Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/zBqwUUwAfVNowk1zlxWFVnEU1Gs.roa
File: zBqwUUwAfVNowk1zlxWFVnEU1Gs.roa (raw, json)
Hash identifier: NVJUxGhkbRYjoRSCLpMYgrrT++zeSmNnoIEi9rmHz4w=
Subject key identifier: CC:1A:B0:51:4C:00:7D:53:68:C2:4D:73:97:15:85:56:71:14:D4:6B
Certificate issuer: /CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Certificate serial: 018CC8024BA4B70B121FCF8EF8EE6D517587
Authority key identifier: 87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/zBqwUUwAfVNowk1zlxWFVnEU1Gs.roa
Signing time: Tue 02 Jan 2024 02:30:42 +0000
ROA not before: Tue 02 Jan 2024 02:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199087
IP address blocks: 89.190.0.0/19 maxlen: 19
185.151.76.0/22 maxlen: 22
2a03:7c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 21 Feb 2024 07:14:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:4b:a4:b7:0b:12:1f:cf:8e:f8:ee:6d:51:75:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Validity
Not Before: Jan 2 02:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc1ab0514c007d5368c24d73971585567114d46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:61:75:64:45:dd:71:e2:54:e9:1f:22:d2:48:
ce:12:40:6c:76:c0:c2:e9:9c:e1:46:8c:0d:be:9f:
1f:86:2e:03:3f:8d:2a:79:eb:75:f9:e0:a5:c6:bd:
fc:d6:b1:45:55:4f:da:20:94:c6:c5:fd:a0:6d:58:
a3:c0:04:13:75:fb:87:5b:90:a8:44:9f:e4:f6:41:
47:e6:53:ac:0b:72:29:12:b0:72:c6:56:7b:5d:84:
3b:60:30:99:d7:ea:b7:69:ae:3f:db:9a:c1:83:be:
aa:dd:ce:a5:ed:7a:c1:3c:9b:89:90:aa:86:58:6e:
db:82:c4:ee:b9:60:40:08:0a:fa:59:28:71:0a:bc:
30:eb:1b:34:62:4c:59:27:52:38:33:1b:ff:1b:f1:
2a:42:58:37:7a:c5:9b:67:29:40:12:84:a1:e8:6e:
ef:11:1e:ba:0d:d7:02:61:4a:e1:16:ed:c6:c0:a2:
31:95:86:05:29:b7:0f:43:d0:3a:56:77:ec:4d:77:
06:8c:47:b7:61:ae:9a:26:be:b5:00:14:58:47:f3:
0d:16:9c:03:26:d8:8b:df:7f:fd:95:97:6d:be:aa:
7c:83:d0:96:d5:90:ca:ea:50:12:18:40:cf:eb:64:
47:f9:6f:84:15:b5:25:bf:e4:bc:21:4b:fb:e1:c4:
66:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1A:B0:51:4C:00:7D:53:68:C2:4D:73:97:15:85:56:71:14:D4:6B
X509v3 Authority Key Identifier:
keyid:87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/zBqwUUwAfVNowk1zlxWFVnEU1Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.0.0/19
185.151.76.0/22
IPv6:
2a03:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
a9:58:c4:ea:d9:a6:cb:57:e5:16:62:91:f4:f4:cb:fb:a8:00:
f7:e0:3a:cb:2c:1c:02:00:63:09:7c:e6:15:54:1d:4f:d1:f7:
07:bd:d0:a8:dd:30:03:2a:cb:9f:f1:f2:37:c1:c2:e7:5f:28:
15:14:79:de:4d:51:78:c7:e9:95:9c:6b:21:bf:f0:85:f6:3d:
d6:64:d4:70:a0:50:d7:87:14:8a:55:3b:4c:fb:d2:18:f4:13:
c5:e6:61:85:7b:ec:b5:7c:28:26:92:60:87:61:0a:0d:76:2e:
63:d7:4a:07:e3:24:1b:2e:7e:e7:4f:a5:47:8b:f3:6c:b8:a8:
cb:f5:a7:10:06:bc:50:b9:98:15:bb:f3:1b:1e:c1:0a:d8:df:
8e:71:a5:ac:ae:0d:37:64:30:60:bb:ed:70:a3:3a:cc:d2:13:
63:83:c4:65:21:2c:bf:90:9d:70:e2:68:ca:e9:00:b1:33:7d:
e4:c9:8e:44:41:a9:50:5f:0f:56:ed:f3:9d:b2:6a:96:57:e9:
42:2a:05:2e:b5:e4:6d:ae:e7:57:a5:d4:b8:67:4a:b8:a6:66:
49:3f:a7:70:95:34:a3:14:d2:69:57:82:26:19:d6:a5:c5:fd:
e2:00:cb:58:31:e5:9f:32:20:67:9d:b0:aa:a8:c4:4e:12:ef:
3c:5e:39:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAkuktwsSH8+O+O5tUXWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQxYWUwNzc5ZTM3ZGVmYzY5YjJhNWIwZjdhYjhmZDQw
Y2QzZTcwHhcNMjQwMTAyMDIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzFhYjA1MTRjMDA3ZDUzNjhjMjRkNzM5NzE1ODU1NjcxMTRkNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmF1ZEXdceJU6R8i0kjOEkBsdsDC
6ZzhRowNvp8fhi4DP40qeet1+eClxr381rFFVU/aIJTGxf2gbVijwAQTdfuHW5Co
RJ/k9kFH5lOsC3IpErByxlZ7XYQ7YDCZ1+q3aa4/25rBg76q3c6l7XrBPJuJkKqG
WG7bgsTuuWBACAr6WShxCrww6xs0YkxZJ1I4Mxv/G/EqQlg3esWbZylAEoSh6G7v
ER66DdcCYUrhFu3GwKIxlYYFKbcPQ9A6VnfsTXcGjEe3Ya6aJr61ABRYR/MNFpwD
JtiL33/9lZdtvqp8g9CW1ZDK6lASGEDP62RH+W+EFbUlv+S8IUv74cRmqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMwasFFMAH1TaMJNc5cVhVZxFNRrMB8GA1UdIwQY
MBaAFIf0GuB3njfe/GmypbD3q4/UDNPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYt
YzQzYWIyYTEyZDU1LzEvekJxd1VVd0FmVk5vd2sxemx4V0ZWbkVVMUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYtYzQzYWIyYTEyZDU1
LzEvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWb4AAwQC
uZdMMA0EAgACMAcDBQAqA3wAMA0GCSqGSIb3DQEBCwUAA4IBAQCpWMTq2abLV+UW
YpH09Mv7qAD34DrLLBwCAGMJfOYVVB1P0fcHvdCo3TADKsuf8fI3wcLnXygVFHne
TVF4x+mVnGshv/CF9j3WZNRwoFDXhxSKVTtM+9IY9BPF5mGFe+y1fCgmkmCHYQoN
di5j10oH4yQbLn7nT6VHi/NsuKjL9acQBrxQuZgVu/MbHsEK2N+OcaWsrg03ZDBg
u+1wozrM0hNjg8RlISy/kJ1w4mjK6QCxM33kyY5EQalQXw9W7fOdsmqWV+lCKgUu
teRtrudXpdS4Z0q4pmZJP6dwlTSjFNJpV4ImGdalxf3iAMtYMeWfMiBnnbCqqMRO
Eu88Xjn4
-----END CERTIFICATE-----
Generated at Wed Feb 21 08:05:52 2024 by rpki-client on console-fra.rpki-client.org