Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/zQUkf39lYBwxMvNmEH2vzNoaS7I.roa
File: zQUkf39lYBwxMvNmEH2vzNoaS7I.roa (raw, json)
Hash identifier: 3CUSXY1lpzdizIRrsPqNY2ikcmTw6+YJVHz0cbHHddw=
Subject key identifier: CD:05:24:7F:7F:65:60:1C:31:32:F3:66:10:7D:AF:CC:DA:1A:4B:B2
Certificate issuer: /CN=862ba21fcfcc34c9d9b5a7c6081585e0a0ee70ae
Certificate serial: 018AD63530B6E68C3850EB4D4AFDB16FF55E
Authority key identifier: 86:2B:A2:1F:CF:CC:34:C9:D9:B5:A7:C6:08:15:85:E0:A0:EE:70:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiuiH8_MNMnZtafGCBWF4KDucK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/zQUkf39lYBwxMvNmEH2vzNoaS7I.roa
Signing time: Wed 27 Sep 2023 10:35:24 +0000
ROA not before: Wed 27 Sep 2023 10:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39033
IP address blocks: 89.104.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:35:30:b6:e6:8c:38:50:eb:4d:4a:fd:b1:6f:f5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=862ba21fcfcc34c9d9b5a7c6081585e0a0ee70ae
Validity
Not Before: Sep 27 10:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd05247f7f65601c3132f366107dafccda1a4bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b6:e9:c3:26:b2:31:d5:7d:a7:51:0c:2b:b7:
3e:50:83:1f:92:e6:b2:e4:f4:c5:2e:91:60:1a:59:
c1:e3:e8:cb:08:a5:00:6b:cf:df:ff:62:99:9c:d6:
17:06:e4:62:65:56:82:18:b9:3e:4d:68:33:46:8d:
08:91:98:3b:db:bd:f0:3b:49:05:20:6f:16:30:4b:
eb:f2:e6:99:be:22:8f:cb:81:f1:ff:ac:f4:c4:0d:
c1:97:e1:80:e0:3b:d0:d7:ed:e7:c3:82:16:6d:8c:
61:41:c1:6f:43:61:02:2d:b9:df:aa:05:a3:e7:29:
17:e0:f2:df:9a:fd:8f:5f:24:e3:7e:b1:4b:61:29:
df:81:30:a5:a3:1c:2e:85:03:29:d7:76:20:43:29:
fe:84:b1:bc:ab:26:1e:d0:8e:ea:f5:85:2f:39:24:
f9:5b:9b:c8:d1:4b:b1:a4:70:28:6c:3f:bf:41:ba:
16:6c:1d:05:b4:9d:31:58:e4:90:8e:25:a5:30:f5:
37:04:9c:ca:52:ae:e0:c2:34:3f:58:18:88:e2:27:
eb:e9:f6:0d:81:21:dc:bd:af:7f:dc:21:1e:d4:23:
37:29:06:e1:a4:fd:08:a1:6c:26:7e:74:6f:5d:6f:
0c:5a:70:68:f7:ad:06:6b:55:c6:ac:90:e1:60:40:
50:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:05:24:7F:7F:65:60:1C:31:32:F3:66:10:7D:AF:CC:DA:1A:4B:B2
X509v3 Authority Key Identifier:
keyid:86:2B:A2:1F:CF:CC:34:C9:D9:B5:A7:C6:08:15:85:E0:A0:EE:70:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiuiH8_MNMnZtafGCBWF4KDucK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/zQUkf39lYBwxMvNmEH2vzNoaS7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/hiuiH8_MNMnZtafGCBWF4KDucK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.114.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:13:8e:7d:10:e6:6c:ed:86:2d:06:18:5f:6e:92:7f:fc:50:
5d:a7:2b:78:53:b6:d0:b9:0d:53:8e:b0:aa:73:fd:a4:e1:06:
4c:cc:86:92:e5:71:cb:53:5f:fd:9b:2b:38:29:22:8a:1c:0a:
c9:e3:f1:e1:d8:b5:d6:9c:b8:04:e9:b6:8d:b8:c7:1b:38:cd:
6d:52:86:3c:87:f4:f4:c4:fc:89:ca:cd:28:8a:09:d5:c4:d1:
fd:36:e3:68:e6:c0:eb:f4:6d:28:6d:ba:f3:90:9d:5f:96:02:
83:54:f4:91:ec:a1:ed:13:d8:48:85:b6:5e:e0:c8:ef:f1:7b:
0b:3f:ed:40:b6:30:b6:16:43:d5:6a:fd:00:c6:5b:09:e6:fb:
6e:3f:97:f7:8c:32:35:a9:84:a8:9a:9d:33:2c:f4:00:d5:cb:
ba:24:01:cd:ad:1e:70:14:12:68:c7:6c:e0:60:f4:5f:b6:08:
b2:2e:2c:bf:cb:1b:8d:18:58:91:ec:0f:71:4c:bb:25:b8:79:
e9:83:a3:13:1c:4e:3f:88:c0:88:b7:c2:91:88:f8:44:75:2a:
16:ea:db:64:42:4e:d2:61:46:fb:f4:7a:74:fb:19:92:ef:61:
39:1a:93:1f:68:fb:fd:a2:27:4d:c1:5e:36:d9:56:bc:69:a7:
b4:9c:00:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrWNTC25ow4UOtNSv2xb/VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MmJhMjFmY2ZjYzM0YzlkOWI1YTdjNjA4MTU4NWUwYTBl
ZTcwYWUwHhcNMjMwOTI3MTAzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA1MjQ3ZjdmNjU2MDFjMzEzMmYzNjYxMDdkYWZjY2RhMWE0YmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrbpwyayMdV9p1EMK7c+UIMfkuay
5PTFLpFgGlnB4+jLCKUAa8/f/2KZnNYXBuRiZVaCGLk+TWgzRo0IkZg7273wO0kF
IG8WMEvr8uaZviKPy4Hx/6z0xA3Bl+GA4DvQ1+3nw4IWbYxhQcFvQ2ECLbnfqgWj
5ykX4PLfmv2PXyTjfrFLYSnfgTCloxwuhQMp13YgQyn+hLG8qyYe0I7q9YUvOST5
W5vI0UuxpHAobD+/QboWbB0FtJ0xWOSQjiWlMPU3BJzKUq7gwjQ/WBiI4ifr6fYN
gSHcva9/3CEe1CM3KQbhpP0IoWwmfnRvXW8MWnBo960Ga1XGrJDhYEBQTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0FJH9/ZWAcMTLzZhB9r8zaGkuyMB8GA1UdIwQY
MBaAFIYroh/PzDTJ2bWnxggVheCg7nCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGl1aUg4X01OTW5adGFmR0NCV0Y0S0R1Y0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80NzVlNmYtODlhNS00M2U4LTgzYjkt
NDk1YTk1OWIxNmU3LzEvelFVa2YzOWxZQnd4TXZObUVIMnZ6Tm9hUzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80NzVlNmYtODlhNS00M2U4LTgzYjktNDk1YTk1OWIxNmU3
LzEvaGl1aUg4X01OTW5adGFmR0NCV0Y0S0R1Y0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWhyMA0G
CSqGSIb3DQEBCwUAA4IBAQBbE459EOZs7YYtBhhfbpJ//FBdpyt4U7bQuQ1TjrCq
c/2k4QZMzIaS5XHLU1/9mys4KSKKHArJ4/Hh2LXWnLgE6baNuMcbOM1tUoY8h/T0
xPyJys0oignVxNH9NuNo5sDr9G0obbrzkJ1flgKDVPSR7KHtE9hIhbZe4Mjv8XsL
P+1AtjC2FkPVav0AxlsJ5vtuP5f3jDI1qYSomp0zLPQA1cu6JAHNrR5wFBJox2zg
YPRftgiyLiy/yxuNGFiR7A9xTLsluHnpg6MTHE4/iMCIt8KRiPhEdSoW6ttkQk7S
YUb79Hp0+xmS72E5GpMfaPv9oidNwV422Va8aae0nAB+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:28 2024 by rpki-client on console-ams.rpki-client.org