Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QBZsiytaxBWDQIAklaBTmKX0Umw.roa
File: QBZsiytaxBWDQIAklaBTmKX0Umw.roa (raw, json)
Hash identifier: sBN3mfYhKcw61bQ8I5Mha9AN/GJRl/Iu2GY+huMAfP8=
Subject key identifier: 40:16:6C:8B:2B:5A:C4:15:83:40:80:24:95:A0:53:98:A5:F4:52:6C
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 019146E0C226C962C9669C8E7282A1E82C4C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QBZsiytaxBWDQIAklaBTmKX0Umw.roa
Signing time: Mon 12 Aug 2024 13:57:00 +0000
ROA not before: Mon 12 Aug 2024 13:57:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61330
IP address blocks: 89.39.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:e0:c2:26:c9:62:c9:66:9c:8e:72:82:a1:e8:2c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Aug 12 13:57:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40166c8b2b5ac4158340802495a05398a5f4526c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:99:da:d0:b9:64:83:19:81:b8:28:c3:a8:
6a:db:27:71:a1:ec:1e:e2:7a:97:4d:61:93:62:1d:
56:71:1f:5d:d9:ad:40:4d:c7:fa:25:ec:26:1f:07:
d8:79:e0:98:11:a6:a5:45:56:19:16:0b:d6:8f:b5:
6d:5e:f8:dc:3e:2a:ac:91:2e:67:a6:79:00:e6:6d:
36:5b:f4:fd:de:bf:b7:de:42:63:99:57:db:88:73:
03:a7:a0:c7:46:30:e9:c7:30:1f:99:93:72:90:1c:
14:7e:2e:01:a5:4a:8b:96:36:5c:4e:12:fb:45:3b:
95:6d:2f:b6:ef:5f:38:34:6f:b6:53:33:34:0c:7d:
d3:ce:bd:c0:c2:8f:4a:ef:4c:10:22:c5:40:57:28:
a1:fd:41:1f:2a:6c:f8:b2:62:be:ce:21:c1:0a:c5:
64:70:2e:d8:26:25:b2:44:be:9c:7f:e4:9f:53:db:
f2:ac:24:23:d2:85:ad:e2:de:bb:64:4e:a5:16:0b:
5d:1b:65:19:f6:0f:d0:8a:66:3b:87:14:9b:dd:74:
34:99:48:b2:33:c9:05:98:65:01:3b:ee:e8:b9:ed:
32:2c:a4:34:11:90:2e:69:9e:ea:1f:3e:bf:03:d2:
a0:ad:15:98:2a:d1:bc:2c:33:1b:27:0c:78:b5:87:
0b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:16:6C:8B:2B:5A:C4:15:83:40:80:24:95:A0:53:98:A5:F4:52:6C
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QBZsiytaxBWDQIAklaBTmKX0Umw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.252.0/24
Signature Algorithm: sha256WithRSAEncryption
86:da:1c:67:f6:dc:11:20:2b:d0:a4:95:04:86:d8:86:68:a1:
98:72:80:e4:6a:19:d6:d0:b8:6a:5d:4b:8b:fd:25:e9:36:91:
23:ee:1d:9a:2c:a7:d3:85:9d:ef:40:a9:bc:e2:dc:51:83:d3:
6b:ca:8c:b1:ab:54:e5:11:eb:c1:d8:ae:57:1c:3a:9b:1d:ad:
06:6c:4d:79:95:77:63:d2:9a:3f:1b:2c:26:60:f7:22:8d:54:
4d:1a:e8:b3:db:cc:78:39:54:37:36:16:90:fa:9d:6c:ff:96:
6b:bb:f3:88:b7:49:7c:78:c6:ca:00:34:b5:99:c3:7e:c8:d3:
e7:87:89:d2:27:5b:1a:20:81:58:1b:6c:08:5d:b8:40:e1:8d:
23:81:c4:0b:0d:f4:6d:ca:ec:23:b8:59:db:8c:3f:08:2d:4f:
e0:71:6b:70:f3:15:27:36:d8:66:e4:3c:26:21:5b:10:cc:81:
0c:46:5e:dc:04:a7:24:05:08:e1:0c:f1:03:a7:e0:13:49:a2:
89:bb:a8:2f:22:cd:1c:78:2f:00:0b:ce:61:dc:7b:65:a5:02:
35:ed:c4:ba:b6:37:b2:f0:31:bd:58:3b:0f:cd:f0:d0:5e:fb:
77:50:b5:c3:4b:c6:4c:eb:c2:87:d2:ce:1c:82:a2:a0:d0:87:
04:9c:ce:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFG4MImyWLJZpyOcoKh6CxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwODEyMTM1NzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE2NmM4YjJiNWFjNDE1ODM0MDgwMjQ5NWEwNTM5OGE1ZjQ1MjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk2Z2tC5ZIMZgbgow6hq2ydxoewe
4nqXTWGTYh1WcR9d2a1ATcf6JewmHwfYeeCYEaalRVYZFgvWj7VtXvjcPiqskS5n
pnkA5m02W/T93r+33kJjmVfbiHMDp6DHRjDpxzAfmZNykBwUfi4BpUqLljZcThL7
RTuVbS+27184NG+2UzM0DH3Tzr3Awo9K70wQIsVAVyih/UEfKmz4smK+ziHBCsVk
cC7YJiWyRL6cf+SfU9vyrCQj0oWt4t67ZE6lFgtdG2UZ9g/QimY7hxSb3XQ0mUiy
M8kFmGUBO+7oue0yLKQ0EZAuaZ7qHz6/A9KgrRWYKtG8LDMbJwx4tYcLXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAWbIsrWsQVg0CAJJWgU5il9FJsMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUUJac2l5dGF4QldEUUlBa2xhQlRtS1gwVW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSf8MA0G
CSqGSIb3DQEBCwUAA4IBAQCG2hxn9twRICvQpJUEhtiGaKGYcoDkahnW0LhqXUuL
/SXpNpEj7h2aLKfThZ3vQKm84txRg9Nryoyxq1TlEevB2K5XHDqbHa0GbE15lXdj
0po/GywmYPcijVRNGuiz28x4OVQ3NhaQ+p1s/5Zru/OIt0l8eMbKADS1mcN+yNPn
h4nSJ1saIIFYG2wIXbhA4Y0jgcQLDfRtyuwjuFnbjD8ILU/gcWtw8xUnNthm5Dwm
IVsQzIEMRl7cBKckBQjhDPEDp+ATSaKJu6gvIs0ceC8AC85h3HtlpQI17cS6tjey
8DG9WDsPzfDQXvt3ULXDS8ZM68KH0s4cgqKg0IcEnM75
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:18:25 2025 by rpki-client