Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/ZH86vocEa89x9-t4P0eN9ja4sKc.roa
File: ZH86vocEa89x9-t4P0eN9ja4sKc.roa (raw, json)
Hash identifier: VueA5UwwblcI4461dyDUrIi+rSY3m7Kg15Wc80OTxwg=
Subject key identifier: 64:7F:3A:BE:87:04:6B:CF:71:F7:EB:78:3F:47:8D:F6:36:B8:B0:A7
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 018CF835BDD85F73E9FEE0528304F07193E3
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/ZH86vocEa89x9-t4P0eN9ja4sKc.roa
Signing time: Thu 11 Jan 2024 11:08:40 +0000
ROA not before: Thu 11 Jan 2024 11:08:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12929
IP address blocks: 89.9.254.0/24 maxlen: 24
89.9.72.0/23 maxlen: 24
89.8.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Mon 29 Apr 2024 22:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:35:bd:d8:5f:73:e9:fe:e0:52:83:04:f0:71:93:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: Jan 11 11:08:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=647f3abe87046bcf71f7eb783f478df636b8b0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:89:ae:29:e8:3f:40:9f:75:92:85:e3:82:f7:
a7:ad:17:75:52:98:b5:df:62:24:a4:01:15:9f:9a:
f6:19:17:c9:0a:8a:97:6e:69:82:d7:3b:29:a6:74:
5f:06:11:0d:5e:ac:12:f4:6b:f0:aa:a1:7f:ed:95:
d3:a3:35:17:ab:fb:f0:68:36:41:3a:31:63:b8:17:
05:f8:37:ef:cb:91:52:54:00:3a:1f:9a:0e:23:0c:
76:a4:2e:56:9c:05:be:e0:73:8b:76:f8:49:8c:ba:
58:bf:11:7a:74:42:dd:22:43:55:c4:99:ee:89:06:
41:03:22:cd:5b:25:53:96:4c:47:38:9f:be:bb:51:
fc:f6:46:e7:ef:93:88:46:a1:85:cc:de:48:17:39:
92:7a:bc:fc:54:ae:d0:82:98:95:bb:f7:21:33:8b:
13:ad:6e:c1:bc:37:48:4a:eb:73:4a:e4:df:34:99:
4f:75:1a:5e:12:5a:86:c1:bd:1d:17:45:62:90:a9:
bc:d1:90:57:f9:2f:fa:f7:00:63:44:50:ab:7f:a3:
d2:d4:c4:d6:1e:5a:c2:99:d3:88:a5:1d:b7:b1:89:
eb:40:ef:78:aa:2a:8e:e7:e3:5c:46:b4:29:62:50:
77:43:80:eb:89:34:70:63:1d:22:86:f2:56:29:e5:
aa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:7F:3A:BE:87:04:6B:CF:71:F7:EB:78:3F:47:8D:F6:36:B8:B0:A7
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/ZH86vocEa89x9-t4P0eN9ja4sKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.8.0.0/15
Signature Algorithm: sha256WithRSAEncryption
05:cb:6b:f1:29:dc:15:91:a0:e2:e7:33:7c:21:2d:51:be:05:
01:63:0f:d1:1a:ef:dd:e0:c9:b3:26:bf:ba:b5:c6:a0:d0:36:
ff:8a:5a:d6:3b:32:01:64:54:d7:3e:77:50:7d:64:63:55:58:
cc:c3:15:be:ff:cc:3d:1b:6a:45:41:47:df:93:62:5d:f7:03:
f9:26:ba:85:0d:c9:08:4e:78:d4:1c:89:8b:fe:c6:63:db:c3:
95:ea:e4:6d:da:bc:3f:09:a5:e6:05:f5:39:1b:9e:ad:ee:cb:
ba:2a:57:ee:f6:dc:62:ab:5c:a5:d9:0d:6f:1c:05:fb:0d:b7:
a3:7d:b9:e2:8d:4d:92:ab:86:07:95:4b:69:e5:aa:2a:cb:c2:
54:c5:d4:ef:d9:48:bd:63:c2:b4:76:4a:aa:33:4e:bd:cf:64:
fb:4b:3b:64:7a:d5:87:5e:45:8c:df:89:f9:ca:4b:87:e5:9a:
11:e8:de:98:85:62:7d:e1:eb:c8:54:b4:86:44:d6:40:b3:3f:
e9:ac:79:e1:06:c7:5f:ef:d9:e9:ca:e2:df:bd:51:1b:94:4b:
9b:25:7c:11:f8:d7:4c:78:b2:9b:d1:13:74:2c:09:27:2d:8b:
33:c7:eb:40:cb:3d:46:dc:ad:95:54:a9:34:66:0f:1d:d9:96:
86:33:fb:0b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYz4Nb3YX3Pp/uBSgwTwcZPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjQwMTExMTEwODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDdmM2FiZTg3MDQ2YmNmNzFmN2ViNzgzZjQ3OGRmNjM2YjhiMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYmuKeg/QJ91koXjgvenrRd1Upi1
32IkpAEVn5r2GRfJCoqXbmmC1zsppnRfBhENXqwS9GvwqqF/7ZXTozUXq/vwaDZB
OjFjuBcF+Dfvy5FSVAA6H5oOIwx2pC5WnAW+4HOLdvhJjLpYvxF6dELdIkNVxJnu
iQZBAyLNWyVTlkxHOJ++u1H89kbn75OIRqGFzN5IFzmSerz8VK7QgpiVu/chM4sT
rW7BvDdISutzSuTfNJlPdRpeElqGwb0dF0VikKm80ZBX+S/69wBjRFCrf6PS1MTW
HlrCmdOIpR23sYnrQO94qiqO5+NcRrQpYlB3Q4DriTRwYx0ihvJWKeWqrwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGR/Or6HBGvPcffreD9HjfY2uLCnMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvWkg4NnZvY0VhODl4OS10NFAwZU45amE0c0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBWQgwDQYJ
KoZIhvcNAQELBQADggEBAAXLa/Ep3BWRoOLnM3whLVG+BQFjD9Ea793gybMmv7q1
xqDQNv+KWtY7MgFkVNc+d1B9ZGNVWMzDFb7/zD0bakVBR9+TYl33A/kmuoUNyQhO
eNQciYv+xmPbw5Xq5G3avD8JpeYF9Tkbnq3uy7oqV+723GKrXKXZDW8cBfsNt6N9
ueKNTZKrhgeVS2nlqirLwlTF1O/ZSL1jwrR2SqozTr3PZPtLO2R61YdeRYzfifnK
S4flmhHo3piFYn3h68hUtIZE1kCzP+mseeEGx1/v2enK4t+9URuUS5slfBH410x4
spvRE3QsCSctizPH60DLPUbcrZVUqTRmDx3ZloYz+ws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:43 2024 by rpki-client on console-fra.rpki-client.org