Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ZuqMzBlp7q11o7_G2NbAjZOOnEs.roa
File: ZuqMzBlp7q11o7_G2NbAjZOOnEs.roa (raw, json)
Hash identifier: frRKXuMqTl3NYAzFTcs/NpqLxgc5P7sMt5iZvz87axE=
Subject key identifier: 66:EA:8C:CC:19:69:EE:AD:75:A3:BF:C6:D8:D6:C0:8D:93:8E:9C:4B
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB881738D0D3035ABB0CAFE180E67
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ZuqMzBlp7q11o7_G2NbAjZOOnEs.roa
Signing time: Tue 02 Jan 2024 08:32:43 +0000
ROA not before: Tue 02 Jan 2024 08:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212087
IP address blocks: 84.232.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 08:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b8:81:73:8d:0d:30:35:ab:b0:ca:fe:18:0e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ea8ccc1969eead75a3bfc6d8d6c08d938e9c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7e:19:c7:19:36:c8:30:19:c5:c8:f7:f6:3a:
1b:9b:64:dd:52:7b:08:78:9c:3c:8e:d3:af:54:e9:
31:af:ec:91:e8:ca:37:a1:d0:fb:1d:67:dc:90:78:
a7:3c:29:93:8f:61:3d:2a:74:7b:fa:26:c8:1b:ff:
54:44:5f:19:f0:a3:71:81:43:cd:8f:68:c2:13:0d:
40:28:8b:9b:2c:8e:4e:26:0b:d6:2f:a2:04:fe:6d:
8c:cc:eb:8d:b8:e5:ae:31:d0:da:29:e3:06:9f:76:
46:6e:60:06:38:06:e4:4a:55:2d:f8:d0:7b:41:da:
4a:a8:ec:b2:4b:84:47:e4:78:02:53:25:02:2a:2e:
90:69:01:27:35:1e:a6:61:b2:5b:06:bd:f8:c1:10:
40:61:3e:f8:b6:09:e1:13:6a:d0:62:78:d4:01:57:
b7:35:a4:ec:50:21:f2:84:35:2e:72:7e:5a:e5:ca:
d2:15:90:f3:90:73:77:3d:a1:63:e5:bb:ff:fe:be:
81:53:95:44:29:9c:73:62:1e:c2:27:eb:d2:37:cd:
12:a4:f3:5b:95:f0:19:9e:4f:f8:06:ad:bc:4d:ee:
56:e8:d5:96:3a:d4:89:4b:89:72:78:25:99:15:4a:
cf:a2:3c:5b:3a:23:4c:d4:ff:eb:df:bb:c4:78:e9:
ca:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:EA:8C:CC:19:69:EE:AD:75:A3:BF:C6:D8:D6:C0:8D:93:8E:9C:4B
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ZuqMzBlp7q11o7_G2NbAjZOOnEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.114.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:3d:37:bf:e8:7e:f6:a3:ef:c3:27:b0:13:40:f6:83:6c:64:
1c:6d:fc:7d:f2:98:fe:c6:6e:41:b4:0c:62:9e:0c:88:af:21:
c0:1c:f6:41:ce:3b:b6:67:84:83:f1:ca:7f:45:59:50:c6:3d:
22:e0:5b:05:69:35:0b:a8:9e:80:fd:11:92:b3:08:0c:1f:f5:
62:a5:a0:8c:c3:93:85:f0:c2:78:2e:a2:5c:f0:d4:e7:13:e4:
bd:c3:35:fd:bf:3b:cc:34:d6:e2:0b:10:54:2b:97:d0:1c:8e:
72:8e:6b:67:24:a5:2d:02:a7:40:85:8a:b4:98:d2:79:44:5b:
10:2b:43:33:6f:67:28:53:a2:18:5c:db:c9:6b:5f:d7:e6:d3:
6a:b1:b4:5a:83:21:72:35:6e:71:07:93:b8:3d:e7:cd:5c:e3:
9b:42:27:db:c4:cf:92:9f:12:02:45:eb:a1:a2:2f:0f:f3:9b:
93:33:ca:87:70:c8:c9:d4:cd:28:fd:d1:fa:ed:48:de:b6:33:
e1:c0:aa:b0:49:bc:65:7d:52:32:26:8e:29:ae:9e:a2:1e:6a:
76:7c:f5:95:51:f3:1f:96:97:e5:31:6d:44:07:3b:8d:01:68:
ac:9f:29:5c:b6:d0:b1:f1:ec:07:f6:f6:aa:a1:fb:e3:85:69:
a6:42:d3:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTbiBc40NMDWrsMr+GA5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmVhOGNjYzE5NjllZWFkNzVhM2JmYzZkOGQ2YzA4ZDkzOGU5YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn4Zxxk2yDAZxcj39jobm2TdUnsI
eJw8jtOvVOkxr+yR6Mo3odD7HWfckHinPCmTj2E9KnR7+ibIG/9URF8Z8KNxgUPN
j2jCEw1AKIubLI5OJgvWL6IE/m2MzOuNuOWuMdDaKeMGn3ZGbmAGOAbkSlUt+NB7
QdpKqOyyS4RH5HgCUyUCKi6QaQEnNR6mYbJbBr34wRBAYT74tgnhE2rQYnjUAVe3
NaTsUCHyhDUucn5a5crSFZDzkHN3PaFj5bv//r6BU5VEKZxzYh7CJ+vSN80SpPNb
lfAZnk/4Bq28Te5W6NWWOtSJS4lyeCWZFUrPojxbOiNM1P/r37vEeOnK5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbqjMwZae6tdaO/xtjWwI2TjpxLMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvWnVxTXpCbHA3cTExbzdfRzJOYkFqWk9PbkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVOhyMA0G
CSqGSIb3DQEBCwUAA4IBAQDJPTe/6H72o+/DJ7ATQPaDbGQcbfx98pj+xm5BtAxi
ngyIryHAHPZBzju2Z4SD8cp/RVlQxj0i4FsFaTULqJ6A/RGSswgMH/VipaCMw5OF
8MJ4LqJc8NTnE+S9wzX9vzvMNNbiCxBUK5fQHI5yjmtnJKUtAqdAhYq0mNJ5RFsQ
K0Mzb2coU6IYXNvJa1/X5tNqsbRagyFyNW5xB5O4PefNXOObQifbxM+SnxICReuh
oi8P85uTM8qHcMjJ1M0o/dH67UjetjPhwKqwSbxlfVIyJo4prp6iHmp2fPWVUfMf
lpflMW1EBzuNAWisnylcttCx8ewH9vaqofvjhWmmQtOF
-----END CERTIFICATE-----
Generated at Mon Mar 11 11:55:58 2024 by rpki-client on console-fra.rpki-client.org