Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z-4sJdzsdvM-BEXuVqwXFfAGp98.roa
File: Z-4sJdzsdvM-BEXuVqwXFfAGp98.roa (raw, json)
Hash identifier: 3maFA7Ac23tDSKvFiZBg0WDS8nWS9Ny0g+hUmPbLab0=
Subject key identifier: 67:EE:2C:25:DC:EC:76:F3:3E:04:45:EE:56:AC:17:15:F0:06:A7:DF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC501244B0EBE267FCED118D1C73D1ED0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z-4sJdzsdvM-BEXuVqwXFfAGp98.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203394
IP address blocks: 89.35.154.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:24:4b:0e:be:26:7f:ce:d1:18:d1:c7:3d:1e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ee2c25dcec76f33e0445ee56ac1715f006a7df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b7:3b:61:37:0f:35:c5:72:c8:3c:f0:18:62:
ab:7a:a0:1c:f3:1e:93:24:e6:47:38:25:9a:7c:1b:
98:00:24:f6:ca:77:ed:68:b5:c0:93:7d:3b:b7:e1:
d7:8a:e7:2d:36:9a:3a:18:54:a9:9a:34:34:97:01:
f8:9d:5a:47:36:f1:6e:17:d3:bd:d4:36:81:a9:17:
d6:d8:c4:55:94:57:27:8e:fc:3d:f7:d6:5d:17:66:
4a:ea:87:1e:21:5a:73:d7:83:cd:7a:31:d1:f5:b4:
65:64:d3:9f:64:7c:08:d4:ca:41:58:fb:2c:03:25:
58:0e:03:6f:bf:d4:72:2f:52:08:9e:b8:76:90:bd:
6d:88:67:25:0c:d7:26:5e:a1:11:6c:ba:9c:81:cb:
f0:2f:76:26:36:4d:7b:05:e2:b2:f0:66:7b:6a:b6:
8d:2b:0f:e8:e7:d0:ee:8f:31:f8:cf:90:d0:fe:29:
8a:11:5c:b5:9c:6f:4a:2d:42:a2:39:f6:3f:b4:52:
06:59:db:5a:35:61:1a:fa:13:79:fc:40:cd:9d:61:
0f:5b:52:1c:05:2d:9c:f3:24:96:78:f4:bd:af:1b:
57:f5:cb:ae:7f:90:9d:72:1a:1f:62:b9:84:ee:c1:
7f:7d:5e:58:92:92:c2:b2:ca:ae:93:a0:1a:cd:77:
30:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:2C:25:DC:EC:76:F3:3E:04:45:EE:56:AC:17:15:F0:06:A7:DF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z-4sJdzsdvM-BEXuVqwXFfAGp98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.154.0/24
188.240.230.0/24
188.240.232.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:4e:34:34:c8:f5:7c:91:ea:84:80:7d:c9:19:6c:f9:56:3c:
9b:3c:48:5b:8f:50:ff:b0:a4:b5:a0:2a:7f:19:9c:a4:7e:cc:
bb:ed:e7:7d:6a:10:c0:f8:d6:15:08:cd:b1:bc:57:a6:2d:07:
c9:f8:9e:df:0a:07:57:63:05:c7:a1:a9:5c:77:9a:22:b1:9e:
a8:63:8c:4a:78:22:9e:3d:08:33:da:c0:5a:81:ae:9a:df:34:
a4:bb:35:99:4e:d6:c6:db:13:7a:5f:4b:4c:7e:0f:f4:f5:af:
8b:ac:f7:50:50:82:ac:5b:d2:b1:05:5b:b0:fe:6c:e2:ee:57:
a2:53:40:5b:fd:ad:e9:94:0a:95:60:7a:b5:d3:43:85:d9:d8:
c0:6c:d3:65:e9:a1:c3:70:4a:5a:96:40:71:4d:51:53:3b:76:
2b:92:2e:63:19:5b:98:d1:28:e0:1b:1e:8e:25:f2:5f:a6:15:
92:4d:27:c3:a3:2e:f0:d2:50:51:a5:69:df:cc:a6:13:ec:58:
bc:6e:6d:c1:09:94:da:6c:9c:d2:8e:6f:b0:3e:fd:89:a8:10:
34:e1:d7:35:31:12:9e:36:06:df:2e:85:b5:3c:8b:93:63:ef:
fa:76:22:bd:cc:cb:11:3e:aa:6a:58:f2:1c:15:49:c4:2e:ca:
f9:4f:2c:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFASRLDr4mf87RGNHHPR7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VlMmMyNWRjZWM3NmYzM2UwNDQ1ZWU1NmFjMTcxNWYwMDZhN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7c7YTcPNcVyyDzwGGKreqAc8x6T
JOZHOCWafBuYACT2ynftaLXAk307t+HXiuctNpo6GFSpmjQ0lwH4nVpHNvFuF9O9
1DaBqRfW2MRVlFcnjvw999ZdF2ZK6oceIVpz14PNejHR9bRlZNOfZHwI1MpBWPss
AyVYDgNvv9RyL1IInrh2kL1tiGclDNcmXqERbLqcgcvwL3YmNk17BeKy8GZ7araN
Kw/o59DujzH4z5DQ/imKEVy1nG9KLUKiOfY/tFIGWdtaNWEa+hN5/EDNnWEPW1Ic
BS2c8ySWePS9rxtX9cuuf5CdchofYrmE7sF/fV5YkpLCssquk6AazXcwzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGfuLCXc7HbzPgRF7lasFxXwBqffMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWi00c0pkenNkdk0tQkVYdVZxd1hGZkFHcDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSOaAwQA
vPDmAwQAvPDoAwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQAMTjQ0yPV8keqEgH3J
GWz5VjybPEhbj1D/sKS1oCp/GZykfsy77ed9ahDA+NYVCM2xvFemLQfJ+J7fCgdX
YwXHoalcd5oisZ6oY4xKeCKePQgz2sBaga6a3zSkuzWZTtbG2xN6X0tMfg/09a+L
rPdQUIKsW9KxBVuw/mzi7leiU0Bb/a3plAqVYHq100OF2djAbNNl6aHDcEpalkBx
TVFTO3Yrki5jGVuY0SjgGx6OJfJfphWSTSfDoy7w0lBRpWnfzKYT7Fi8bm3BCZTa
bJzSjm+wPv2JqBA04dc1MRKeNgbfLoW1PIuTY+/6diK9zMsRPqpqWPIcFUnELsr5
TyxY
-----END CERTIFICATE-----
Generated at Wed Jan 3 18:36:46 2024 by rpki-client on console-ams.rpki-client.org