Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Zj8EiZq6gclwDEg71U7MMe98D5s.roa
File: Zj8EiZq6gclwDEg71U7MMe98D5s.roa (raw, json)
Hash identifier: oQT5tn1Rxq6PhKRO5hDiyA5qVcpG2wrdPPbr9zWp9FY=
Subject key identifier: 66:3F:04:89:9A:BA:81:C9:70:0C:48:3B:D5:4E:CC:31:EF:7C:0F:9B
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 018DC1906571C19DD2DCDC1F7822AABE73D4
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Zj8EiZq6gclwDEg71U7MMe98D5s.roa
Signing time: Mon 19 Feb 2024 13:31:22 +0000
ROA not before: Mon 19 Feb 2024 13:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.23.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:90:65:71:c1:9d:d2:dc:dc:1f:78:22:aa:be:73:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Feb 19 13:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663f04899aba81c9700c483bd54ecc31ef7c0f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:21:f3:e1:34:29:39:7f:a3:cd:7b:4a:c6:
43:2f:5d:07:75:78:14:b7:72:74:ef:4d:ae:70:8d:
9f:a7:f6:87:a0:de:f5:42:9a:f2:1c:8c:46:3e:da:
95:fb:0f:7f:9f:90:1e:65:e4:1f:18:7b:72:09:f5:
47:a1:e3:59:31:aa:c2:f2:c8:79:81:65:14:1b:9a:
63:82:e3:a9:81:c5:70:fa:cb:eb:ad:8b:44:a6:eb:
a8:fb:8e:65:9b:b3:35:8e:57:31:c9:f6:f3:f1:25:
7b:e5:2e:bd:2a:5f:c4:da:97:e9:a2:1b:c0:bc:42:
2c:06:70:b2:03:c6:f6:f8:02:a8:59:6a:77:bb:72:
36:ff:2e:94:ae:8e:39:df:58:5e:d2:e4:d7:66:db:
66:fb:a0:99:a3:6f:30:fa:41:6f:d2:3c:98:e9:56:
7a:ae:49:a7:82:83:07:64:c7:50:a8:94:9f:8f:87:
db:cb:64:9d:a0:49:c6:ad:00:42:49:5a:4a:d0:58:
e1:73:32:54:aa:08:a7:6f:ec:5b:cc:5d:e5:bd:5b:
71:51:09:28:9f:fc:89:d3:fd:20:ea:26:67:3e:68:
49:72:ec:53:ec:7a:73:6f:d5:14:ca:aa:81:06:ab:
7e:f8:1d:e9:f6:ef:db:a5:87:5d:79:3c:01:04:91:
a4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3F:04:89:9A:BA:81:C9:70:0C:48:3B:D5:4E:CC:31:EF:7C:0F:9B
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Zj8EiZq6gclwDEg71U7MMe98D5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.82.0/24
Signature Algorithm: sha256WithRSAEncryption
09:a2:99:ac:8f:5c:a3:61:77:f8:a7:b1:c0:90:fa:79:6f:dc:
d4:72:5f:a8:e9:4c:b4:7e:bc:b0:ef:b2:65:cd:5c:26:63:d6:
5e:50:b0:ef:88:0a:d8:15:b4:37:e5:69:29:7f:73:45:94:c7:
6a:ff:2d:aa:f7:63:a1:de:4d:19:d6:ba:7d:66:d2:83:49:10:
18:70:2c:08:bc:87:8f:6f:64:d0:89:e7:37:4e:ea:38:c5:79:
94:0b:f4:0d:ca:9e:08:ff:ec:00:b9:24:05:34:23:d8:71:c1:
37:97:fb:1e:44:ff:2e:a6:f5:dc:f3:68:cc:86:07:f5:00:31:
96:14:5b:c6:87:b3:20:86:54:a5:82:40:d2:3d:8d:43:23:c5:
c2:49:b3:f2:13:53:eb:c9:55:da:9d:41:d6:25:6b:71:a4:5e:
f9:9f:fa:db:29:61:21:45:c0:e9:fe:5d:3c:a3:50:43:82:99:
c7:4a:dd:5c:86:74:df:4e:c4:a4:22:b6:05:4f:63:ca:4b:cf:
a1:e0:84:ca:64:c2:2d:ac:21:e4:32:bd:a1:cd:d7:1b:0b:c8:
62:55:27:fa:61:9d:1f:c1:1a:0e:20:d5:73:b8:89:6b:23:3a:
6c:2d:73:10:38:78:81:a3:b4:25:0e:30:50:46:ff:d9:28:26:
e5:3e:38:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3BkGVxwZ3S3NwfeCKqvnPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQwMjE5MTMzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjNmMDQ4OTlhYmE4MWM5NzAwYzQ4M2JkNTRlY2MzMWVmN2MwZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSoh8+E0KTl/o817SsZDL10HdXgU
t3J0702ucI2fp/aHoN71QpryHIxGPtqV+w9/n5AeZeQfGHtyCfVHoeNZMarC8sh5
gWUUG5pjguOpgcVw+svrrYtEpuuo+45lm7M1jlcxyfbz8SV75S69Kl/E2pfpohvA
vEIsBnCyA8b2+AKoWWp3u3I2/y6Uro4531he0uTXZttm+6CZo28w+kFv0jyY6VZ6
rkmngoMHZMdQqJSfj4fby2SdoEnGrQBCSVpK0FjhczJUqginb+xbzF3lvVtxUQko
n/yJ0/0g6iZnPmhJcuxT7Hpzb9UUyqqBBqt++B3p9u/bpYddeTwBBJGkcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGY/BImauoHJcAxIO9VOzDHvfA+bMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvWmo4RWlacTZnY2x3REVnNzFVN01NZTk4RDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdSMA0G
CSqGSIb3DQEBCwUAA4IBAQAJopmsj1yjYXf4p7HAkPp5b9zUcl+o6Uy0fryw77Jl
zVwmY9ZeULDviArYFbQ35Wkpf3NFlMdq/y2q92Oh3k0Z1rp9ZtKDSRAYcCwIvIeP
b2TQiec3Tuo4xXmUC/QNyp4I/+wAuSQFNCPYccE3l/seRP8upvXc82jMhgf1ADGW
FFvGh7MghlSlgkDSPY1DI8XCSbPyE1PryVXanUHWJWtxpF75n/rbKWEhRcDp/l08
o1BDgpnHSt1chnTfTsSkIrYFT2PKS8+h4ITKZMItrCHkMr2hzdcbC8hiVSf6YZ0f
wRoOINVzuIlrIzpsLXMQOHiBo7QlDjBQRv/ZKCblPjho
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:43 2025 by rpki-client