Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/z4bPuoie_xfr4rQlteSBM94xqWA.roa
File: z4bPuoie_xfr4rQlteSBM94xqWA.roa (raw, json)
Hash identifier: tF5hICKmCxVKYKN1TB2kZZ3DUb+GNpu3/+DJFgK6xNw=
Subject key identifier: CF:86:CF:BA:88:9E:FF:17:EB:E2:B4:25:B5:E4:81:33:DE:31:A9:60
Certificate issuer: /CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Certificate serial: 0185719E705D212061D71A29D3A2F69EA014
Authority key identifier: C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/z4bPuoie_xfr4rQlteSBM94xqWA.roa
Signing time: Mon 02 Jan 2023 08:34:46 +0000
ROA not before: Mon 02 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45566
IP address blocks: 185.25.28.0/23 maxlen: 23
89.207.228.0/24 maxlen: 24
89.207.231.0/24 maxlen: 24
2a00:79e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:70:5d:21:20:61:d7:1a:29:d3:a2:f6:9e:a0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Validity
Not Before: Jan 2 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf86cfba889eff17ebe2b425b5e48133de31a960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a7:07:65:a1:96:a6:8e:48:a5:91:2c:e6:7f:
1d:13:fd:b3:5f:b8:3f:86:27:9d:4d:6d:e2:47:da:
e5:ac:e7:f3:83:e5:59:45:fd:79:7d:24:09:67:20:
4a:83:06:f0:41:ff:61:a4:b7:8e:12:fb:70:ab:85:
84:d8:50:2e:30:61:84:84:2f:6f:a0:27:23:0f:5c:
f3:8c:f1:81:c7:42:c0:32:f0:44:15:b3:4e:f0:0e:
b8:9d:ce:e4:24:3d:55:95:6b:16:7b:ca:90:03:5e:
b3:83:2b:57:9d:7b:ac:cb:fd:e2:5b:d2:25:2e:27:
df:98:07:01:d8:21:eb:46:5b:49:45:5f:d9:ba:11:
03:63:a6:9b:ff:d4:af:29:d6:2e:f0:ca:fa:07:1d:
36:70:cb:ad:f5:61:2d:2b:62:e1:04:00:fb:ec:a2:
e1:c2:9f:23:e0:83:38:04:6e:2c:6e:47:21:27:12:
bf:43:24:82:46:ca:2d:7f:9f:81:19:09:1f:59:a2:
63:6d:9d:78:0b:b1:19:84:20:35:3e:74:9a:49:21:
2a:44:6d:68:45:34:c5:9f:89:c4:54:aa:47:07:a0:
c9:4b:a4:37:7a:20:6c:84:7a:19:9e:a6:7e:54:2a:
69:ca:61:92:fa:73:b2:ee:4c:2d:49:a3:ef:22:0d:
5b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:86:CF:BA:88:9E:FF:17:EB:E2:B4:25:B5:E4:81:33:DE:31:A9:60
X509v3 Authority Key Identifier:
keyid:C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/z4bPuoie_xfr4rQlteSBM94xqWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.228.0/24
89.207.231.0/24
185.25.28.0/23
IPv6:
2a00:79e0::/32
Signature Algorithm: sha256WithRSAEncryption
4c:5a:db:49:a6:4a:f4:8d:5c:ab:35:f1:25:54:4a:12:f1:99:
a1:19:bc:5a:4e:77:4d:4d:98:1d:5e:78:4d:0c:d1:49:cd:ea:
aa:28:be:27:3e:20:b6:c5:a4:9c:2d:0d:0b:dd:8d:49:4d:09:
63:bc:29:28:d4:13:26:5f:b5:7c:17:c2:25:ba:8b:f0:01:a5:
90:e3:38:23:1a:ad:18:3e:f7:5d:af:20:9f:07:48:b2:84:fe:
aa:40:0a:5f:d9:91:1d:b3:5e:9a:d3:ad:62:77:0c:43:a6:a3:
7f:5f:4e:4e:d6:b0:02:7e:87:71:c0:76:f0:6d:69:15:f5:44:
52:4f:38:a1:14:19:8f:84:84:ce:9c:ff:8d:00:ea:28:82:7c:
40:f8:c8:c5:e7:01:ea:54:03:ca:7f:d4:bd:e2:89:a7:85:ad:
03:57:d9:7a:84:2a:31:00:80:51:d0:d1:c5:40:c7:df:25:4e:
36:07:70:90:38:b2:28:ef:0a:6c:ce:9e:b1:bf:2b:1e:27:7c:
7b:5b:b0:41:84:ba:44:6f:6f:30:14:44:78:80:c8:09:90:e1:
c4:16:48:29:4b:47:38:44:dc:74:3c:ee:f9:ce:95:0d:96:3e:
2c:c1:e9:44:dc:0f:e3:12:06:4c:3b:36:0e:da:47:92:35:2f:
e8:08:6b:ae
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxnnBdISBh1xop06L2nqAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzQ3ZmJlMjZjOWNkZDc2MjhhZGZlZGI1N2I3OGJlOGRl
NzVlMjkwHhcNMjMwMTAyMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg2Y2ZiYTg4OWVmZjE3ZWJlMmI0MjViNWU0ODEzM2RlMzFhOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6cHZaGWpo5IpZEs5n8dE/2zX7g/
hiedTW3iR9rlrOfzg+VZRf15fSQJZyBKgwbwQf9hpLeOEvtwq4WE2FAuMGGEhC9v
oCcjD1zzjPGBx0LAMvBEFbNO8A64nc7kJD1VlWsWe8qQA16zgytXnXusy/3iW9Il
LiffmAcB2CHrRltJRV/ZuhEDY6ab/9SvKdYu8Mr6Bx02cMut9WEtK2LhBAD77KLh
wp8j4IM4BG4sbkchJxK/QySCRsotf5+BGQkfWaJjbZ14C7EZhCA1PnSaSSEqRG1o
RTTFn4nEVKpHB6DJS6Q3eiBshHoZnqZ+VCppymGS+nOy7kwtSaPvIg1boQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM+Gz7qInv8X6+K0JbXkgTPeMalgMB8GA1UdIwQY
MBaAFMB0f74myc3XYorf7bV7eL6N514pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDIt
MzY4NjA4Mzg1ODgzLzEvejRiUHVvaWVfeGZyNHJRbHRlU0JNOTR4cVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDItMzY4NjA4Mzg1ODgz
LzEvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWc/kAwQA
Wc/nAwQBuRkcMA0EAgACMAcDBQAqAHngMA0GCSqGSIb3DQEBCwUAA4IBAQBMWttJ
pkr0jVyrNfElVEoS8ZmhGbxaTndNTZgdXnhNDNFJzeqqKL4nPiC2xaScLQ0L3Y1J
TQljvCko1BMmX7V8F8IluovwAaWQ4zgjGq0YPvddryCfB0iyhP6qQApf2ZEds16a
061idwxDpqN/X05O1rACfodxwHbwbWkV9URSTzihFBmPhITOnP+NAOoognxA+MjF
5wHqVAPKf9S94omnha0DV9l6hCoxAIBR0NHFQMffJU42B3CQOLIo7wpszp6xvyse
J3x7W7BBhLpEb28wFER4gMgJkOHEFkgpS0c4RNx0PO75zpUNlj4swelE3A/jEgZM
OzYO2keSNS/oCGuu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:12 2024 by rpki-client on console-ams.rpki-client.org