZop/BtIoD
gDUi2NwX8tLl64eTPh2BTxS8EqOzXQNUvqq4jdaPMhyGOoDWdV/kvPv9mP/T1z/H
mK2RC/nU/aVPORCQkSymK+Pa1Ka3ZHeVDY4GwMKBTwba/VLTOYkIOZpMAbT5h9Hl
JIylTZkGnhn0UugidZPF7SNgGcQEXLZZaMaoFDBDyNOkYNKtRkeF3qE3gjbmPPQb
PurKe5xZ3k3TEHHkX7IQvH+diBGvh7iALx4vG/mFyyqUruxdN/qzq5N19YzpQz0G
98yPINwdRRA3ZSqY83ojDHU0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:03 2024 by rpki-client on console-fra.rpki-client.org