Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MzqUSFZnjrTf7xMmI-c7LqXvqxc.roa
File: MzqUSFZnjrTf7xMmI-c7LqXvqxc.roa (raw, json)
Hash identifier: JJP9VvRgJu37H3C6dK0m6gRMMJL+2479CO4GKYS6iCY=
Subject key identifier: 33:3A:94:48:56:67:8E:B4:DF:EF:13:26:23:E7:3B:2E:A5:EF:AB:17
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018E15B0F21C9BDEE4670F5D5958CF21346A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MzqUSFZnjrTf7xMmI-c7LqXvqxc.roa
Signing time: Wed 06 Mar 2024 21:35:01 +0000
ROA not before: Wed 06 Mar 2024 21:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 265770
IP address blocks: 89.32.126.0/24 maxlen: 24
89.40.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 20:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:b0:f2:1c:9b:de:e4:67:0f:5d:59:58:cf:21:34:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 6 21:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=333a944856678eb4dfef132623e73b2ea5efab17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c5:c6:b3:3b:ff:83:04:55:a0:83:48:e5:62:
00:49:2c:67:70:a6:4f:40:b8:de:be:e0:c4:c8:ff:
04:9d:85:fb:59:60:47:24:0c:fe:f3:09:c0:b2:91:
ac:1c:9e:41:2f:8c:ff:28:ce:dc:f8:a1:fa:2d:52:
85:67:47:41:6f:5a:e8:f6:24:ef:5a:51:31:c1:95:
57:0d:af:db:fa:6c:0a:67:57:e1:af:a8:20:83:9c:
8d:a0:cb:70:f9:a7:9f:4e:d9:34:a8:0e:a3:ef:e2:
3a:94:24:72:18:9c:35:46:d6:8a:81:2e:f5:ca:4e:
ca:a2:35:55:ff:85:cb:21:fc:1b:ef:6b:5f:d5:bb:
2c:0b:37:d2:46:95:5b:df:23:62:5c:13:74:63:3f:
5f:7f:34:60:da:c6:fb:2b:44:8e:4e:d5:0a:dc:62:
91:85:fa:ee:c4:36:6c:df:c6:6e:74:e2:fd:cc:7f:
54:cd:75:e4:ac:69:2f:5f:9e:d3:d8:fb:a6:8b:7f:
54:7a:9d:47:4a:d7:dc:ba:39:86:fc:28:88:d2:a8:
c9:37:d0:99:c7:c5:a6:21:d4:61:6e:b4:d5:63:18:
b8:8b:f5:6e:5d:5b:a7:3b:a8:1e:70:71:e4:db:a1:
21:bc:85:c7:fb:44:66:13:78:e6:8d:a1:17:51:cf:
79:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3A:94:48:56:67:8E:B4:DF:EF:13:26:23:E7:3B:2E:A5:EF:AB:17
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MzqUSFZnjrTf7xMmI-c7LqXvqxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.126.0/24
89.40.35.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f9:44:d3:23:9f:10:34:e7:c2:55:f9:c3:b9:8e:a8:23:64:
e5:f5:7e:4b:64:f2:6b:4e:fb:8b:2b:dd:10:2b:ab:95:75:87:
17:f3:09:46:dd:4d:7c:72:ed:60:83:ea:a6:04:29:4f:6c:de:
9b:f4:95:c5:6b:3d:9a:db:81:7c:0d:dc:f1:7d:99:25:b4:f1:
41:d7:53:87:b6:66:ec:35:f0:9d:3b:69:30:d5:d7:55:ba:f3:
ed:15:39:39:19:e4:ee:5e:16:bb:8b:7a:d8:8d:f7:74:1d:a2:
bb:ad:9f:67:f3:e9:1b:94:e6:63:b7:92:db:33:0d:c9:22:6e:
94:1f:c1:81:e4:78:66:9b:bd:09:2e:e7:eb:b8:fe:b4:81:d2:
9b:43:d3:77:2b:7b:5b:af:24:90:c8:54:f8:ba:8c:80:23:0c:
d6:af:65:fd:36:6e:a0:02:91:3a:c6:8b:ff:ef:c3:df:85:0a:
41:46:75:9f:d4:53:d9:d7:ce:7b:e0:55:c0:b8:ae:92:49:78:
94:7c:aa:37:41:47:f4:a4:79:94:50:f5:20:a4:f6:e1:37:0a:
77:12:e1:07:ba:8e:66:fb:6f:c9:57:1d:39:f6:4f:2c:ba:7f:
bb:e0:00:c4:5f:9b:2f:f5:c1:5b:fd:a8:3b:7f:14:0a:f9:51:
54:c0:d0:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4VsPIcm97kZw9dWVjPITRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMzA2MjEzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNhOTQ0ODU2Njc4ZWI0ZGZlZjEzMjYyM2U3M2IyZWE1ZWZhYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsXGszv/gwRVoINI5WIASSxncKZP
QLjevuDEyP8EnYX7WWBHJAz+8wnAspGsHJ5BL4z/KM7c+KH6LVKFZ0dBb1ro9iTv
WlExwZVXDa/b+mwKZ1fhr6ggg5yNoMtw+aefTtk0qA6j7+I6lCRyGJw1RtaKgS71
yk7KojVV/4XLIfwb72tf1bssCzfSRpVb3yNiXBN0Yz9ffzRg2sb7K0SOTtUK3GKR
hfruxDZs38ZudOL9zH9UzXXkrGkvX57T2Pumi39Uep1HStfcujmG/CiI0qjJN9CZ
x8WmIdRhbrTVYxi4i/VuXVunO6gecHHk26EhvIXH+0RmE3jmjaEXUc95mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDM6lEhWZ4603+8TJiPnOy6l76sXMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTXpxVVNGWm5qclRmN3hNbUktYzdMcVh2cXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSB+AwQA
WSgjMA0GCSqGSIb3DQEBCwUAA4IBAQAm+UTTI58QNOfCVfnDuY6oI2Tl9X5LZPJr
TvuLK90QK6uVdYcX8wlG3U18cu1gg+qmBClPbN6b9JXFaz2a24F8DdzxfZkltPFB
11OHtmbsNfCdO2kw1ddVuvPtFTk5GeTuXha7i3rYjfd0HaK7rZ9n8+kblOZjt5Lb
Mw3JIm6UH8GB5Hhmm70JLufruP60gdKbQ9N3K3tbrySQyFT4uoyAIwzWr2X9Nm6g
ApE6xov/78PfhQpBRnWf1FPZ18574FXAuK6SSXiUfKo3QUf0pHmUUPUgpPbhNwp3
EuEHuo5m+2/JVx059k8sun+74ADEX5sv9cFb/ag7fxQK+VFUwNB7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org