Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/Z_BZFUL6C-ftNQc0lkNg79gtamU.roa
File: Z_BZFUL6C-ftNQc0lkNg79gtamU.roa (raw, json)
Hash identifier: 06W35BAIdQfT0RghqgBCJxAQ2Nuvlau1PPbEOkY138c=
Subject key identifier: 67:F0:59:15:42:FA:0B:E7:ED:35:07:34:96:43:60:EF:D8:2D:6A:65
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018CC6B9113061BD8E07997F35D78DC6DED6
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/Z_BZFUL6C-ftNQc0lkNg79gtamU.roa
Signing time: Mon 01 Jan 2024 20:31:06 +0000
ROA not before: Mon 01 Jan 2024 20:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199739
IP address blocks: 185.141.11.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
109.224.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 08:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:11:30:61:bd:8e:07:99:7f:35:d7:8d:c6:de:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Jan 1 20:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67f0591542fa0be7ed350734964360efd82d6a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:e4:b5:e1:1b:01:f6:f6:07:51:78:b9:94:
17:2c:cb:71:5a:d6:80:1f:2f:b5:72:c0:80:91:c6:
d2:e6:7c:7d:29:18:de:8c:06:db:04:ea:c0:0a:b2:
4a:c8:e2:2c:97:2d:2d:97:d7:4d:a0:5e:77:df:45:
78:a7:0c:91:34:a5:56:52:cb:93:35:da:d8:83:ef:
c7:41:5d:44:ad:92:65:62:41:b9:9a:10:a6:52:8c:
36:b9:20:cf:48:30:37:f1:8b:35:ba:35:d6:0e:75:
de:c6:58:1c:d5:26:35:44:d2:e4:41:f6:80:70:29:
7a:af:0c:f6:01:e9:40:a2:0f:71:27:ad:a4:97:39:
ec:2a:f8:65:10:6d:8a:b5:d3:16:50:86:31:96:21:
ee:3d:f9:0d:55:b6:65:27:e7:87:6d:95:ae:30:3b:
63:fb:c5:90:5d:69:7e:4b:b6:a2:01:85:09:46:ed:
7d:01:c2:78:75:c2:cb:bb:b5:20:e7:09:77:57:79:
f8:9d:f1:2e:5f:4b:db:d5:a7:9a:2a:55:12:db:b2:
ff:a3:a1:c8:ae:f5:7d:86:6c:76:bf:0d:14:a1:77:
31:f5:f9:c1:ff:e0:ea:bd:05:86:ca:cb:64:27:e3:
20:38:08:f2:ec:b4:e9:48:20:29:bb:77:15:98:19:
18:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F0:59:15:42:FA:0B:E7:ED:35:07:34:96:43:60:EF:D8:2D:6A:65
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/Z_BZFUL6C-ftNQc0lkNg79gtamU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.32.0/24
185.141.9.0-185.141.11.255
Signature Algorithm: sha256WithRSAEncryption
65:7d:17:85:8f:0d:c8:0d:e1:82:f2:9f:08:74:30:b4:6d:10:
65:24:0c:ae:8d:53:57:c8:7e:fc:ed:69:54:ed:ad:89:21:c1:
a3:87:82:27:4e:23:dc:43:20:00:00:a2:21:90:54:53:53:fa:
ef:7e:7e:8f:cf:77:0e:c8:6b:b3:73:03:51:a1:d6:4b:8d:fd:
70:01:de:89:12:42:f1:f7:49:e0:7c:3f:b2:a4:eb:cd:b2:17:
cc:9e:20:67:cf:97:71:91:30:76:95:53:ac:5b:a8:6e:ec:33:
bd:11:f8:c3:50:ef:e8:28:49:df:06:67:88:f2:72:f4:1d:ec:
6a:2b:6d:8e:b9:22:e1:50:e8:b5:92:63:e9:7c:f8:6a:ce:f3:
4f:76:22:1f:1c:76:1d:8d:70:77:6e:00:cf:25:ff:d8:e9:95:
cf:3d:19:50:cc:93:72:29:d4:3a:8e:02:75:05:12:44:d9:84:
39:12:77:17:4e:7e:7b:26:9d:d5:27:c5:fa:9e:5d:23:e5:c2:
11:2b:4e:85:d4:7c:10:28:c5:fc:ed:2c:4d:b4:68:d1:22:44:
ce:5b:a6:ab:6a:4f:84:3a:c7:ad:71:6c:5e:c5:e6:30:d2:81:
35:01:68:f0:20:1a:34:03:57:d4:4c:20:a1:3f:68:15:f4:9f:
33:0d:d8:15
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGuREwYb2OB5l/NdeNxt7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjQwMTAxMjAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2YwNTkxNTQyZmEwYmU3ZWQzNTA3MzQ5NjQzNjBlZmQ4MmQ2YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFPkteEbAfb2B1F4uZQXLMtxWtaA
Hy+1csCAkcbS5nx9KRjejAbbBOrACrJKyOIsly0tl9dNoF5330V4pwyRNKVWUsuT
NdrYg+/HQV1ErZJlYkG5mhCmUow2uSDPSDA38Ys1ujXWDnXexlgc1SY1RNLkQfaA
cCl6rwz2AelAog9xJ62klznsKvhlEG2KtdMWUIYxliHuPfkNVbZlJ+eHbZWuMDtj
+8WQXWl+S7aiAYUJRu19AcJ4dcLLu7Ug5wl3V3n4nfEuX0vb1aeaKlUS27L/o6HI
rvV9hmx2vw0UoXcx9fnB/+DqvQWGystkJ+MgOAjy7LTpSCApu3cVmBkYGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGfwWRVC+gvn7TUHNJZDYO/YLWplMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvWl9CWkZVTDZDLWZ0TlFjMGxrTmc3OWd0YW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAbeAgMAwD
BAC5jQkDBAK5jQgwDQYJKoZIhvcNAQELBQADggEBAGV9F4WPDcgN4YLynwh0MLRt
EGUkDK6NU1fIfvztaVTtrYkhwaOHgidOI9xDIAAAoiGQVFNT+u9+fo/Pdw7Ia7Nz
A1Gh1kuN/XAB3okSQvH3SeB8P7Kk682yF8yeIGfPl3GRMHaVU6xbqG7sM70R+MNQ
7+goSd8GZ4jycvQd7GorbY65IuFQ6LWSY+l8+GrO8092Ih8cdh2NcHduAM8l/9jp
lc89GVDMk3Ip1DqOAnUFEkTZhDkSdxdOfnsmndUnxfqeXSPlwhErToXUfBAoxfzt
LE20aNEiRM5bpqtqT4Q6x61xbF7F5jDSgTUBaPAgGjQDV9RMIKE/aBX0nzMN2BU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:11 2024 by rpki-client on console-fra.rpki-client.org