Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ZJv6V6RCcsRWCHWCKQZkYvg3ZkY.roa
File: ZJv6V6RCcsRWCHWCKQZkYvg3ZkY.roa (raw, json)
Hash identifier: c9zjtN3XZ3UE+AsOp2oAIlba0Czj4mpVrM0JxXdK934=
Subject key identifier: 64:9B:FA:57:A4:42:72:C4:56:08:75:82:29:06:64:62:F8:37:66:46
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018C3408328234483E7FE6FF74CEE31DC139
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ZJv6V6RCcsRWCHWCKQZkYvg3ZkY.roa
Signing time: Mon 04 Dec 2023 08:53:21 +0000
ROA not before: Mon 04 Dec 2023 08:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.34.202.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 12 Dec 2023 17:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:08:32:82:34:48:3e:7f:e6:ff:74:ce:e3:1d:c1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 4 08:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=649bfa57a44272c45608758229066462f8376646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8d:37:b3:bc:98:b2:01:c9:6f:31:ff:47:29:
27:05:e0:f7:22:79:29:a1:ae:d7:fc:39:57:d2:05:
e9:98:85:be:84:57:da:48:0b:80:f9:c4:74:39:6a:
3a:29:4d:a0:1f:8a:b2:dc:d0:ab:d1:ca:33:e9:bc:
00:06:6e:50:23:e1:b7:49:eb:ab:b7:81:17:8e:15:
79:86:4e:0b:c8:ea:26:58:83:51:01:f0:6c:08:03:
5c:3b:bd:1b:19:f0:e6:f3:af:00:0b:0d:ae:5d:4f:
97:97:1a:ab:88:d5:b5:12:56:32:30:d3:8d:22:0a:
1a:d1:38:0a:14:7f:e8:c3:30:e5:ed:10:33:e7:76:
f4:77:ec:74:3d:c9:59:dc:8d:4f:f8:12:1c:02:4d:
f6:b7:d6:9d:c6:96:78:6f:aa:2d:84:e6:59:2b:2b:
5d:85:69:e4:98:c5:c8:e6:dc:07:6b:db:a2:ca:c0:
fb:c3:49:1a:07:5a:d6:b2:4b:93:60:c2:c4:4d:0e:
65:fb:0b:c4:01:f7:37:45:28:6a:bf:4f:bf:76:a0:
5b:1f:35:a0:fd:5a:64:b8:40:b7:ff:af:9e:0e:87:
75:39:45:5d:4a:ce:fa:38:98:9d:8f:e4:b1:f5:24:
0c:05:d3:fa:bb:3e:f8:05:51:c6:fc:ee:1a:7f:6d:
9c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9B:FA:57:A4:42:72:C4:56:08:75:82:29:06:64:62:F8:37:66:46
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ZJv6V6RCcsRWCHWCKQZkYvg3ZkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.202.0/24
89.35.119.0/24
89.35.130.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:08:7e:41:2a:0b:57:34:5e:11:04:65:fc:12:8e:d1:41:6d:
22:91:56:cb:de:29:12:3c:54:f3:6e:82:10:64:9c:0a:59:4d:
12:31:02:c7:3e:5a:25:d1:12:06:d3:54:59:5c:e3:36:30:fe:
b5:a3:89:66:34:6d:fa:f4:ef:a7:92:a7:5c:df:5a:7f:86:f0:
61:a5:64:d8:65:6a:99:9e:97:16:b8:3f:72:25:bc:be:f4:e6:
4f:d9:f5:09:7b:97:5f:ae:52:d6:b8:76:72:09:44:cc:4e:74:
2a:e2:fb:89:44:e3:51:0c:6a:13:9e:c7:f5:f8:75:f7:6b:2b:
c2:1a:b0:06:aa:11:d7:0a:9a:a5:a2:18:46:9b:16:1b:9d:e8:
18:12:8e:d6:73:d9:22:92:be:6a:ec:73:ca:3c:27:b0:3d:4b:
82:ad:42:7d:b2:a7:ff:85:74:7f:17:dc:57:e2:3c:38:6d:0a:
fb:80:29:45:9f:5f:f6:08:e8:ab:0d:88:be:e2:b3:64:b9:cf:
f5:b0:27:23:77:1f:f6:33:37:c8:7d:0f:44:5e:a6:76:03:cb:
19:23:5a:84:17:ea:bb:ed:d9:fe:b8:fd:94:d0:23:f9:e6:f7:
91:bf:ac:9f:78:60:dd:09:09:17:09:4d:ef:5d:6b:f0:69:bd:
9c:d4:56:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYw0CDKCNEg+f+b/dM7jHcE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMjA0MDg1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDliZmE1N2E0NDI3MmM0NTYwODc1ODIyOTA2NjQ2MmY4Mzc2NjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho03s7yYsgHJbzH/RyknBeD3Inkp
oa7X/DlX0gXpmIW+hFfaSAuA+cR0OWo6KU2gH4qy3NCr0coz6bwABm5QI+G3Seur
t4EXjhV5hk4LyOomWINRAfBsCANcO70bGfDm868ACw2uXU+XlxqriNW1ElYyMNON
Igoa0TgKFH/owzDl7RAz53b0d+x0PclZ3I1P+BIcAk32t9adxpZ4b6othOZZKytd
hWnkmMXI5twHa9uiysD7w0kaB1rWskuTYMLETQ5l+wvEAfc3RShqv0+/dqBbHzWg
/VpkuEC3/6+eDod1OUVdSs76OJidj+Sx9SQMBdP6uz74BVHG/O4af22c3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGSb+lekQnLEVgh1gikGZGL4N2ZGMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWkp2NlY2UkNjc1JXQ0hXQ0tRWmtZdmczWmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSLKAwQA
WSN3AwQBWSOCMA0GCSqGSIb3DQEBCwUAA4IBAQCaCH5BKgtXNF4RBGX8Eo7RQW0i
kVbL3ikSPFTzboIQZJwKWU0SMQLHPlol0RIG01RZXOM2MP61o4lmNG369O+nkqdc
31p/hvBhpWTYZWqZnpcWuD9yJby+9OZP2fUJe5dfrlLWuHZyCUTMTnQq4vuJRONR
DGoTnsf1+HX3ayvCGrAGqhHXCpqlohhGmxYbnegYEo7Wc9kikr5q7HPKPCewPUuC
rUJ9sqf/hXR/F9xX4jw4bQr7gClFn1/2COirDYi+4rNkuc/1sCcjdx/2MzfIfQ9E
XqZ2A8sZI1qEF+q77dn+uP2U0CP55veRv6yfeGDdCQkXCU3vXWvwab2c1FZF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org