Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PZ2aRcHph6rHD3KEV58Ql7nT4s4.roa
File: PZ2aRcHph6rHD3KEV58Ql7nT4s4.roa (raw, json)
Hash identifier: lrxTcjUnrRPIBRhyM8j9sR0RhY8lP9Wjb9mzur9iBW4=
Subject key identifier: 3D:9D:9A:45:C1:E9:87:AA:C7:0F:72:84:57:9F:10:97:B9:D3:E2:CE
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0AD8DDA71E651FB1DC1DAD429E3D86
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PZ2aRcHph6rHD3KEV58Ql7nT4s4.roa
Signing time: Sun 01 Jan 2023 11:15:05 +0000
ROA not before: Sun 01 Jan 2023 11:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47798
IP address blocks: 89.3.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d8:dd:a7:1e:65:1f:b1:dc:1d:ad:42:9e:3d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d9d9a45c1e987aac70f7284579f1097b9d3e2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:0a:01:d2:86:af:4a:21:07:87:92:b8:81:
5c:ac:ad:96:87:ef:e2:34:7b:42:0c:ab:d3:e6:59:
54:a4:2e:cc:c5:2e:e7:dd:90:8f:20:f1:61:32:01:
0f:db:bb:f5:54:61:32:51:2a:b0:d1:fa:47:2a:7d:
b1:46:e3:51:a8:67:d9:6c:3a:c3:25:17:6b:3d:a0:
18:1a:e3:09:60:c3:cd:08:30:1f:d9:65:f0:9c:f5:
ea:ee:cb:8c:db:fa:b3:d3:a3:8f:94:6e:31:90:04:
13:bd:18:ab:e0:5b:ec:7b:e6:32:27:22:7b:81:26:
0e:e7:8a:1d:47:4f:d5:03:ae:73:cc:cc:34:59:1c:
d1:2f:81:d2:30:a0:73:f9:7b:31:e0:63:a5:03:77:
db:0e:f4:ab:4d:c9:42:93:5d:48:ba:54:c2:66:66:
79:6a:5f:84:e4:8c:cf:36:92:37:f9:61:c7:ef:09:
d7:53:36:ed:2a:a6:f1:d2:ee:ad:a2:7d:bb:95:3b:
4f:cf:91:69:da:cc:6c:83:ba:12:d2:5f:c9:0f:c2:
ff:00:91:d2:6c:38:7b:61:ad:f9:b2:9b:e0:fa:09:
5b:08:bb:b5:07:bc:e4:a4:c8:ba:58:ea:7f:66:35:
74:5a:e4:82:f1:b4:07:13:5b:6c:0d:51:42:5a:3f:
84:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9D:9A:45:C1:E9:87:AA:C7:0F:72:84:57:9F:10:97:B9:D3:E2:CE
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PZ2aRcHph6rHD3KEV58Ql7nT4s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.3.240.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:7e:8c:45:f1:cc:2e:d2:25:a5:86:3e:c7:12:e0:2b:cb:52:
11:e5:25:0b:4c:f9:d9:89:7f:8e:19:91:31:cb:02:ac:a0:9a:
8e:a6:9f:27:9d:6d:63:51:33:28:a6:07:ae:05:45:2b:7b:b8:
e6:57:45:08:24:31:58:88:37:82:b5:9b:07:36:3f:2f:0e:dc:
b9:29:7b:a6:64:21:cc:f2:b2:f8:d5:4b:00:9d:e7:39:a0:07:
a1:33:2b:9a:0b:29:ec:9f:3e:fb:4b:a3:ae:5b:18:28:56:65:
15:ae:90:eb:43:ea:6d:45:a5:51:b0:03:c6:f6:c7:be:9e:e8:
71:27:e9:05:4a:29:a7:df:32:ed:82:bd:ba:9a:4a:8f:da:e6:
0d:01:54:2e:b7:90:a2:94:2e:c4:ed:bb:b0:ae:a9:45:7b:6a:
aa:21:d3:2c:67:d3:c8:61:70:54:fc:21:e6:a9:f6:2a:d9:59:
47:cd:bf:46:14:97:37:06:f1:6c:33:f6:d2:c8:61:77:4f:af:
ce:07:6c:60:39:44:de:8f:9f:c6:eb:61:04:ca:54:02:4a:15:
bd:26:b3:9e:37:3f:fc:be:66:b8:6f:2b:08:77:31:6a:4a:2d:
69:b8:a8:c7:ee:bf:03:b4:67:b8:81:b1:19:27:52:8d:37:84:
03:0a:63:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCtjdpx5lH7HcHa1Cnj2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlkOWE0NWMxZTk4N2FhYzcwZjcyODQ1NzlmMTA5N2I5ZDNlMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso0KAdKGr0ohB4eSuIFcrK2Wh+/i
NHtCDKvT5llUpC7MxS7n3ZCPIPFhMgEP27v1VGEyUSqw0fpHKn2xRuNRqGfZbDrD
JRdrPaAYGuMJYMPNCDAf2WXwnPXq7suM2/qz06OPlG4xkAQTvRir4Fvse+YyJyJ7
gSYO54odR0/VA65zzMw0WRzRL4HSMKBz+Xsx4GOlA3fbDvSrTclCk11IulTCZmZ5
al+E5IzPNpI3+WHH7wnXUzbtKqbx0u6ton27lTtPz5Fp2sxsg7oS0l/JD8L/AJHS
bDh7Ya35spvg+glbCLu1B7zkpMi6WOp/ZjV0WuSC8bQHE1tsDVFCWj+EpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2dmkXB6Yeqxw9yhFefEJe50+LOMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvUFoyYVJjSHBoNnJIRDNLRVY1OFFsN25UNHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWQPwMA0G
CSqGSIb3DQEBCwUAA4IBAQBLfoxF8cwu0iWlhj7HEuAry1IR5SULTPnZiX+OGZEx
ywKsoJqOpp8nnW1jUTMopgeuBUUre7jmV0UIJDFYiDeCtZsHNj8vDty5KXumZCHM
8rL41UsAnec5oAehMyuaCynsnz77S6OuWxgoVmUVrpDrQ+ptRaVRsAPG9se+nuhx
J+kFSimn3zLtgr26mkqP2uYNAVQut5CilC7E7buwrqlFe2qqIdMsZ9PIYXBU/CHm
qfYq2VlHzb9GFJc3BvFsM/bSyGF3T6/OB2xgOUTej5/G62EEylQCShW9JrOeNz/8
vma4bysIdzFqSi1puKjH7r8DtGe4gbEZJ1KNN4QDCmOc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org