Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/Xt6onZnel1bJ9ptrPOle7GS1zxM.roa
File: Xt6onZnel1bJ9ptrPOle7GS1zxM.roa (raw, json)
Hash identifier: XwbYJ96EMJ3LduYb1ZoOn43IpHk7XlEQGl+Oo6Ta64E=
Subject key identifier: 5E:DE:A8:9D:99:DE:97:56:C9:F6:9B:6B:3C:E9:5E:EC:64:B5:CF:13
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 018570797AA6D8CC64E389A256734ADA2CF5
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/Xt6onZnel1bJ9ptrPOle7GS1zxM.roa
Signing time: Mon 02 Jan 2023 03:14:47 +0000
ROA not before: Mon 02 Jan 2023 03:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 89.34.239.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
77.81.103.0/24 maxlen: 24
89.43.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jan 2023 17:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:7a:a6:d8:cc:64:e3:89:a2:56:73:4a:da:2c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jan 2 03:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5edea89d99de9756c9f69b6b3ce95eec64b5cf13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e4:a6:f0:6d:d0:7a:5d:7a:ae:1c:d3:d1:a3:
0e:5f:bc:6c:70:64:4b:c6:1c:5f:73:2d:78:39:5c:
4b:8f:47:00:53:6f:e3:82:35:55:19:18:63:d8:85:
32:7c:4b:e0:c6:ae:e3:19:b1:ac:77:82:98:59:1c:
e0:cc:29:9c:91:38:71:02:3e:61:f1:8f:91:7f:ea:
a4:d4:ca:96:bc:6f:88:17:52:53:b4:f2:7f:45:9e:
5d:6e:4e:d1:c1:82:fa:9e:d5:6b:f3:84:05:e0:ff:
d5:52:e4:8e:13:ef:be:fe:0e:7a:6b:ad:bc:2a:57:
b3:16:9b:ca:f4:c0:ac:bd:6d:1f:06:70:71:67:ec:
bd:70:1a:1a:5f:18:74:d3:e9:59:9b:de:69:06:25:
0d:a4:14:28:52:d9:82:f4:e9:53:c9:f2:cf:88:3d:
ba:9a:b6:7c:30:03:f6:11:09:c1:76:d4:df:91:82:
63:5f:6b:1c:86:67:6a:5c:dd:89:0c:ea:ad:11:d5:
e8:18:4d:a1:a8:da:27:20:9d:14:4c:cd:99:f1:b0:
34:5e:6c:6e:b9:59:1c:4d:8e:d1:90:8e:dd:94:ad:
40:98:74:25:11:53:85:c8:43:23:d7:6d:3a:02:ef:
21:80:b4:b0:41:76:86:82:40:ef:11:7a:54:4e:25:
2a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DE:A8:9D:99:DE:97:56:C9:F6:9B:6B:3C:E9:5E:EC:64:B5:CF:13
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/Xt6onZnel1bJ9ptrPOle7GS1zxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.103.0/24
89.34.239.0/24
89.43.34.0/24
94.176.212.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:cd:80:4e:12:41:e4:82:8c:94:07:52:0c:a2:67:e5:fd:c5:
cc:b9:c4:c1:d5:c6:03:3b:4f:48:66:c9:40:7f:e3:43:6c:75:
bf:a8:22:c7:4f:c5:60:be:98:e2:41:03:4b:ba:45:96:ae:ca:
b3:a3:ea:df:12:16:38:44:d4:60:5f:a5:f3:1b:f2:a9:0b:cc:
ee:17:6a:8b:a0:31:98:5e:94:50:f4:d9:7e:7a:a4:13:b3:26:
de:6c:09:83:94:ef:03:23:a8:ca:cb:7d:da:fc:a9:f1:23:52:
88:54:5e:c2:00:3d:ab:34:1a:bf:14:c3:6a:f2:fe:60:ab:83:
3c:e2:21:e3:ad:0e:9a:2b:64:f2:35:a8:10:ce:64:61:48:f8:
9a:ba:e8:83:83:96:5a:81:52:87:2f:e7:fa:be:78:a6:c9:ac:
d3:b4:2d:d2:52:47:df:3e:ef:fa:51:3d:9d:61:e8:2b:1f:44:
ed:35:4d:e0:c2:66:bb:8d:43:a0:de:ff:b7:8d:85:28:2d:aa:
79:9d:ea:21:03:c6:3f:ab:e1:00:f3:34:2f:fa:48:5e:c7:8d:
66:26:5d:34:01:41:8e:6d:c4:d6:cd:ae:77:04:05:a4:f4:32:
db:77:b8:60:27:78:73:df:ee:e7:dd:3b:42:96:60:33:dc:09:
15:60:67:90
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVweXqm2Mxk44miVnNK2iz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjMwMTAyMDMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWRlYTg5ZDk5ZGU5NzU2YzlmNjliNmIzY2U5NWVlYzY0YjVjZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+Sm8G3Qel16rhzT0aMOX7xscGRL
xhxfcy14OVxLj0cAU2/jgjVVGRhj2IUyfEvgxq7jGbGsd4KYWRzgzCmckThxAj5h
8Y+Rf+qk1MqWvG+IF1JTtPJ/RZ5dbk7RwYL6ntVr84QF4P/VUuSOE+++/g56a628
KlezFpvK9MCsvW0fBnBxZ+y9cBoaXxh00+lZm95pBiUNpBQoUtmC9OlTyfLPiD26
mrZ8MAP2EQnBdtTfkYJjX2schmdqXN2JDOqtEdXoGE2hqNonIJ0UTM2Z8bA0Xmxu
uVkcTY7RkI7dlK1AmHQlEVOFyEMj1206Au8hgLSwQXaGgkDvEXpUTiUqQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF7eqJ2Z3pdWyfabazzpXuxktc8TMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvWHQ2b25abmVsMWJKOXB0clBPbGU3R1MxenhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVFnAwQA
WSLvAwQAWSsiAwQAXrDUMA0GCSqGSIb3DQEBCwUAA4IBAQC8zYBOEkHkgoyUB1IM
omfl/cXMucTB1cYDO09IZslAf+NDbHW/qCLHT8VgvpjiQQNLukWWrsqzo+rfEhY4
RNRgX6XzG/KpC8zuF2qLoDGYXpRQ9Nl+eqQTsybebAmDlO8DI6jKy33a/KnxI1KI
VF7CAD2rNBq/FMNq8v5gq4M84iHjrQ6aK2TyNagQzmRhSPiauuiDg5ZagVKHL+f6
vnimyazTtC3SUkffPu/6UT2dYegrH0TtNU3gwma7jUOg3v+3jYUoLap5neohA8Y/
q+EA8zQv+khex41mJl00AUGObcTWza53BAWk9DLbd7hgJ3hz3+7n3TtClmAz3AkV
YGeQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:06 2024 by rpki-client on console-ams.rpki-client.org