Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/zb4mbgtRfNTNEhz7Vgxdo0h6his.roa
File: zb4mbgtRfNTNEhz7Vgxdo0h6his.roa (raw, json)
Hash identifier: XZ/L4RN+BJFoUwW1Z6KOxF8EIyng5gCe7s6om6he/pw=
Subject key identifier: CD:BE:26:6E:0B:51:7C:D4:CD:12:1C:FB:56:0C:5D:A3:48:7A:86:2B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B4C3E09DBCCE8498E03594B4F4A3CF258
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/zb4mbgtRfNTNEhz7Vgxdo0h6his.roa
Signing time: Fri 20 Oct 2023 08:40:15 +0000
ROA not before: Fri 20 Oct 2023 08:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 27 Oct 2023 08:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:3e:09:db:cc:e8:49:8e:03:59:4b:4f:4a:3c:f2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 20 08:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdbe266e0b517cd4cd121cfb560c5da3487a862b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:98:1b:ec:98:09:2d:b4:88:80:f8:39:86:53:
ec:88:00:6f:e6:dd:3c:18:4c:81:e2:99:f9:18:9a:
ae:15:88:be:bd:ba:fe:4c:3e:7e:33:c7:f6:48:2a:
9b:59:1f:ef:07:8e:7d:9a:7a:b1:64:8f:2d:43:78:
6f:fe:80:af:bc:28:dd:9d:7e:d3:9b:42:9b:2a:76:
0a:be:bc:5b:da:f2:51:ec:46:76:b8:95:c1:f8:28:
e7:02:18:57:19:4c:8a:ab:f7:04:23:41:a7:04:fe:
1a:ee:1e:02:da:b5:3f:80:18:e2:a9:c0:54:ca:18:
29:35:09:13:59:c2:45:85:0d:67:d5:c7:1d:fd:94:
41:df:a6:7a:71:7e:9d:70:88:c2:c9:f3:5e:33:af:
2c:fb:c3:a1:b5:ab:5b:27:5f:db:af:be:9d:da:c7:
bb:6f:e0:e3:47:7d:f1:6f:97:92:4d:61:20:ba:c4:
0e:1b:2b:b4:6f:2b:e2:ad:10:c8:41:5a:3b:08:e3:
a1:0f:0b:fa:c2:46:cd:67:bb:36:86:5b:a7:b9:4a:
05:1a:a0:cd:90:a9:18:e9:14:6e:12:7d:f9:eb:97:
6f:1f:68:40:af:74:11:3d:e9:c6:68:00:0d:21:25:
3e:b0:d9:c5:9e:4b:70:94:91:49:13:e9:c3:9a:8c:
65:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BE:26:6E:0B:51:7C:D4:CD:12:1C:FB:56:0C:5D:A3:48:7A:86:2B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/zb4mbgtRfNTNEhz7Vgxdo0h6his.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
81:dc:47:fd:d1:d0:da:34:fb:5d:9b:86:29:00:82:db:cc:58:
cd:77:c1:dc:f6:9e:84:81:ef:4e:81:af:b1:f7:c7:75:f1:19:
94:45:e2:85:67:d7:8a:26:8e:38:cb:15:fe:bf:7e:a2:67:ba:
76:fd:10:ec:b8:7c:e3:67:5a:95:d1:e9:e0:7b:49:a0:f1:5d:
62:9e:9b:8c:9c:fa:52:df:20:c5:ad:c1:ff:f1:79:f8:4f:a3:
8e:8b:06:18:f3:cf:65:05:c7:3b:22:7e:5c:dc:3a:43:93:62:
7f:ed:26:5f:af:6b:7f:43:dd:dd:92:73:c1:db:bf:13:54:e8:
7b:e6:75:8f:75:41:b0:54:80:86:7f:f2:65:07:2c:d7:38:e9:
db:e2:96:ae:e0:9f:15:3e:bf:a2:0b:60:5c:f6:fc:af:f3:01:
d3:f7:c3:27:fb:84:b8:6a:c7:ad:81:1f:5e:a1:26:ad:cf:5f:
c6:60:ac:c6:cc:16:04:5c:6d:92:f0:24:2f:85:59:ff:1f:45:
58:fa:a1:ae:77:0a:32:55:40:7f:b1:af:b6:ae:b5:5a:71:11:
b0:3d:f1:56:5a:43:30:d6:e1:93:77:65:79:97:49:af:de:27:
e1:87:04:0b:67:6e:77:a3:5a:5f:3c:f6:19:14:1c:c3:4d:03:
81:49:d0:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtMPgnbzOhJjgNZS09KPPJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDIwMDg0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGJlMjY2ZTBiNTE3Y2Q0Y2QxMjFjZmI1NjBjNWRhMzQ4N2E4NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZgb7JgJLbSIgPg5hlPsiABv5t08
GEyB4pn5GJquFYi+vbr+TD5+M8f2SCqbWR/vB459mnqxZI8tQ3hv/oCvvCjdnX7T
m0KbKnYKvrxb2vJR7EZ2uJXB+CjnAhhXGUyKq/cEI0GnBP4a7h4C2rU/gBjiqcBU
yhgpNQkTWcJFhQ1n1ccd/ZRB36Z6cX6dcIjCyfNeM68s+8OhtatbJ1/br76d2se7
b+DjR33xb5eSTWEgusQOGyu0byvirRDIQVo7COOhDwv6wkbNZ7s2hlunuUoFGqDN
kKkY6RRuEn3565dvH2hAr3QRPenGaAANISU+sNnFnktwlJFJE+nDmoxldQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM2+Jm4LUXzUzRIc+1YMXaNIeoYrMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvemI0bWJndFJmTlRORWh6N1ZneGRvMGg2aGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCB3Ef90dDaNPtdm4YpAILbzFjN
d8Hc9p6Ege9Oga+x98d18RmUReKFZ9eKJo44yxX+v36iZ7p2/RDsuHzjZ1qV0eng
e0mg8V1inpuMnPpS3yDFrcH/8Xn4T6OOiwYY889lBcc7In5c3DpDk2J/7SZfr2t/
Q93dknPB278TVOh75nWPdUGwVICGf/JlByzXOOnb4pau4J8VPr+iC2Bc9vyv8wHT
98Mn+4S4asetgR9eoSatz1/GYKzGzBYEXG2S8CQvhVn/H0VY+qGudwoyVUB/sa+2
rrVacRGwPfFWWkMw1uGTd2V5l0mv3ifhhwQLZ253o1pfPPYZFBzDTQOBSdBS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:47 2024 by rpki-client on console-ams.rpki-client.org