Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/czce4hkZB9480kiWi3c5SzVFawg.roa
File: czce4hkZB9480kiWi3c5SzVFawg.roa (raw, json)
Hash identifier: z1mJ8+rUW4Zw+xMd4hkKAyEMgPtYn6nhuxs0Zvj1mjU=
Subject key identifier: 73:37:1E:E2:19:19:07:DE:3C:D2:48:96:8B:77:39:4B:35:45:6B:08
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018BED2A1B3B551C53FD99337F054CC12C4D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/czce4hkZB9480kiWi3c5SzVFawg.roa
Signing time: Mon 20 Nov 2023 14:37:21 +0000
ROA not before: Mon 20 Nov 2023 14:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197789
IP address blocks: 89.37.193.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
94.176.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 05:51:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:2a:1b:3b:55:1c:53:fd:99:33:7f:05:4c:c1:2c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 20 14:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73371ee2191907de3cd248968b77394b35456b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3b:d9:bf:12:94:77:05:e8:72:5f:5e:27:bf:
4a:3d:a3:b9:1d:ad:25:ec:d7:fb:c4:ed:37:ad:7e:
8e:64:a5:34:a1:ba:52:b4:f1:6c:5f:d2:ad:72:6d:
ac:c0:17:15:e8:3a:04:9d:e8:75:0a:f8:d7:88:43:
c7:fa:3f:b8:9c:f9:a2:43:dc:eb:76:ea:61:bf:f3:
6d:87:3f:09:32:b0:ef:f7:8c:b8:0e:8e:63:2f:4d:
9e:c9:4c:10:6a:30:09:1e:35:03:1d:23:18:b7:fb:
8a:e1:fb:a2:85:b8:f1:83:cf:62:35:2d:d1:a5:77:
8c:82:bf:cc:9d:23:d2:9b:c2:ca:ab:ec:7b:95:1e:
8e:cb:c0:6a:e9:79:0c:bb:e8:6e:6c:d7:92:5c:29:
44:67:5d:8b:10:1e:79:d2:6f:e8:5c:1c:0d:19:fc:
bd:32:9d:9d:fe:ec:19:e3:a1:a8:a5:1c:b7:2b:87:
c4:28:b4:86:65:6b:0d:ac:d9:ad:4a:36:bd:ba:9d:
58:21:6a:92:08:ae:c3:48:41:1d:8a:4a:77:ed:6c:
30:1f:46:39:fe:a6:56:a6:dd:47:29:ea:55:88:db:
c7:b2:d8:18:8a:99:37:09:07:ae:f4:09:20:9f:41:
52:69:06:2a:59:47:7d:53:21:83:db:c6:06:33:65:
d4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:37:1E:E2:19:19:07:DE:3C:D2:48:96:8B:77:39:4B:35:45:6B:08
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/czce4hkZB9480kiWi3c5SzVFawg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.140.0/24
89.37.193.0/24
94.176.214.0/24
94.177.51.0/24
Signature Algorithm: sha256WithRSAEncryption
13:06:64:84:64:53:2f:b8:04:f6:c8:da:82:46:24:50:86:2a:
93:40:a9:8e:10:81:4f:57:77:de:06:2e:e4:ff:5c:2f:fb:73:
a2:c8:5f:75:6c:3a:8e:e3:ed:ca:88:7c:c7:14:ad:12:7f:07:
77:6a:07:c1:ed:5b:4e:fe:c2:91:05:d1:67:f6:61:38:3c:ee:
56:fb:38:ed:b5:72:73:ee:b1:b7:49:d8:ba:7a:7c:73:e4:2a:
ca:47:c9:17:40:44:4b:89:d3:84:d7:a4:04:30:95:a2:95:9a:
e5:e0:9b:79:9d:50:2d:15:03:1f:56:86:86:f6:ff:2d:f7:18:
26:49:cf:65:f6:94:3d:35:38:92:01:18:af:ee:4e:63:73:58:
91:53:9f:13:8e:9f:39:30:f6:36:63:5c:8e:de:1d:1e:ad:50:
4a:24:03:70:c9:d6:99:72:8e:85:32:36:22:ff:9f:b4:9e:dd:
e7:ca:58:53:f3:19:a7:d9:4f:46:55:34:d6:c8:48:66:9d:36:
f4:c8:ec:90:19:6b:a4:35:b1:f0:4c:ba:47:47:3e:0f:c1:fb:
70:ea:f3:2e:02:2f:8d:18:f1:8f:97:f2:33:71:d0:26:61:f5:
57:0f:3e:5b:0d:5c:6c:39:f3:81:ae:09:18:f6:54:72:28:43:
86:d5:fc:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvtKhs7VRxT/ZkzfwVMwSxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMTIwMTQzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzM3MWVlMjE5MTkwN2RlM2NkMjQ4OTY4Yjc3Mzk0YjM1NDU2YjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjvZvxKUdwXocl9eJ79KPaO5Ha0l
7Nf7xO03rX6OZKU0obpStPFsX9Ktcm2swBcV6DoEneh1CvjXiEPH+j+4nPmiQ9zr
duphv/Nthz8JMrDv94y4Do5jL02eyUwQajAJHjUDHSMYt/uK4fuihbjxg89iNS3R
pXeMgr/MnSPSm8LKq+x7lR6Oy8Bq6XkMu+hubNeSXClEZ12LEB550m/oXBwNGfy9
Mp2d/uwZ46GopRy3K4fEKLSGZWsNrNmtSja9up1YIWqSCK7DSEEdikp37WwwH0Y5
/qZWpt1HKepViNvHstgYipk3CQeu9Akgn0FSaQYqWUd9UyGD28YGM2XUwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHM3HuIZGQfePNJIlot3OUs1RWsIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvY3pjZTRoa1pCOTQ4MGtpV2kzYzVTelZGYXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSSMAwQA
WSXBAwQAXrDWAwQAXrEzMA0GCSqGSIb3DQEBCwUAA4IBAQATBmSEZFMvuAT2yNqC
RiRQhiqTQKmOEIFPV3feBi7k/1wv+3OiyF91bDqO4+3KiHzHFK0Sfwd3agfB7VtO
/sKRBdFn9mE4PO5W+zjttXJz7rG3Sdi6enxz5CrKR8kXQERLidOE16QEMJWilZrl
4Jt5nVAtFQMfVoaG9v8t9xgmSc9l9pQ9NTiSARiv7k5jc1iRU58Tjp85MPY2Y1yO
3h0erVBKJANwydaZco6FMjYi/5+0nt3nylhT8xmn2U9GVTTWyEhmnTb0yOyQGWuk
NbHwTLpHRz4Pwftw6vMuAi+NGPGPl/IzcdAmYfVXDz5bDVxsOfOBrgkY9lRyKEOG
1fxm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org