Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZSZWBQCxdvY-TqtYNbK3ECuPBWk.roa
File: ZSZWBQCxdvY-TqtYNbK3ECuPBWk.roa (raw, json)
Hash identifier: L0x5c8MVxXZD5LivHe0O94Zeu4XhgcSD4qlkAmdOorU=
Subject key identifier: 65:26:56:05:00:B1:76:F6:3E:4E:AB:58:35:B2:B7:10:2B:8F:05:69
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D0C19E867767D140B72C4D0DF6049F2C1
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZSZWBQCxdvY-TqtYNbK3ECuPBWk.roa
Signing time: Mon 15 Jan 2024 07:50:40 +0000
ROA not before: Mon 15 Jan 2024 07:50:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.37.196.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 15:53:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:19:e8:67:76:7d:14:0b:72:c4:d0:df:60:49:f2:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 15 07:50:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6526560500b176f63e4eab5835b2b7102b8f0569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ab:55:c7:13:63:05:87:25:c3:a9:5b:fa:84:
65:cc:6c:13:a8:6d:af:73:eb:bb:3f:64:f1:29:ce:
16:07:39:9f:d1:25:b8:3a:ec:29:ea:c4:2d:d4:36:
92:71:ae:9f:bb:cf:f0:b0:d7:d0:cf:c4:93:65:7b:
f7:8a:db:4a:50:fc:4b:c0:12:10:b4:3f:26:23:71:
2d:29:25:99:f3:8c:6b:08:53:4f:78:1d:da:7e:17:
40:95:f8:62:fc:f6:6a:40:3d:b6:e9:9b:72:23:76:
75:c1:59:24:16:55:07:7b:c5:97:d9:42:75:12:ea:
8d:32:72:3e:9a:84:83:2b:2e:7c:0a:ae:4f:d3:2b:
0c:27:ec:a7:75:5f:9b:89:c2:59:69:d0:38:c1:f3:
57:21:24:77:7e:13:3a:24:54:7b:d8:07:83:a1:fc:
4e:fc:cb:2c:20:31:df:8c:b0:14:25:46:43:2c:6e:
4b:f7:32:91:73:1d:2d:ce:00:8b:2d:47:af:4d:78:
3a:49:d5:e4:f6:af:07:40:13:06:7c:23:e0:c4:64:
e1:c3:0f:42:69:08:fa:a4:ad:67:f4:32:30:92:b3:
63:1e:88:f7:b5:90:8d:4b:d0:6b:c7:09:dc:e6:cb:
27:6f:5a:d6:f0:58:a5:7c:4e:23:dd:eb:c1:55:1e:
12:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:26:56:05:00:B1:76:F6:3E:4E:AB:58:35:B2:B7:10:2B:8F:05:69
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZSZWBQCxdvY-TqtYNbK3ECuPBWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.196.0/24
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f4:4c:44:7a:8e:4f:6f:34:5f:6a:3a:f1:14:19:59:de:aa:
96:82:b8:59:fd:52:3d:05:a9:28:51:e0:72:30:70:e3:da:d3:
3a:07:ad:f3:80:05:bb:df:15:e3:fe:cb:ff:cf:23:0a:d0:a2:
0f:dc:45:97:1d:3f:3c:6e:1f:37:b5:08:84:cd:aa:53:4c:80:
ee:54:0b:06:d6:16:d5:8a:38:9c:8a:d0:1f:36:95:3c:3f:62:
b3:a0:9a:a9:ce:d4:f3:a0:a1:47:ab:1a:ef:01:e6:17:32:f9:
f2:7f:b9:06:5c:a9:ce:8a:5f:b7:c6:16:81:25:7f:a1:97:46:
60:69:78:f8:b0:a5:ef:45:44:70:c2:a4:80:28:6a:74:be:1f:
0c:50:db:6d:80:6f:be:02:a2:b3:00:ef:09:67:2d:64:b9:11:
0c:af:4e:0e:17:0d:c0:3f:8e:25:8e:c0:c7:0e:b7:38:2f:50:
ca:84:9c:9b:22:1f:85:28:a5:7e:e5:64:a8:ce:e2:3c:45:2c:
2c:f0:38:4a:5c:8d:6a:40:a0:a9:7f:d6:41:81:70:e2:6c:b3:
65:a0:44:b2:8e:2f:9f:5d:a3:07:f3:9c:e7:4d:d9:9f:95:78:
c2:c8:26:02:1b:fe:a5:dd:b5:af:4b:8a:c4:4a:9a:fc:de:e1:
43:54:9a:57
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY0MGehndn0UC3LE0N9gSfLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTE1MDc1MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI2NTYwNTAwYjE3NmY2M2U0ZWFiNTgzNWIyYjcxMDJiOGYwNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhatVxxNjBYclw6lb+oRlzGwTqG2v
c+u7P2TxKc4WBzmf0SW4Ouwp6sQt1DaSca6fu8/wsNfQz8STZXv3ittKUPxLwBIQ
tD8mI3EtKSWZ84xrCFNPeB3afhdAlfhi/PZqQD226ZtyI3Z1wVkkFlUHe8WX2UJ1
EuqNMnI+moSDKy58Cq5P0ysMJ+yndV+bicJZadA4wfNXISR3fhM6JFR72AeDofxO
/MssIDHfjLAUJUZDLG5L9zKRcx0tzgCLLUevTXg6SdXk9q8HQBMGfCPgxGThww9C
aQj6pK1n9DIwkrNjHoj3tZCNS9Brxwnc5ssnb1rW8FilfE4j3evBVR4SfwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGUmVgUAsXb2Pk6rWDWytxArjwVpMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWlNaV0JRQ3hkdlktVHF0WU5iSzNFQ3VQQldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWSXEMAwD
BABZKlEDBAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAGD0TER6jk9vNF9q
OvEUGVneqpaCuFn9Uj0FqShR4HIwcOPa0zoHrfOABbvfFeP+y//PIwrQog/cRZcd
PzxuHze1CITNqlNMgO5UCwbWFtWKOJyK0B82lTw/YrOgmqnO1POgoUerGu8B5hcy
+fJ/uQZcqc6KX7fGFoElf6GXRmBpePiwpe9FRHDCpIAoanS+HwxQ222Ab74CorMA
7wlnLWS5EQyvTg4XDcA/jiWOwMcOtzgvUMqEnJsiH4UopX7lZKjO4jxFLCzwOEpc
jWpAoKl/1kGBcOJss2WgRLKOL59dowfznOdN2Z+VeMLIJgIb/qXdta9LisRKmvze
4UNUmlc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org