Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qzY1hUaqYLVzdV9nN9hsSyDsyBE.roa
File: qzY1hUaqYLVzdV9nN9hsSyDsyBE.roa (raw, json)
Hash identifier: H2VPtp7qSqIVwoVimEjz5QlxXLA0GiIxX5M1lO5ndFc=
Subject key identifier: AB:36:35:85:46:AA:60:B5:73:75:5F:67:37:D8:6C:4B:20:EC:C8:11
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01923310C0931186E9749139E5C735F2900D
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qzY1hUaqYLVzdV9nN9hsSyDsyBE.roa
Signing time: Fri 27 Sep 2024 10:39:48 +0000
ROA not before: Fri 27 Sep 2024 10:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 89.21.86.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 14:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:10:c0:93:11:86:e9:74:91:39:e5:c7:35:f2:90:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 27 10:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab36358546aa60b573755f6737d86c4b20ecc811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1b:8c:7d:30:59:fe:99:30:80:07:cb:8f:69:
c6:ca:4e:fc:57:c1:7b:df:b7:78:d0:0d:bd:bd:b2:
84:4c:75:b7:a3:38:c1:8a:d4:f4:b9:62:d1:29:66:
91:f1:52:06:2a:43:71:a8:0a:87:d7:09:a4:79:71:
e1:46:9a:9f:82:97:bc:f2:7e:94:8b:36:e5:c6:97:
bc:00:12:51:c4:17:39:d2:b4:d1:3d:48:ef:18:40:
99:eb:af:32:cc:ef:88:7f:93:1a:28:74:d5:20:91:
ad:78:19:1e:e5:ee:d4:8d:6d:08:3d:6e:d3:bd:1d:
bf:b9:62:8c:61:84:da:2a:02:6b:a1:d4:75:f5:f6:
7d:6f:d9:1d:5e:5c:4a:a1:87:13:63:1d:1d:30:bf:
18:e0:e5:c4:7c:e1:2d:b7:5f:f3:71:eb:82:55:ed:
8e:97:f6:74:7c:34:42:a9:41:dc:ee:88:07:6b:42:
2e:a7:25:e1:d7:1c:5d:7e:70:70:ca:97:99:c2:43:
4e:40:d0:c6:7e:3b:03:ee:d8:ab:94:b0:e9:92:23:
5d:98:39:3c:87:2c:85:e8:12:91:ba:c3:a5:3b:55:
54:f8:c9:ec:c7:bd:f5:09:9e:bc:e7:a6:7d:8d:14:
e0:aa:15:e9:a3:6f:66:f7:56:a4:5b:d9:fa:84:d6:
d3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:36:35:85:46:AA:60:B5:73:75:5F:67:37:D8:6C:4B:20:EC:C8:11
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qzY1hUaqYLVzdV9nN9hsSyDsyBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.86.0/24
89.251.24.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:04:8f:7e:20:f8:01:14:e2:79:2f:3f:bf:88:30:cb:1a:1e:
5e:80:0d:39:24:9e:35:52:d8:22:93:02:10:04:f6:1d:19:ea:
bc:0d:1b:d4:e1:3b:9f:3d:c8:09:5e:65:1b:28:45:c2:57:8a:
85:32:69:e6:5c:2c:10:e6:b1:70:34:1b:94:6a:41:64:94:99:
38:b1:89:97:28:c6:3d:f1:c0:55:95:19:08:22:d0:d1:5c:16:
59:ba:7f:7c:c3:f9:c6:13:a0:68:99:a9:d8:dc:03:5a:f7:97:
1e:0b:29:49:1b:3c:f0:06:44:a6:8a:56:64:37:87:04:1f:ae:
be:56:8f:60:8e:61:25:2c:3c:e3:ed:83:2b:83:39:ca:75:9c:
35:cf:54:89:ee:3f:a9:4d:92:7f:50:ae:33:0f:d6:73:2c:45:
f0:e6:38:75:f0:fe:9f:bc:af:71:90:f5:34:e6:7d:a1:95:2f:
4f:e7:fa:41:57:45:23:6f:10:4f:e9:a7:4b:e6:e2:7b:e8:0c:
19:e2:0b:a0:7c:50:3c:4d:f2:7d:8d:34:5c:96:c1:b5:5d:50:
1a:5c:0a:b4:e3:35:b1:13:88:41:b2:75:9f:fd:fc:11:b4:ae:
74:47:82:04:1d:34:79:07:93:b7:d2:40:a0:61:50:ed:21:98:
e5:18:9f:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIzEMCTEYbpdJE55cc18pANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwOTI3MTAzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjM2MzU4NTQ2YWE2MGI1NzM3NTVmNjczN2Q4NmM0YjIwZWNjODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxuMfTBZ/pkwgAfLj2nGyk78V8F7
37d40A29vbKETHW3ozjBitT0uWLRKWaR8VIGKkNxqAqH1wmkeXHhRpqfgpe88n6U
izblxpe8ABJRxBc50rTRPUjvGECZ668yzO+If5MaKHTVIJGteBke5e7UjW0IPW7T
vR2/uWKMYYTaKgJrodR19fZ9b9kdXlxKoYcTYx0dML8Y4OXEfOEtt1/zceuCVe2O
l/Z0fDRCqUHc7ogHa0IupyXh1xxdfnBwypeZwkNOQNDGfjsD7tirlLDpkiNdmDk8
hyyF6BKRusOlO1VU+Mnsx731CZ6856Z9jRTgqhXpo29m91akW9n6hNbT8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKs2NYVGqmC1c3VfZzfYbEsg7MgRMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvcXpZMWhVYXFZTFZ6ZFY5bk45aHNTeURzeUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRVWAwQA
WfsYMA0GCSqGSIb3DQEBCwUAA4IBAQArBI9+IPgBFOJ5Lz+/iDDLGh5egA05JJ41
UtgikwIQBPYdGeq8DRvU4TufPcgJXmUbKEXCV4qFMmnmXCwQ5rFwNBuUakFklJk4
sYmXKMY98cBVlRkIItDRXBZZun98w/nGE6BomanY3ANa95ceCylJGzzwBkSmilZk
N4cEH66+Vo9gjmElLDzj7YMrgznKdZw1z1SJ7j+pTZJ/UK4zD9ZzLEXw5jh18P6f
vK9xkPU05n2hlS9P5/pBV0UjbxBP6adL5uJ76AwZ4gugfFA8TfJ9jTRclsG1XVAa
XAq04zWxE4hBsnWf/fwRtK50R4IEHTR5B5O30kCgYVDtIZjlGJ/y
-----END CERTIFICATE-----
Generated at Thu Nov 7 17:43:10 2024 by rpki-client on console-ams.rpki-client.org