Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zh3swOQP9vEq8gzhX7ZczZ6mCGk.roa
File: zh3swOQP9vEq8gzhX7ZczZ6mCGk.roa (raw, json)
Hash identifier: 6oRNu8qDxWxG5N344k+SC86oi4oYLvaLgZxf3123x8U=
Subject key identifier: CE:1D:EC:C0:E4:0F:F6:F1:2A:F2:0C:E1:5F:B6:5C:CD:9E:A6:08:69
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018DC47A8CB71F4C71D1C4C8B593167A0156
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zh3swOQP9vEq8gzhX7ZczZ6mCGk.roa
Signing time: Tue 20 Feb 2024 03:06:22 +0000
ROA not before: Tue 20 Feb 2024 03:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34534
IP address blocks: 89.251.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 10:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c4:7a:8c:b7:1f:4c:71:d1:c4:c8:b5:93:16:7a:01:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 20 03:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce1decc0e40ff6f12af20ce15fb65ccd9ea60869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:78:e7:70:b2:59:49:11:f2:20:ad:01:f8:86:
90:c4:4c:18:63:59:02:3f:f4:aa:6f:ae:a4:5d:99:
c0:8e:df:d6:02:ad:97:2c:91:c3:3e:5a:bd:07:d9:
9e:c4:36:92:8d:61:57:72:43:98:87:6f:0b:c7:79:
43:1c:86:1f:65:17:4f:aa:b1:ab:84:e5:9f:ff:83:
03:32:59:94:dd:d3:8e:ed:70:8f:da:eb:8a:f2:45:
e2:73:3d:89:62:75:28:5d:78:b1:a6:49:8c:9a:d3:
50:68:60:38:c6:e6:03:bd:9a:ae:a4:dc:7e:af:03:
ca:fa:86:b0:2d:56:0a:ad:c1:10:5f:e8:1a:df:36:
bf:0e:90:1e:63:fc:da:42:2a:98:c5:40:9f:c5:83:
3d:1b:69:b3:5a:6d:a7:63:69:1b:1a:c7:3d:be:23:
31:b5:05:40:41:94:12:2a:6a:3c:49:c6:64:8d:7d:
36:46:2c:bf:69:4d:51:e7:66:0b:da:94:20:4c:b2:
79:14:4c:ee:0c:12:cd:49:fe:0c:8e:e5:8a:8a:3d:
5b:17:d7:2e:48:1f:81:84:84:5d:da:40:5c:a1:5f:
4e:f8:ac:b1:5b:5f:a2:15:d0:a2:31:8f:88:af:49:
9d:f3:e5:42:05:2f:b2:c6:87:72:95:32:c8:23:29:
69:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:1D:EC:C0:E4:0F:F6:F1:2A:F2:0C:E1:5F:B6:5C:CD:9E:A6:08:69
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zh3swOQP9vEq8gzhX7ZczZ6mCGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.23.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:57:d1:e3:21:07:4d:32:2e:6c:f3:26:3a:d5:83:cb:ce:79:
97:a9:2f:6b:32:7b:56:9e:e0:c8:d0:fa:6a:7c:1a:01:38:8e:
6d:c3:2e:c3:dc:ef:bd:08:66:4d:72:8e:b8:eb:28:0d:0c:5b:
5b:29:6e:5a:f5:71:56:e2:6a:0a:bc:f0:85:ec:17:5f:3d:c4:
cf:c7:e4:eb:13:a6:59:da:76:17:c3:ef:60:98:53:4d:d9:a4:
86:14:a9:05:e3:b0:44:d0:0b:64:03:43:06:6d:eb:af:a9:e1:
a6:16:2b:bb:c8:a5:fc:51:32:d2:d0:b0:37:16:47:56:a6:bd:
e2:6d:02:78:14:f6:56:83:f8:18:fc:4f:4e:a0:b1:53:cc:e1:
51:42:d8:d7:af:91:bf:c8:34:62:da:ba:20:48:a1:a1:41:d1:
21:63:a9:e3:46:c5:3b:9b:6b:3e:28:30:9a:41:82:a9:bb:1b:
0f:cc:93:a2:99:53:c6:0d:db:81:84:d5:8f:64:6d:63:d7:05:
c6:a7:85:d6:52:18:5f:0d:94:e4:d7:1c:3c:fb:4e:6f:1f:04:
71:2b:22:37:a7:18:a4:2d:dd:c2:a2:8f:e6:b7:98:b6:49:77:
14:74:63:4b:d1:e9:d7:91:57:65:89:e0:ff:12:c2:97:f6:22:
9d:db:01:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3Eeoy3H0xx0cTItZMWegFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjIwMDMwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTFkZWNjMGU0MGZmNmYxMmFmMjBjZTE1ZmI2NWNjZDllYTYwODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXjncLJZSRHyIK0B+IaQxEwYY1kC
P/Sqb66kXZnAjt/WAq2XLJHDPlq9B9mexDaSjWFXckOYh28Lx3lDHIYfZRdPqrGr
hOWf/4MDMlmU3dOO7XCP2uuK8kXicz2JYnUoXXixpkmMmtNQaGA4xuYDvZqupNx+
rwPK+oawLVYKrcEQX+ga3za/DpAeY/zaQiqYxUCfxYM9G2mzWm2nY2kbGsc9viMx
tQVAQZQSKmo8ScZkjX02Riy/aU1R52YL2pQgTLJ5FEzuDBLNSf4MjuWKij1bF9cu
SB+BhIRd2kBcoV9O+KyxW1+iFdCiMY+Ir0md8+VCBS+yxodylTLIIylp6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4d7MDkD/bxKvIM4V+2XM2epghpMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvemgzc3dPUVA5dkVxOGd6aFg3WmN6WjZtQ0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsXMA0G
CSqGSIb3DQEBCwUAA4IBAQAcV9HjIQdNMi5s8yY61YPLznmXqS9rMntWnuDI0Ppq
fBoBOI5twy7D3O+9CGZNco646ygNDFtbKW5a9XFW4moKvPCF7BdfPcTPx+TrE6ZZ
2nYXw+9gmFNN2aSGFKkF47BE0AtkA0MGbeuvqeGmFiu7yKX8UTLS0LA3FkdWpr3i
bQJ4FPZWg/gY/E9OoLFTzOFRQtjXr5G/yDRi2rogSKGhQdEhY6njRsU7m2s+KDCa
QYKpuxsPzJOimVPGDduBhNWPZG1j1wXGp4XWUhhfDZTk1xw8+05vHwRxKyI3pxik
Ld3Coo/mt5i2SXcUdGNL0enXkVdlieD/EsKX9iKd2wGK
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:28 2024 by rpki-client on console-ams.rpki-client.org