Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/Zx-vg-QfpY6SNVGg4SY2c1bdFDs.roa
File: Zx-vg-QfpY6SNVGg4SY2c1bdFDs.roa (raw, json)
Hash identifier: 6fUggEb2P65oQXh7T6r0T2I/UAq/7pxdyvF1XrPdGBU=
Subject key identifier: 67:1F:AF:83:E4:1F:A5:8E:92:35:51:A0:E1:26:36:73:56:DD:14:3B
Certificate issuer: /CN=d7622be88a5ceaef8c330d7e96fff435e82053b4
Certificate serial: 01928A3A56E505D8BC3B4575CA442A4AD409
Authority key identifier: D7:62:2B:E8:8A:5C:EA:EF:8C:33:0D:7E:96:FF:F4:35:E8:20:53:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12Ir6Ipc6u-MMw1-lv_0NeggU7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/Zx-vg-QfpY6SNVGg4SY2c1bdFDs.roa
Signing time: Mon 14 Oct 2024 08:52:11 +0000
ROA not before: Mon 14 Oct 2024 08:52:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 91.234.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 09:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:3a:56:e5:05:d8:bc:3b:45:75:ca:44:2a:4a:d4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7622be88a5ceaef8c330d7e96fff435e82053b4
Validity
Not Before: Oct 14 08:52:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=671faf83e41fa58e923551a0e126367356dd143b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:18:63:d1:7e:27:bf:11:fc:62:28:ea:24:d6:
f9:fd:c8:59:24:f3:3b:a6:dc:ea:63:fd:a4:e1:2b:
d9:2c:cb:2a:73:13:04:b3:6a:7a:b8:43:0c:09:92:
f4:51:aa:e8:e1:15:97:14:25:89:8b:ea:43:d6:02:
0a:a1:61:bd:dd:dd:6f:3b:bf:fb:0a:d2:ba:72:5a:
49:9f:58:31:83:1e:d1:95:a8:fe:4c:2e:e9:0b:96:
67:d4:94:0e:be:12:58:f6:6d:64:30:70:3a:79:f4:
9a:d0:bb:85:7e:da:ad:00:67:79:48:99:a0:9c:ef:
09:a4:77:c9:e4:19:29:22:b3:de:0b:05:70:2a:40:
be:98:08:1b:97:ba:cb:d5:43:af:53:a0:58:b5:14:
6e:c3:a2:75:5b:44:5f:fa:48:2f:e7:28:ef:14:84:
a7:d0:f7:60:ae:b3:18:11:62:c8:d0:b2:67:de:40:
9c:67:73:2f:8b:a2:92:ea:65:b0:62:6f:69:7d:f5:
3b:93:4c:aa:fa:55:72:5e:97:e1:71:eb:58:06:1a:
ae:87:98:8d:47:87:7a:d4:55:8f:18:06:7d:4e:81:
28:33:3c:ef:e8:ca:e6:fc:e2:a3:83:90:bb:d2:83:
a3:31:80:9d:1b:b1:94:67:94:e6:7d:9c:e0:4e:a3:
ac:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1F:AF:83:E4:1F:A5:8E:92:35:51:A0:E1:26:36:73:56:DD:14:3B
X509v3 Authority Key Identifier:
keyid:D7:62:2B:E8:8A:5C:EA:EF:8C:33:0D:7E:96:FF:F4:35:E8:20:53:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12Ir6Ipc6u-MMw1-lv_0NeggU7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/Zx-vg-QfpY6SNVGg4SY2c1bdFDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c0a971-d96f-43d4-a8bc-30625317430d/1/12Ir6Ipc6u-MMw1-lv_0NeggU7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.239.0/24
Signature Algorithm: sha256WithRSAEncryption
27:e9:48:86:5f:95:c4:1e:87:f6:e9:e7:92:c9:42:3c:2b:d8:
ad:1f:f5:00:87:8b:2a:80:c4:fe:56:c2:90:74:c7:d7:b7:41:
49:86:24:7f:6c:47:da:5b:5e:da:79:fe:d4:0c:1b:8f:4d:8e:
b3:9c:3e:42:29:bb:26:00:d2:0d:84:43:87:29:00:fa:0a:4c:
3d:3f:08:b3:63:4e:5c:45:ea:10:22:16:10:b8:b4:3a:13:1d:
a8:dc:b3:78:1b:49:77:5e:ee:a8:2f:04:d2:ed:36:9d:38:dd:
7d:32:7a:72:06:20:69:5d:00:07:91:d5:cc:3d:d6:5f:92:1b:
0c:07:48:cb:29:06:d4:f4:7c:ff:0f:9b:3e:23:8b:b6:72:8b:
6d:c4:f9:ac:57:97:fd:d9:dc:fb:b1:1d:0a:51:8b:63:e2:fc:
31:ed:b4:c1:26:05:a6:05:94:c7:7e:d2:29:8d:b6:2c:0f:f5:
2c:16:79:93:1a:e7:b4:4c:2a:1d:fd:b2:53:f3:67:9e:1c:e5:
fb:81:8a:46:aa:c2:c5:11:a4:5e:7c:ba:34:6b:90:84:bc:9c:
97:5a:cd:0f:fc:f6:5f:81:e3:a2:3a:b4:f0:c5:6c:dd:18:54:
a1:ae:65:c9:0c:e4:04:86:02:6b:24:0e:ce:43:b6:4b:bf:5c:
53:af:95:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKKOlblBdi8O0V1ykQqStQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NjIyYmU4OGE1Y2VhZWY4YzMzMGQ3ZTk2ZmZmNDM1ZTgy
MDUzYjQwHhcNMjQxMDE0MDg1MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFmYWY4M2U0MWZhNThlOTIzNTUxYTBlMTI2MzY3MzU2ZGQxNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRhj0X4nvxH8YijqJNb5/chZJPM7
ptzqY/2k4SvZLMsqcxMEs2p6uEMMCZL0Uaro4RWXFCWJi+pD1gIKoWG93d1vO7/7
CtK6clpJn1gxgx7Rlaj+TC7pC5Zn1JQOvhJY9m1kMHA6efSa0LuFftqtAGd5SJmg
nO8JpHfJ5BkpIrPeCwVwKkC+mAgbl7rL1UOvU6BYtRRuw6J1W0Rf+kgv5yjvFISn
0PdgrrMYEWLI0LJn3kCcZ3Mvi6KS6mWwYm9pffU7k0yq+lVyXpfhcetYBhquh5iN
R4d61FWPGAZ9ToEoMzzv6Mrm/OKjg5C70oOjMYCdG7GUZ5TmfZzgTqOsKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcfr4PkH6WOkjVRoOEmNnNW3RQ7MB8GA1UdIwQY
MBaAFNdiK+iKXOrvjDMNfpb/9DXoIFO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJJcjZJcGM2dS1NTXcxLWx2XzBOZWdnVTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jMGE5NzEtZDk2Zi00M2Q0LWE4YmMt
MzA2MjUzMTc0MzBkLzEvWngtdmctUWZwWTZTTlZHZzRTWTJjMWJkRkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jMGE5NzEtZDk2Zi00M2Q0LWE4YmMtMzA2MjUzMTc0MzBk
LzEvMTJJcjZJcGM2dS1NTXcxLWx2XzBOZWdnVTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rvMA0G
CSqGSIb3DQEBCwUAA4IBAQAn6UiGX5XEHof26eeSyUI8K9itH/UAh4sqgMT+VsKQ
dMfXt0FJhiR/bEfaW17aef7UDBuPTY6znD5CKbsmANINhEOHKQD6Ckw9PwizY05c
ReoQIhYQuLQ6Ex2o3LN4G0l3Xu6oLwTS7TadON19MnpyBiBpXQAHkdXMPdZfkhsM
B0jLKQbU9Hz/D5s+I4u2cottxPmsV5f92dz7sR0KUYtj4vwx7bTBJgWmBZTHftIp
jbYsD/UsFnmTGue0TCod/bJT82eeHOX7gYpGqsLFEaRefLo0a5CEvJyXWs0P/PZf
geOiOrTwxWzdGFShrmXJDOQEhgJrJA7OQ7ZLv1xTr5Va
-----END CERTIFICATE-----
Generated at Mon Oct 21 11:47:02 2024 by rpki-client on console-fra.rpki-client.org