Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0zyGoZpQ8mghbCxT7Dx5MJrxg9o.roa
File: 0zyGoZpQ8mghbCxT7Dx5MJrxg9o.roa (raw, json)
Hash identifier: FWOvpBbkOye9mM5lqYWUy2UkPnJEF7DZDa1+VCu+m8E=
Subject key identifier: D3:3C:86:A1:9A:50:F2:68:21:6C:2C:53:EC:3C:79:30:9A:F1:83:DA
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018E64FF6ED1CF7447CF0542A1E55E2AC073
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0zyGoZpQ8mghbCxT7Dx5MJrxg9o.roa
Signing time: Fri 22 Mar 2024 07:10:45 +0000
ROA not before: Fri 22 Mar 2024 07:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12325
IP address blocks: 89.46.128.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
128.0.1.0/24 maxlen: 24
185.18.224.0/23 maxlen: 24
188.208.110.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 13:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:64:ff:6e:d1:cf:74:47:cf:05:42:a1:e5:5e:2a:c0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 22 07:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d33c86a19a50f268216c2c53ec3c79309af183da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f7:80:2e:7b:05:34:2a:1b:c6:34:03:e4:4e:
85:f0:6c:54:25:ad:00:7d:a6:02:b1:49:e1:f8:8e:
53:50:98:65:23:37:de:be:2f:84:0e:17:1f:f8:f6:
3d:17:f5:d3:cb:7b:69:be:37:53:da:0c:55:8f:e5:
5b:f0:5d:e2:8d:b8:4b:c1:19:0e:f7:6a:7a:4b:62:
af:a3:77:cc:e2:f8:8c:60:1a:a9:96:72:0e:e9:91:
41:8d:d7:86:08:26:b8:f7:11:26:2f:36:20:83:53:
55:c7:14:a7:b1:23:73:f3:ad:f3:94:8a:5f:01:e0:
0d:22:eb:b8:75:2f:be:a1:90:de:ad:5b:63:09:fc:
19:2a:5f:a9:52:52:6d:21:24:95:57:40:3e:a3:2e:
13:b4:d9:b3:13:84:f9:a0:e7:ef:1e:40:e6:d9:8b:
ca:d3:44:ec:f7:b0:f3:d4:80:2d:00:37:2d:6d:ea:
80:0d:0a:6b:af:a7:56:39:18:e5:70:a5:bc:db:31:
eb:a1:0e:9b:b2:55:c4:fa:00:39:df:da:4f:73:49:
2c:3d:29:ad:f9:d8:e5:df:6a:bf:0a:87:8f:fb:94:
09:73:63:59:41:a9:ba:dd:3d:77:f1:79:d8:3d:16:
f1:b3:43:ea:3e:0a:92:85:04:72:3c:44:28:fe:0c:
a3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3C:86:A1:9A:50:F2:68:21:6C:2C:53:EC:3C:79:30:9A:F1:83:DA
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0zyGoZpQ8mghbCxT7Dx5MJrxg9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.128.0/22
89.46.232.0/21
128.0.1.0/24
185.18.224.0/23
188.208.110.0/24
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
49:6c:60:d0:0c:9a:6c:3d:5e:be:6d:36:37:2c:5d:a0:27:69:
55:b7:8f:68:95:8b:79:07:1b:ad:6b:ed:0f:28:ae:91:c1:cd:
52:bb:3b:97:74:fc:3e:07:20:7c:f2:b0:9f:be:bb:bf:bb:53:
8f:ae:56:a7:1f:09:06:83:c6:64:fa:3b:48:5f:c1:af:a9:5b:
9e:28:f3:80:d1:9d:b5:24:fd:4d:8d:a3:c8:eb:34:fe:c0:f1:
df:bd:01:8c:4e:83:f5:50:83:de:50:63:54:df:33:8e:28:da:
3f:9b:df:c5:9f:5c:b8:22:df:6f:9d:e3:44:99:ab:95:68:eb:
ed:13:a1:54:fe:88:8d:13:29:8a:cd:62:61:49:e5:f2:62:39:
08:ef:ec:43:bc:0f:ef:1c:42:79:a0:32:e8:18:ea:15:32:b9:
f3:22:59:82:ef:f1:3e:2c:e6:52:c5:70:d7:4e:6c:21:ec:21:
cb:eb:72:6d:f3:41:11:ae:8e:8b:da:41:2b:cb:a4:bc:81:0c:
9b:ac:cd:74:31:35:27:ba:6b:fa:9d:0d:01:04:f4:16:48:7b:
0b:c8:75:a8:16:0e:d9:68:11:66:80:03:d6:74:5c:4b:65:6a:
61:ce:b2:c4:47:16:27:2f:33:0e:b8:a2:1e:3f:53:be:1f:6f:
b3:b5:cc:8a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY5k/27Rz3RHzwVCoeVeKsBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMzIyMDcxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNjODZhMTlhNTBmMjY4MjE2YzJjNTNlYzNjNzkzMDlhZjE4M2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhveALnsFNCobxjQD5E6F8GxUJa0A
faYCsUnh+I5TUJhlIzfevi+EDhcf+PY9F/XTy3tpvjdT2gxVj+Vb8F3ijbhLwRkO
92p6S2Kvo3fM4viMYBqplnIO6ZFBjdeGCCa49xEmLzYgg1NVxxSnsSNz863zlIpf
AeANIuu4dS++oZDerVtjCfwZKl+pUlJtISSVV0A+oy4TtNmzE4T5oOfvHkDm2YvK
00Ts97Dz1IAtADctbeqADQprr6dWORjlcKW82zHroQ6bslXE+gA539pPc0ksPSmt
+djl32q/CoeP+5QJc2NZQam63T138XnYPRbxs0PqPgqShQRyPEQo/gyjxQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNM8hqGaUPJoIWwsU+w8eTCa8YPaMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzB6eUdvWnBROG1naGJDeFQ3RHg1TUpyeGc5by5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAJZLoAD
BANZLugDBACAAAEDBAG5EuADBAC80G4DBAK81ygwDQYJKoZIhvcNAQELBQADggEB
AElsYNAMmmw9Xr5tNjcsXaAnaVW3j2iVi3kHG61r7Q8orpHBzVK7O5d0/D4HIHzy
sJ++u7+7U4+uVqcfCQaDxmT6O0hfwa+pW54o84DRnbUk/U2No8jrNP7A8d+9AYxO
g/VQg95QY1TfM44o2j+b38WfXLgi32+d40SZq5Vo6+0ToVT+iI0TKYrNYmFJ5fJi
OQjv7EO8D+8cQnmgMugY6hUyufMiWYLv8T4s5lLFcNdObCHsIcvrcm3zQRGujova
QSvLpLyBDJuszXQxNSe6a/qdDQEE9BZIewvIdagWDtloEWaAA9Z0XEtlamHOssRH
FicvMw64oh4/U74fb7O1zIo=
-----END CERTIFICATE-----
Generated at Sat Mar 23 16:34:17 2024 by rpki-client on console-fra.rpki-client.org