Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZQFDcDVKPEFmEvshL3fmtwv0-Z0.roa
File: ZQFDcDVKPEFmEvshL3fmtwv0-Z0.roa (raw, json)
Hash identifier: UdpOttQa9BX9MbRDIhWAPxiJKtSQ3bJnFYGGH9+ucXw=
Subject key identifier: 65:01:43:70:35:4A:3C:41:66:12:FB:21:2F:77:E6:B7:0B:F4:F9:9D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01873BBD9DCE19126369DEC59396C184E2C5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZQFDcDVKPEFmEvshL3fmtwv0-Z0.roa
Signing time: Sat 01 Apr 2023 07:34:54 +0000
ROA not before: Sat 01 Apr 2023 07:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 93.115.254.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
89.34.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3b:bd:9d:ce:19:12:63:69:de:c5:93:96:c1:84:e2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 1 07:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65014370354a3c416612fb212f77e6b70bf4f99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6f:18:52:3c:76:65:c9:2c:3c:f6:4a:74:a3:
3f:6b:d9:cf:60:a9:66:f0:19:4b:83:1f:b6:9d:d6:
40:7a:5b:cb:ce:50:32:e4:ae:9e:12:56:3d:99:cb:
ad:99:b0:a7:f6:90:8a:ff:25:b0:1e:42:a6:a7:f2:
70:b5:50:8c:05:e2:46:fa:63:72:4e:a8:4f:ab:4d:
e5:9d:db:ce:44:37:f7:65:be:04:00:06:2b:59:91:
0d:02:64:26:1e:81:58:c9:9e:44:31:c5:8a:48:cb:
0d:83:97:32:8b:51:b0:5f:ef:98:89:a9:f8:8b:bf:
d5:20:29:be:24:cf:6d:e4:f3:eb:9e:ca:44:30:e0:
45:8f:72:23:66:39:be:d6:55:b9:b9:77:57:38:ed:
e6:4b:e0:76:2c:5c:b1:17:11:ca:1c:b4:e5:fd:7a:
1b:b4:fa:6c:e3:84:91:3d:26:e5:d5:27:67:33:a6:
ed:0d:eb:66:0f:6f:c1:2d:d0:1a:5c:53:68:d3:f3:
d6:13:79:cc:24:e5:da:0d:6b:35:fd:0d:26:52:53:
7e:c9:b6:0f:b2:29:2b:e8:9e:01:bb:86:9b:b8:32:
a5:36:12:57:51:9e:00:65:47:c3:12:81:f3:6b:42:
b0:4c:92:9c:37:78:f9:ab:ef:14:05:59:af:5e:cb:
ab:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:01:43:70:35:4A:3C:41:66:12:FB:21:2F:77:E6:B7:0B:F4:F9:9D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZQFDcDVKPEFmEvshL3fmtwv0-Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.126.0/24
93.115.254.0/24
188.241.159.0/24
188.241.248.0/24
Signature Algorithm: sha256WithRSAEncryption
07:51:0d:80:8d:b3:d8:de:d1:4d:c8:58:c5:41:7c:8b:35:c9:
d7:e5:15:13:bc:f0:0b:83:03:3e:82:f3:9f:21:f6:3b:98:4c:
8e:24:fd:c4:f2:de:b0:a2:b1:00:43:b0:60:dc:09:bf:80:c4:
14:8e:65:28:0d:61:ab:a3:02:cc:48:c3:12:b6:ad:0e:4a:26:
1e:d8:56:c7:59:6c:63:04:62:e6:c8:36:3d:14:5d:ef:9a:7f:
8f:cb:94:4b:de:69:4e:26:34:a4:e3:61:49:77:5f:1d:bd:48:
65:e9:40:9a:ab:e6:9c:07:25:14:5a:20:af:7b:1a:10:3a:7c:
cc:52:b6:43:0a:3b:bc:9c:26:0a:a6:2b:e0:6f:e6:c4:42:0b:
41:97:18:7c:e1:87:a4:a4:b9:a1:cc:6e:bf:8a:1f:4a:15:21:
23:92:42:f2:24:10:f8:c0:4b:60:31:01:51:0f:9f:3a:b7:fb:
7b:d1:3d:54:b1:bb:15:e5:83:11:73:62:18:d5:51:ce:5a:4e:
80:52:c7:86:b7:f0:73:c2:32:c8:b1:72:b4:52:fc:86:ad:70:
24:a6:cb:92:60:3b:63:d2:5f:ad:90:82:d1:45:34:3c:6f:e1:
9d:8a:8e:d8:4e:ea:ef:fe:06:b9:4c:a1:62:ed:1a:4f:d3:d1:
93:a5:01:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYc7vZ3OGRJjad7Fk5bBhOLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDAxMDczNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAxNDM3MDM1NGEzYzQxNjYxMmZiMjEyZjc3ZTZiNzBiZjRmOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW8YUjx2ZcksPPZKdKM/a9nPYKlm
8BlLgx+2ndZAelvLzlAy5K6eElY9mcutmbCn9pCK/yWwHkKmp/JwtVCMBeJG+mNy
TqhPq03lndvORDf3Zb4EAAYrWZENAmQmHoFYyZ5EMcWKSMsNg5cyi1GwX++Yian4
i7/VICm+JM9t5PPrnspEMOBFj3IjZjm+1lW5uXdXOO3mS+B2LFyxFxHKHLTl/Xob
tPps44SRPSbl1SdnM6btDetmD2/BLdAaXFNo0/PWE3nMJOXaDWs1/Q0mUlN+ybYP
sikr6J4Bu4abuDKlNhJXUZ4AZUfDEoHza0KwTJKcN3j5q+8UBVmvXsurBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGUBQ3A1SjxBZhL7IS935rcL9PmdMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWlFGRGNEVktQRUZtRXZzaEwzZm10d3YwLVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSJ+AwQA
XXP+AwQAvPGfAwQAvPH4MA0GCSqGSIb3DQEBCwUAA4IBAQAHUQ2AjbPY3tFNyFjF
QXyLNcnX5RUTvPALgwM+gvOfIfY7mEyOJP3E8t6worEAQ7Bg3Am/gMQUjmUoDWGr
owLMSMMStq0OSiYe2FbHWWxjBGLmyDY9FF3vmn+Py5RL3mlOJjSk42FJd18dvUhl
6UCaq+acByUUWiCvexoQOnzMUrZDCju8nCYKpivgb+bEQgtBlxh84YekpLmhzG6/
ih9KFSEjkkLyJBD4wEtgMQFRD586t/t70T1UsbsV5YMRc2IY1VHOWk6AUseGt/Bz
wjLIsXK0UvyGrXAkpsuSYDtj0l+tkILRRTQ8b+Gdio7YTurv/ga5TKFi7RpP09GT
pQE8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org