Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zR91tdhcXY-2nspIilKbj4m1krI.roa
File: zR91tdhcXY-2nspIilKbj4m1krI.roa (raw, json)
Hash identifier: 0HAZSHYdEQoExrGuelpDcrooDItzkg3rYhtouwyYJ2A=
Subject key identifier: CD:1F:75:B5:D8:5C:5D:8F:B6:9E:CA:48:8A:52:9B:8F:89:B5:92:B2
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0186C1C14260CCFD76F131725E94117FEBF8
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zR91tdhcXY-2nspIilKbj4m1krI.roa
Signing time: Wed 08 Mar 2023 15:05:13 +0000
ROA not before: Wed 08 Mar 2023 15:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7411
IP address blocks: 188.212.121.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 07:38:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:c1:42:60:cc:fd:76:f1:31:72:5e:94:11:7f:eb:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 8 15:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd1f75b5d85c5d8fb69eca488a529b8f89b592b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5b:73:c9:f3:d8:52:9b:7d:ef:e7:36:7d:25:
ac:8b:21:3c:f3:43:08:97:39:be:29:e8:0f:06:e4:
14:6f:f4:1b:f3:2f:e5:a7:43:78:d7:cc:f5:52:a0:
a8:4b:44:03:86:6f:ed:81:db:44:30:39:5d:2a:f1:
85:b6:bf:d5:5e:1d:8e:e5:33:cb:11:9a:5a:e1:04:
0d:9d:4d:7b:c9:bd:4e:15:c8:a3:ce:64:9c:77:26:
3e:49:13:69:91:cf:37:19:49:6a:44:d1:48:69:18:
a2:f1:27:02:33:25:14:2c:72:70:d5:19:b4:56:3c:
81:c0:d9:6c:5e:df:1e:27:0b:ce:a2:e6:34:de:65:
39:0c:6d:74:fc:0d:69:12:51:18:54:fb:56:69:29:
66:af:8a:6f:c4:e1:af:4f:22:6c:a4:f8:97:e3:ef:
1b:f1:79:62:c9:ed:0d:11:79:64:50:38:df:82:52:
29:9f:e1:f8:9a:1e:c2:83:42:ae:47:88:5b:ab:4b:
d3:0a:64:1f:85:63:e6:a2:d1:fb:90:8a:c9:5c:9a:
a2:19:77:95:a0:9f:e3:7c:9d:28:32:2f:1a:2d:48:
c7:f0:f2:4e:f0:85:f1:39:7f:18:cd:5f:fd:37:f3:
6d:fb:ff:91:b8:ee:7b:c4:77:1a:28:07:b9:a7:92:
78:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1F:75:B5:D8:5C:5D:8F:B6:9E:CA:48:8A:52:9B:8F:89:B5:92:B2
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zR91tdhcXY-2nspIilKbj4m1krI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.36.0/24
128.0.41.0/24
188.212.121.0/24
Signature Algorithm: sha256WithRSAEncryption
02:72:ca:5e:16:b3:8e:c7:72:8c:81:14:bd:ac:86:e4:b7:e3:
a8:6d:70:2f:b7:45:8d:52:65:b8:82:f9:b7:d8:1b:d8:e0:af:
3c:ab:ee:5e:ca:8a:96:f4:49:11:e2:20:d9:94:a4:87:96:9e:
26:52:a8:83:79:a1:fc:64:70:e1:ea:e3:55:f1:a0:b9:fe:55:
0f:4b:ff:39:6d:78:80:b4:d7:41:a6:fe:aa:0c:08:d7:b4:e1:
73:6f:98:c1:42:3a:cb:e8:ff:3a:14:ec:29:7f:6f:8c:52:f2:
db:19:5d:22:1d:ab:a5:c4:7b:e6:dc:fe:a6:3c:6d:97:c5:f4:
81:35:9f:f1:81:4d:3c:7d:3f:13:29:82:f9:21:75:1c:4d:e7:
7f:0c:31:2f:4d:18:27:4b:13:e7:55:60:94:d0:b1:b2:08:67:
b7:db:a0:a0:2a:26:88:9a:51:ee:d1:33:bb:0b:71:23:32:28:
21:33:54:eb:e5:e8:64:46:16:ae:c8:a5:b7:2f:f6:f4:a8:79:
53:72:22:c0:ad:f9:ff:e0:c4:e3:6c:41:e0:02:5f:6c:4f:5c:
18:45:37:68:e0:41:8f:e4:83:62:7f:1e:d9:16:66:28:25:e7:
6f:8d:65:d5:33:a6:ae:9e:6e:4e:3c:bf:e8:0a:fb:02:61:03:
ba:98:53:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbBwUJgzP128TFyXpQRf+v4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMzA4MTUwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDFmNzViNWQ4NWM1ZDhmYjY5ZWNhNDg4YTUyOWI4Zjg5YjU5MmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1tzyfPYUpt97+c2fSWsiyE880MI
lzm+KegPBuQUb/Qb8y/lp0N418z1UqCoS0QDhm/tgdtEMDldKvGFtr/VXh2O5TPL
EZpa4QQNnU17yb1OFcijzmScdyY+SRNpkc83GUlqRNFIaRii8ScCMyUULHJw1Rm0
VjyBwNlsXt8eJwvOouY03mU5DG10/A1pElEYVPtWaSlmr4pvxOGvTyJspPiX4+8b
8Xliye0NEXlkUDjfglIpn+H4mh7Cg0KuR4hbq0vTCmQfhWPmotH7kIrJXJqiGXeV
oJ/jfJ0oMi8aLUjH8PJO8IXxOX8YzV/9N/Nt+/+RuO57xHcaKAe5p5J4KQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM0fdbXYXF2Ptp7KSIpSm4+JtZKyMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvelI5MXRkaGNYWS0ybnNwSWlsS2JqNG0xa3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWS8kAwQA
gAApAwQAvNR5MA0GCSqGSIb3DQEBCwUAA4IBAQACcspeFrOOx3KMgRS9rIbkt+Oo
bXAvt0WNUmW4gvm32BvY4K88q+5eyoqW9EkR4iDZlKSHlp4mUqiDeaH8ZHDh6uNV
8aC5/lUPS/85bXiAtNdBpv6qDAjXtOFzb5jBQjrL6P86FOwpf2+MUvLbGV0iHaul
xHvm3P6mPG2XxfSBNZ/xgU08fT8TKYL5IXUcTed/DDEvTRgnSxPnVWCU0LGyCGe3
26CgKiaImlHu0TO7C3EjMighM1Tr5ehkRhauyKW3L/b0qHlTciLArfn/4MTjbEHg
Al9sT1wYRTdo4EGP5INifx7ZFmYoJedvjWXVM6aunm5OPL/oCvsCYQO6mFPT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org