Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/ZQ-iEHYAUnZ715FHqw8FnjuRPxU.roa
File: ZQ-iEHYAUnZ715FHqw8FnjuRPxU.roa (raw, json)
Hash identifier: Pg2FtYIZsFk97lnyZ41B+SfUQ8ksRQ04vogByYaPX+8=
Subject key identifier: 65:0F:A2:10:76:00:52:76:7B:D7:91:47:AB:0F:05:9E:3B:91:3F:15
Certificate issuer: /CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Certificate serial: 018B22F9D0EF666C40D9838AFE48A00B40F7
Authority key identifier: 96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/ZQ-iEHYAUnZ715FHqw8FnjuRPxU.roa
Signing time: Thu 12 Oct 2023 08:21:19 +0000
ROA not before: Thu 12 Oct 2023 08:21:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55002
IP address blocks: 87.239.122.0/24 maxlen: 24
87.239.123.0/24 maxlen: 24
87.239.124.0/24 maxlen: 24
87.239.121.0/24 maxlen: 24
87.239.125.0/24 maxlen: 24
87.239.126.0/24 maxlen: 24
87.239.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:22:f9:d0:ef:66:6c:40:d9:83:8a:fe:48:a0:0b:40:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Validity
Not Before: Oct 12 08:21:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=650fa210760052767bd79147ab0f059e3b913f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:29:f6:27:f8:be:f9:1f:db:31:58:3d:27:81:
ee:e4:9d:6e:35:e3:0e:5c:8e:62:e6:b0:6f:4d:25:
0e:44:cd:78:7b:de:ff:7f:9a:fd:12:31:d1:3c:9d:
c5:59:f7:62:15:db:83:5a:ee:55:b6:18:7c:46:55:
26:18:28:f3:59:a5:74:99:90:81:4a:f4:03:4b:62:
a0:ad:c5:c5:27:b6:70:b6:0c:16:19:dc:7e:c1:0b:
05:05:ee:0b:a9:78:17:52:71:fb:d5:e6:f7:d0:6e:
22:7c:47:4c:bc:7a:a8:03:7a:15:b7:ad:4f:21:8e:
1e:25:18:fc:ce:3c:85:f8:6e:3b:8b:6e:e4:a8:c2:
bc:df:06:65:8f:9d:32:1f:b4:42:58:78:be:2a:15:
00:e4:60:98:b2:4a:2a:6c:46:dc:c1:88:95:bc:81:
f5:dc:40:03:10:82:b6:f7:71:e1:e4:e7:b9:b2:35:
ca:4c:01:92:22:8a:d6:71:f4:34:5a:f7:5d:1e:b4:
d3:63:88:c2:a3:16:23:d8:7b:aa:aa:11:1e:6e:17:
5e:ff:d9:ff:e2:ab:8d:74:9e:53:7a:a9:b9:6a:82:
a7:35:f8:0a:e1:a2:a4:4f:ce:a3:d6:f0:ae:34:28:
75:34:04:b6:7b:92:38:f6:f6:05:7f:1d:2c:50:46:
5a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0F:A2:10:76:00:52:76:7B:D7:91:47:AB:0F:05:9E:3B:91:3F:15
X509v3 Authority Key Identifier:
keyid:96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/ZQ-iEHYAUnZ715FHqw8FnjuRPxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/lpztpb83kB_p5E9ztb-CtoezRXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.121.0-87.239.127.255
Signature Algorithm: sha256WithRSAEncryption
56:18:e8:23:c8:7e:19:f3:51:87:1e:40:a1:83:8d:58:1d:57:
91:a3:76:5d:32:29:b1:6a:0a:47:74:83:f0:d0:cc:8b:e1:30:
22:0b:ab:f1:80:19:07:86:3d:0b:89:e5:c1:45:f6:73:b7:72:
34:3d:c5:9c:91:42:94:dd:a2:a1:74:8d:a3:73:d1:3c:68:4e:
cd:52:8a:d4:60:30:47:3c:20:10:19:1c:6f:a7:31:8b:0f:08:
33:aa:0e:42:3c:84:79:e3:dd:1b:de:a2:59:df:6d:cf:8a:e0:
77:34:dc:ce:0d:d2:c0:f3:87:27:1b:7a:43:76:14:9e:19:4f:
66:f1:38:cf:36:c6:a9:51:6c:0f:04:af:a7:fe:5a:28:92:d5:
89:61:98:65:cb:85:c3:64:ed:8d:72:6a:0c:d1:d3:a9:bf:e7:
d3:c4:ff:4e:07:f5:6f:71:e3:f7:8a:8a:b6:04:91:05:dd:64:
13:9f:c3:1e:4a:a5:c5:f8:e4:84:f1:f3:d2:72:f4:de:e7:5f:
4d:5a:2c:8a:86:31:6f:7f:f1:0f:0a:ec:54:5c:45:87:fe:fd:
62:70:fe:26:fb:13:a9:10:b8:57:c8:07:d8:a7:0a:dd:f5:fc:
01:7f:e0:72:44:13:c1:3b:03:66:07:01:49:b2:f7:9a:22:2e:
03:92:45:97
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYsi+dDvZmxA2YOK/kigC0D3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWNlZGE1YmYzNzkwMWZlOWU0NGY3M2I1YmY4MmI2ODdi
MzQ1NzIwHhcNMjMxMDEyMDgyMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTBmYTIxMDc2MDA1Mjc2N2JkNzkxNDdhYjBmMDU5ZTNiOTEzZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSn2J/i++R/bMVg9J4Hu5J1uNeMO
XI5i5rBvTSUORM14e97/f5r9EjHRPJ3FWfdiFduDWu5Vthh8RlUmGCjzWaV0mZCB
SvQDS2KgrcXFJ7ZwtgwWGdx+wQsFBe4LqXgXUnH71eb30G4ifEdMvHqoA3oVt61P
IY4eJRj8zjyF+G47i27kqMK83wZlj50yH7RCWHi+KhUA5GCYskoqbEbcwYiVvIH1
3EADEIK293Hh5Oe5sjXKTAGSIorWcfQ0WvddHrTTY4jCoxYj2HuqqhEebhde/9n/
4quNdJ5Teqm5aoKnNfgK4aKkT86j1vCuNCh1NAS2e5I49vYFfx0sUEZa4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGUPohB2AFJ2e9eRR6sPBZ47kT8VMB8GA1UdIwQY
MBaAFJac7aW/N5Af6eRPc7W/graHs0VyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQt
MjFmYzlhZmM4YWMxLzEvWlEtaUVIWUFVblo3MTVGSHF3OEZuanVSUHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQtMjFmYzlhZmM4YWMx
LzEvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABX73kD
BAdX7wAwDQYJKoZIhvcNAQELBQADggEBAFYY6CPIfhnzUYceQKGDjVgdV5Gjdl0y
KbFqCkd0g/DQzIvhMCILq/GAGQeGPQuJ5cFF9nO3cjQ9xZyRQpTdoqF0jaNz0Txo
Ts1SitRgMEc8IBAZHG+nMYsPCDOqDkI8hHnj3Rveolnfbc+K4Hc03M4N0sDzhycb
ekN2FJ4ZT2bxOM82xqlRbA8Er6f+WiiS1YlhmGXLhcNk7Y1yagzR06m/59PE/04H
9W9x4/eKirYEkQXdZBOfwx5KpcX45ITx89Jy9N7nX01aLIqGMW9/8Q8K7FRcRYf+
/WJw/ib7E6kQuFfIB9inCt31/AF/4HJEE8E7A2YHAUmy95oiLgOSRZc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:40 2024 by rpki-client on console-ams.rpki-client.org