Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Z_sg1_d32iM7zGts3GpmNinIevE.roa
File: Z_sg1_d32iM7zGts3GpmNinIevE.roa (raw, json)
Hash identifier: 4VBN24cR68mA+RQs5epSw+jNDr8qtwx70R0x1W+jLMI=
Subject key identifier: 67:FB:20:D7:F7:77:DA:23:3B:CC:6B:6C:DC:6A:66:36:29:C8:7A:F1
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018F5C2E1CBD9C0569ADDE60D1BB97B8817E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Z_sg1_d32iM7zGts3GpmNinIevE.roa
Signing time: Thu 09 May 2024 07:07:56 +0000
ROA not before: Thu 09 May 2024 07:07:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 07:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:2e:1c:bd:9c:05:69:ad:de:60:d1:bb:97:b8:81:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 9 07:07:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67fb20d7f777da233bcc6b6cdc6a663629c87af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:d7:76:28:b6:c5:5e:4d:85:9d:be:e6:6d:
1c:3c:10:8a:de:67:67:30:88:24:5d:d1:ad:f2:86:
8c:0a:4a:cd:94:f8:c9:66:21:6e:b4:98:b9:11:65:
50:25:41:41:a8:12:f0:e2:47:0a:d6:9c:01:d1:ba:
58:f9:db:46:4f:00:ac:4c:ca:57:c4:25:3a:95:5c:
51:a4:75:04:e6:fc:d9:4a:a6:2b:36:51:10:ea:b3:
70:58:b1:17:af:1b:31:e3:44:55:2d:5c:e1:5b:f0:
66:30:6a:7e:ee:d9:d2:8c:63:0e:7c:fa:b8:f1:0d:
72:5f:d0:d5:23:24:09:88:37:ba:1b:a4:f7:3a:4c:
56:d4:b7:9f:4b:c4:70:20:96:0a:bb:c9:9c:e7:31:
44:87:52:a1:e8:b9:f4:0a:8d:0a:79:60:e7:67:02:
72:a6:95:78:2c:ed:46:8a:13:e4:37:55:0a:b3:df:
5f:c0:46:18:f9:aa:9d:88:8c:d8:f7:a6:1b:e3:ce:
20:ea:17:3d:9b:64:fb:16:48:95:10:a5:5d:6c:61:
60:eb:38:cf:42:d5:b7:41:98:1f:66:17:10:71:d9:
54:3c:59:f7:33:04:9a:e9:2a:a4:15:ec:2a:7e:84:
1b:71:da:cb:09:0c:ec:82:86:1d:f9:11:40:a0:3a:
f1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FB:20:D7:F7:77:DA:23:3B:CC:6B:6C:DC:6A:66:36:29:C8:7A:F1
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Z_sg1_d32iM7zGts3GpmNinIevE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ee:c9:1c:19:de:22:bb:40:93:f2:0f:b0:e8:22:e9:89:7f:
47:c1:39:56:07:19:84:10:bf:00:1f:60:1d:00:b9:71:e4:68:
fe:49:bc:7e:58:a1:01:33:0c:42:15:01:d5:f2:e5:ef:f1:89:
e6:26:32:eb:ec:7b:fa:f7:c1:38:49:09:bb:b6:d2:38:85:6c:
f0:ae:64:8c:e0:d6:c8:aa:0e:6b:76:e6:77:4e:6b:a5:30:4e:
13:20:ee:da:7d:30:c6:7e:08:b5:27:7d:01:a4:e1:ba:ab:30:
f1:ae:1d:66:64:b8:b6:9a:be:fb:18:8d:a3:80:40:5f:05:c5:
d9:74:83:e6:4c:02:52:d4:17:45:c3:0d:ef:5e:e1:1a:9a:6e:
20:1c:46:44:85:3e:71:c8:33:d7:b2:a3:6a:22:f8:5f:2f:c1:
42:4f:22:6e:99:6a:55:23:ba:a7:43:6e:8c:21:90:3d:9f:06:
f2:74:b8:bb:26:0c:6e:a0:ee:61:11:d6:bb:81:3b:d3:8c:70:
6d:ff:14:66:5d:d3:4e:ca:17:52:2d:9f:4b:9b:a4:0d:1c:92:
57:c8:65:d6:ab:84:d8:19:29:3d:87:7d:46:f7:a2:c6:03:ba:
ac:22:6f:e8:d1:a2:07:71:d6:70:aa:1c:ce:d2:84:b5:c5:33:
88:47:6c:12
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY9cLhy9nAVprd5g0buXuIF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNTA5MDcwNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZiMjBkN2Y3NzdkYTIzM2JjYzZiNmNkYzZhNjYzNjI5Yzg3YWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRbXdii2xV5NhZ2+5m0cPBCK3mdn
MIgkXdGt8oaMCkrNlPjJZiFutJi5EWVQJUFBqBLw4kcK1pwB0bpY+dtGTwCsTMpX
xCU6lVxRpHUE5vzZSqYrNlEQ6rNwWLEXrxsx40RVLVzhW/BmMGp+7tnSjGMOfPq4
8Q1yX9DVIyQJiDe6G6T3OkxW1LefS8RwIJYKu8mc5zFEh1Kh6Ln0Co0KeWDnZwJy
ppV4LO1GihPkN1UKs99fwEYY+aqdiIzY96Yb484g6hc9m2T7FkiVEKVdbGFg6zjP
QtW3QZgfZhcQcdlUPFn3MwSa6SqkFewqfoQbcdrLCQzsgoYd+RFAoDrx+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGf7INf3d9ojO8xrbNxqZjYpyHrxMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWl9zZzFfZDMyaU03ekd0czNHcG1OaW5JZXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAIHuyRwZ3iK7QJPyD7DoIumJ
f0fBOVYHGYQQvwAfYB0AuXHkaP5JvH5YoQEzDEIVAdXy5e/xieYmMuvse/r3wThJ
Cbu20jiFbPCuZIzg1siqDmt25ndOa6UwThMg7tp9MMZ+CLUnfQGk4bqrMPGuHWZk
uLaavvsYjaOAQF8Fxdl0g+ZMAlLUF0XDDe9e4RqabiAcRkSFPnHIM9eyo2oi+F8v
wUJPIm6ZalUjuqdDbowhkD2fBvJ0uLsmDG6g7mER1ruBO9OMcG3/FGZd007KF1It
n0ubpA0cklfIZdarhNgZKT2HfUb3osYDuqwib+jRogdx1nCqHM7ShLXFM4hHbBI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org