Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/zwC1PsYTKg9BLAycCCsxWdvehy8.roa
File: zwC1PsYTKg9BLAycCCsxWdvehy8.roa (raw, json)
Hash identifier: hFrgdSaOSW8/s7DO0TSmdRre11BmUPgH8f4a3ViTH/U=
Subject key identifier: CF:00:B5:3E:C6:13:2A:0F:41:2C:0C:9C:08:2B:31:59:DB:DE:87:2F
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FAA5892E188A93A864DC85BC5BCB572DE
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/zwC1PsYTKg9BLAycCCsxWdvehy8.roa
Signing time: Fri 24 May 2024 11:24:42 +0000
ROA not before: Fri 24 May 2024 11:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.204.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 20:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:58:92:e1:88:a9:3a:86:4d:c8:5b:c5:bc:b5:72:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: May 24 11:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf00b53ec6132a0f412c0c9c082b3159dbde872f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:37:53:46:0d:d6:6c:02:f0:f1:c1:51:65:2a:
0b:7e:05:8f:1a:33:e4:72:27:e8:bd:3a:45:ca:0d:
82:b8:56:bf:aa:ad:55:ee:59:07:fe:8a:a0:4d:af:
c6:3a:a6:99:dd:57:d9:fa:7a:a0:9a:6e:ec:73:a1:
19:5f:63:13:e2:96:6f:5b:4d:e5:1f:a2:36:63:30:
7f:15:61:19:1b:15:bb:be:ee:d6:5e:c6:70:a9:29:
5d:5c:b0:cc:3a:a6:d1:89:ff:c0:b8:0d:df:ad:f1:
59:57:8f:a2:e4:1b:16:cd:b4:bb:b9:f8:3f:4e:e8:
09:77:0a:73:9f:cb:c9:64:ee:67:52:3a:e6:33:04:
77:18:04:3f:05:9d:e4:fe:ff:6f:cc:ca:8a:f1:4c:
ea:ef:76:a1:93:01:35:e7:41:d2:31:3f:1e:06:66:
db:2c:a7:a5:e2:fb:90:fc:38:51:e9:dd:fe:ac:ad:
00:dd:2d:53:d4:0e:89:2c:a7:d3:06:06:ac:16:0c:
5e:a9:d7:61:6b:3e:ed:08:94:4c:74:ea:38:e6:0d:
7e:81:5f:d3:f7:65:3c:e7:c2:2a:12:2a:ff:47:f4:
3d:63:87:88:e0:9d:31:fc:82:84:5a:25:0f:53:22:
62:fe:b3:f4:c4:b7:15:a9:c2:ff:1e:07:29:1b:ff:
37:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:00:B5:3E:C6:13:2A:0F:41:2C:0C:9C:08:2B:31:59:DB:DE:87:2F
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/zwC1PsYTKg9BLAycCCsxWdvehy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.204.0/24
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
37:5e:a2:d7:2a:5d:48:3d:50:2f:34:85:ae:19:32:44:06:04:
e4:4d:68:24:a9:26:57:9a:78:fd:d5:e5:ff:6f:0d:04:77:16:
db:ed:54:9c:05:1b:b5:8e:c4:41:c7:ba:f1:88:06:ef:b5:13:
7a:34:87:98:ad:54:78:d1:b4:37:de:97:c3:03:7e:a2:2b:74:
5f:3a:9e:54:5d:d9:59:b9:59:48:85:1e:af:c1:9d:c7:e4:ce:
f9:56:d5:bf:f4:20:be:d8:02:5f:d7:11:ab:a3:cc:2f:f2:f4:
40:34:e6:2c:ae:d3:e5:85:a3:83:59:cc:fb:ea:64:f9:93:a0:
e5:f6:35:35:fc:07:60:0e:a8:a9:bf:be:67:41:16:5f:04:df:
3f:7d:59:47:23:2f:bc:04:b4:ec:79:10:50:c1:b5:7e:bb:ef:
d7:b5:61:c6:14:ef:96:73:d0:1a:50:cc:99:92:70:ea:7c:1e:
92:6e:1d:25:94:02:eb:c2:e0:29:25:4d:af:76:85:ef:5f:85:
67:bb:3e:7d:26:d1:2c:31:09:72:c0:62:f5:7f:9b:5b:c0:8f:
6f:28:10:d9:97:ba:3f:05:62:b7:ec:77:74:c3:26:aa:49:34:
a4:dd:b1:4e:d2:2c:52:5a:8a:72:8b:8a:aa:7e:39:2e:06:48:
4b:5c:87:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+qWJLhiKk6hk3IW8W8tXLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNTI0MTEyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAwYjUzZWM2MTMyYTBmNDEyYzBjOWMwODJiMzE1OWRiZGU4NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjdTRg3WbALw8cFRZSoLfgWPGjPk
cifovTpFyg2CuFa/qq1V7lkH/oqgTa/GOqaZ3VfZ+nqgmm7sc6EZX2MT4pZvW03l
H6I2YzB/FWEZGxW7vu7WXsZwqSldXLDMOqbRif/AuA3frfFZV4+i5BsWzbS7ufg/
TugJdwpzn8vJZO5nUjrmMwR3GAQ/BZ3k/v9vzMqK8Uzq73ahkwE150HSMT8eBmbb
LKel4vuQ/DhR6d3+rK0A3S1T1A6JLKfTBgasFgxeqddhaz7tCJRMdOo45g1+gV/T
92U858IqEir/R/Q9Y4eI4J0x/IKEWiUPUyJi/rP0xLcVqcL/HgcpG/83cwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM8AtT7GEyoPQSwMnAgrMVnb3ocvMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvendDMVBzWVRLZzlCTEF5Y0NDc3hXZHZlaHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnMAwQB
WfnOAwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQA3XqLXKl1IPVAvNIWuGTJEBgTk
TWgkqSZXmnj91eX/bw0Edxbb7VScBRu1jsRBx7rxiAbvtRN6NIeYrVR40bQ33pfD
A36iK3RfOp5UXdlZuVlIhR6vwZ3H5M75VtW/9CC+2AJf1xGro8wv8vRANOYsrtPl
haODWcz76mT5k6Dl9jU1/AdgDqipv75nQRZfBN8/fVlHIy+8BLTseRBQwbV+u+/X
tWHGFO+Wc9AaUMyZknDqfB6Sbh0llALrwuApJU2vdoXvX4Vnuz59JtEsMQlywGL1
f5tbwI9vKBDZl7o/BWK37Hd0wyaqSTSk3bFO0ixSWopyi4qqfjkuBkhLXIdQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:59 2025 by rpki-client