Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NZ5zzVWTJRTcikQU56SJjdXsh0k.roa
File: NZ5zzVWTJRTcikQU56SJjdXsh0k.roa (raw, json)
Hash identifier: c2JKnQQmOdTCSN6OukBnbg6gBbtR9cmNx2QRqi7mKJc=
Subject key identifier: 35:9E:73:CD:55:93:25:14:DC:8A:44:14:E7:A4:89:8D:D5:EC:87:49
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB35D24055FEFAAB5AE2F6A621741C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NZ5zzVWTJRTcikQU56SJjdXsh0k.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206068
IP address blocks: 86.104.192.0/24 maxlen: 24
86.104.195.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
86.104.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 15:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:35:d2:40:55:fe:fa:ab:5a:e2:f6:a6:21:74:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=359e73cd55932514dc8a4414e7a4898dd5ec8749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ca:49:12:1d:3e:90:db:b2:52:72:d0:f8:40:
6b:d6:50:07:bf:21:63:bc:9d:70:f7:b3:ea:53:b4:
d3:ff:47:3c:76:46:0a:0a:c0:37:ce:da:35:13:37:
78:1b:41:1b:4e:92:cd:48:97:ae:3c:87:8d:99:70:
ad:e4:f8:3d:38:62:f7:62:8f:41:89:9b:00:14:0e:
56:cc:53:6e:5d:a7:0d:b9:77:3e:1e:a3:9a:c7:57:
96:f9:ab:82:96:2b:c8:57:83:da:9c:1e:98:4c:f1:
d4:8e:61:2e:97:1d:15:1e:2e:0d:ec:f5:fa:1a:05:
a0:2a:ed:50:fd:34:21:23:00:74:03:dd:40:d5:a4:
66:af:22:c3:a4:c6:71:e4:0b:a7:44:7e:04:68:57:
c8:a1:00:e5:9a:3f:14:72:d6:04:d6:49:ca:ea:c5:
e7:47:95:8c:cb:fa:b7:89:23:71:db:4b:09:f2:ca:
c4:71:6f:d3:20:a4:61:80:b2:3b:05:60:ba:a9:b9:
81:3f:2e:74:60:07:52:ec:28:b8:fd:1d:da:ca:5b:
1c:66:b3:8e:bf:3d:bf:ab:27:bc:56:05:19:27:ea:
3e:0c:63:da:f8:6e:8a:e3:7e:19:ec:75:2a:b8:d6:
d1:3f:ca:a7:53:c4:97:61:8d:48:81:5e:8a:e8:d8:
1e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9E:73:CD:55:93:25:14:DC:8A:44:14:E7:A4:89:8D:D5:EC:87:49
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NZ5zzVWTJRTcikQU56SJjdXsh0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.19.0/24
86.104.192.0/24
86.104.195.0/24
89.32.126.0/24
Signature Algorithm: sha256WithRSAEncryption
03:d6:bb:c7:82:95:62:5c:84:9d:c9:fd:ba:42:48:1f:25:2d:
76:32:fd:d2:03:48:5d:c0:ce:40:8e:ef:2d:6c:bd:d2:39:fc:
5e:9f:8c:ad:8b:97:10:d0:e4:b3:c2:37:65:27:2e:4b:a0:5d:
5b:80:32:eb:72:e0:e9:85:d8:c6:90:76:cd:33:e4:2b:a2:d9:
62:e8:18:49:a1:3f:13:84:ce:bb:0e:61:50:b5:09:83:bb:1c:
3d:4b:7a:fd:30:3c:17:31:91:77:b2:f3:39:52:e5:74:bc:6b:
23:1f:f9:db:c5:51:cb:79:6f:73:f7:2e:f4:e0:df:ca:76:f2:
2c:ef:62:8d:8d:fc:db:b7:de:e5:b3:4c:85:e3:d3:34:50:b0:
2f:d2:9c:fc:5e:6a:c9:72:2b:3e:7c:c1:47:3a:0a:65:fa:6a:
8d:cd:0b:7e:79:b6:4f:b4:dd:e5:3a:e8:ed:f4:50:7c:7c:a1:
fd:5b:18:10:9f:02:3a:45:a8:75:59:e8:78:b5:29:23:30:92:
98:db:a8:c1:c1:db:a5:92:2e:af:ed:11:3b:c9:2d:f1:45:4c:
d1:6c:19:96:3f:a4:5e:76:de:65:e4:92:44:73:07:09:3a:7e:
b7:ce:7c:62:b8:63:91:4b:fe:14:df:8f:23:b3:b9:c2:e6:c1:
b8:f3:19:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2zXSQFX++qta4vamIXQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTllNzNjZDU1OTMyNTE0ZGM4YTQ0MTRlN2E0ODk4ZGQ1ZWM4NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMpJEh0+kNuyUnLQ+EBr1lAHvyFj
vJ1w97PqU7TT/0c8dkYKCsA3zto1Ezd4G0EbTpLNSJeuPIeNmXCt5Pg9OGL3Yo9B
iZsAFA5WzFNuXacNuXc+HqOax1eW+auClivIV4PanB6YTPHUjmEulx0VHi4N7PX6
GgWgKu1Q/TQhIwB0A91A1aRmryLDpMZx5AunRH4EaFfIoQDlmj8UctYE1knK6sXn
R5WMy/q3iSNx20sJ8srEcW/TIKRhgLI7BWC6qbmBPy50YAdS7Ci4/R3aylscZrOO
vz2/qye8VgUZJ+o+DGPa+G6K434Z7HUquNbRP8qnU8SXYY1IgV6K6NgeOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDWec81VkyUU3IpEFOekiY3V7IdJMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTlo1enpWV1RKUlRjaWtRVTU2U0pqZFhzaDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVmgTAwQA
VmjAAwQAVmjDAwQAWSB+MA0GCSqGSIb3DQEBCwUAA4IBAQAD1rvHgpViXISdyf26
QkgfJS12Mv3SA0hdwM5Aju8tbL3SOfxen4yti5cQ0OSzwjdlJy5LoF1bgDLrcuDp
hdjGkHbNM+Qrotli6BhJoT8ThM67DmFQtQmDuxw9S3r9MDwXMZF3svM5UuV0vGsj
H/nbxVHLeW9z9y704N/KdvIs72KNjfzbt97ls0yF49M0ULAv0pz8XmrJcis+fMFH
Ogpl+mqNzQt+ebZPtN3lOujt9FB8fKH9WxgQnwI6Rah1Weh4tSkjMJKY26jBwdul
ki6v7RE7yS3xRUzRbBmWP6Redt5l5JJEcwcJOn63znxiuGORS/4U348js7nC5sG4
8xlh
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:20:29 2024 by rpki-client on console-ams.rpki-client.org