Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pzMn44imb5-yoDlIdW04WUo2v24.roa
File: pzMn44imb5-yoDlIdW04WUo2v24.roa (raw, json)
Hash identifier: vgZ0TZkqquNI2xtD8ApszOs2hgUjJEiSckb4zqtxF28=
Subject key identifier: A7:33:27:E3:88:A6:6F:9F:B2:A0:39:48:75:6D:38:59:4A:36:BF:6E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802E08965A2C19FFB9205EB815AB692
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pzMn44imb5-yoDlIdW04WUo2v24.roa
Signing time: Tue 02 Jan 2024 02:31:20 +0000
ROA not before: Tue 02 Jan 2024 02:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 192.176.176.0/21 maxlen: 24
192.71.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:e0:89:65:a2:c1:9f:fb:92:05:eb:81:5a:b6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a73327e388a66f9fb2a03948756d38594a36bf6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:27:38:d2:18:a9:55:31:f5:db:25:1f:78:dd:
59:af:aa:90:dd:f1:52:6e:5e:13:1a:bf:a3:89:6b:
b2:4c:61:8c:24:2f:32:2c:fc:e4:3b:36:72:9c:6c:
c9:5c:40:b5:c0:e5:e2:c9:5e:33:4b:1a:fe:57:20:
62:33:51:85:78:54:f2:b8:2b:2e:1b:a1:3d:02:63:
88:ac:b1:35:da:8a:b3:a5:32:92:c4:b0:9e:29:0b:
10:0a:4d:de:40:af:95:ba:ff:a6:d8:78:13:8a:70:
2f:e6:d8:78:0f:7f:60:40:2b:86:7a:d0:4f:0a:76:
77:d6:d5:f1:d8:2b:ca:c4:b8:02:44:0b:79:d0:a3:
cd:6c:d2:64:3b:bf:0a:59:57:74:e4:80:57:d9:dc:
29:13:4a:f1:13:de:3b:12:64:6d:7c:7c:28:4b:b0:
9a:0f:33:64:65:60:59:99:4d:ac:ec:ed:7e:38:71:
18:d4:73:b3:31:33:f1:49:46:17:46:cd:1b:42:29:
c3:fe:23:66:b2:bc:bc:20:31:ee:87:bd:b6:6b:9d:
41:3a:c4:3b:1c:3c:5d:9a:d5:dc:6f:6a:b1:cf:f1:
1f:a6:31:af:d8:db:9c:68:6b:eb:5d:06:4b:5c:bb:
6f:5d:61:f0:4b:8a:75:88:55:66:94:7e:b0:d6:27:
42:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:33:27:E3:88:A6:6F:9F:B2:A0:39:48:75:6D:38:59:4A:36:BF:6E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pzMn44imb5-yoDlIdW04WUo2v24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.155.0/24
192.176.176.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:26:ca:ae:54:d4:af:44:6b:39:53:2c:78:8c:6d:25:65:02:
42:2d:54:d7:ff:09:3b:f0:89:10:c1:b9:78:61:2b:02:70:6d:
9a:c0:e2:8f:72:44:7f:d0:a1:0c:b9:1f:00:c1:b4:0a:2d:6c:
90:65:70:e8:5c:ed:0c:71:56:2d:71:1e:eb:f4:ca:2c:5c:ef:
6c:0b:59:ad:cf:ac:c4:15:fa:2f:f9:84:5b:52:78:39:43:a5:
af:45:4e:fd:ff:20:f8:cd:ec:f2:36:13:b4:f9:f5:43:60:ac:
9f:60:b5:cb:48:cd:56:32:56:d3:f4:c5:dd:8f:06:60:b9:19:
af:eb:32:36:d1:d8:74:8b:1f:72:7b:bb:b1:d2:32:36:b8:2b:
d9:f1:6c:ba:23:6d:f8:91:a9:94:f1:a8:91:75:0b:a3:68:20:
55:8d:db:05:6c:fc:92:bf:f8:bf:00:d8:32:28:cd:0e:23:5a:
0e:62:0a:c7:77:ef:33:44:1d:4d:ac:4a:93:b6:cb:7e:c8:a6:
c8:c5:18:76:99:63:05:ed:37:b7:c8:ff:dd:31:ad:53:f5:de:
b3:36:8d:e6:a6:e6:6b:c0:9f:3a:34:9e:e7:4f:d8:dc:97:79:
eb:b6:8d:80:38:22:f9:06:a2:d7:f2:b2:3b:da:10:09:39:84:
96:3a:24:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAuCJZaLBn/uSBeuBWraSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzMzMjdlMzg4YTY2ZjlmYjJhMDM5NDg3NTZkMzg1OTRhMzZiZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSc40hipVTH12yUfeN1Zr6qQ3fFS
bl4TGr+jiWuyTGGMJC8yLPzkOzZynGzJXEC1wOXiyV4zSxr+VyBiM1GFeFTyuCsu
G6E9AmOIrLE12oqzpTKSxLCeKQsQCk3eQK+Vuv+m2HgTinAv5th4D39gQCuGetBP
CnZ31tXx2CvKxLgCRAt50KPNbNJkO78KWVd05IBX2dwpE0rxE947EmRtfHwoS7Ca
DzNkZWBZmU2s7O1+OHEY1HOzMTPxSUYXRs0bQinD/iNmsry8IDHuh722a51BOsQ7
HDxdmtXcb2qxz/EfpjGv2NucaGvrXQZLXLtvXWHwS4p1iFVmlH6w1idCCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKczJ+OIpm+fsqA5SHVtOFlKNr9uMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvcHpNbjQ0aW1iNS15b0RsSWRXMDRXVW8ydjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwEebAwQD
wLCwMA0GCSqGSIb3DQEBCwUAA4IBAQBLJsquVNSvRGs5Uyx4jG0lZQJCLVTX/wk7
8IkQwbl4YSsCcG2awOKPckR/0KEMuR8AwbQKLWyQZXDoXO0McVYtcR7r9MosXO9s
C1mtz6zEFfov+YRbUng5Q6WvRU79/yD4zezyNhO0+fVDYKyfYLXLSM1WMlbT9MXd
jwZguRmv6zI20dh0ix9ye7ux0jI2uCvZ8Wy6I234kamU8aiRdQujaCBVjdsFbPyS
v/i/ANgyKM0OI1oOYgrHd+8zRB1NrEqTtst+yKbIxRh2mWMF7Te3yP/dMa1T9d6z
No3mpuZrwJ86NJ7nT9jcl3nrto2AOCL5BqLX8rI72hAJOYSWOiS3
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:47 2025 by rpki-client