Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NZbIxzkLuKz4wbkWuC2XAQU-tP4.roa
File: NZbIxzkLuKz4wbkWuC2XAQU-tP4.roa (raw, json)
Hash identifier: paKhnI71dJ2AAQuA12OUCXSboTluMYjlIcD5Uo9n6WI=
Subject key identifier: 35:96:C8:C7:39:0B:B8:AC:F8:C1:B9:16:B8:2D:97:01:05:3E:B4:FE
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01892A5D68D7F7F2ED0FD3A6C3177070758E
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NZbIxzkLuKz4wbkWuC2XAQU-tP4.roa
Signing time: Thu 06 Jul 2023 08:41:52 +0000
ROA not before: Thu 06 Jul 2023 08:41:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49302
IP address blocks: 92.114.108.0/24 maxlen: 24
89.35.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:5d:68:d7:f7:f2:ed:0f:d3:a6:c3:17:70:70:75:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jul 6 08:41:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3596c8c7390bb8acf8c1b916b82d9701053eb4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:3b:cb:32:b7:93:df:99:55:ff:bd:db:97:
dd:a4:49:1e:19:30:60:49:c2:2f:84:c8:57:b2:e1:
c7:a2:86:df:8d:e3:4b:d1:7f:3c:75:73:8a:51:4c:
8a:14:57:40:78:39:8b:32:1a:6b:01:bd:db:53:88:
d2:90:f8:55:50:34:a6:b6:24:ba:83:ab:ca:c3:e0:
3b:f2:ae:e8:71:cf:d2:4b:97:3c:7e:63:10:46:a5:
2d:1f:33:94:50:e4:32:bf:63:47:01:78:15:a8:d3:
f9:1d:96:d3:b6:d1:90:44:d2:01:d3:45:77:a2:a3:
e7:54:0d:a2:17:1f:2c:04:ba:6e:1c:2c:03:a0:42:
69:55:59:c7:83:be:6f:e4:fd:bf:42:66:77:77:b3:
56:dd:e6:a6:8a:ff:c2:69:3b:58:bf:30:fc:93:0f:
0e:f9:f4:3e:1c:de:11:40:c5:23:ed:89:4b:81:71:
75:39:58:8a:ed:9a:f4:45:fa:34:63:44:50:e2:20:
5c:ef:2e:17:15:32:ba:0a:39:a7:c1:ed:81:c7:7c:
a1:97:03:d7:43:f1:7b:7f:03:ea:34:19:37:4b:06:
d1:b5:c2:fd:5c:f6:fb:e5:76:43:b7:50:21:91:31:
04:b8:3e:94:fc:c4:93:b6:2e:fa:ba:53:63:cd:0a:
51:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:96:C8:C7:39:0B:B8:AC:F8:C1:B9:16:B8:2D:97:01:05:3E:B4:FE
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NZbIxzkLuKz4wbkWuC2XAQU-tP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.77.0/24
92.114.108.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:44:49:c3:77:e3:0f:77:c4:ec:87:42:af:62:69:86:81:a7:
77:a6:d3:69:95:25:d2:c0:45:45:4e:a5:3d:7a:c9:32:b1:e9:
77:fe:91:04:0d:3b:8b:6c:6a:51:dc:79:ce:e7:06:e0:68:6c:
62:e8:e9:a6:e6:8c:ca:46:db:ff:f0:53:ac:39:29:32:17:ed:
35:85:47:47:fe:9a:42:1b:32:4b:1d:10:73:88:18:1e:e0:8a:
e2:e7:be:73:8d:40:72:07:45:0c:01:f7:dc:1d:dd:15:0c:ef:
e6:34:1a:48:8f:88:86:20:76:92:bd:b8:ca:8c:d4:5c:61:eb:
86:eb:23:89:58:63:4a:c5:aa:7a:e8:52:8e:a6:5f:51:63:0f:
59:ad:8d:a4:00:46:ac:4f:72:6b:b4:54:20:e4:d5:1d:6d:51:
fa:df:f5:56:8f:7b:31:63:ac:d6:70:30:4c:14:da:0a:d9:df:
af:d6:e7:01:b5:a7:9c:c0:7a:3a:b5:97:76:d9:30:50:ad:ca:
65:00:c3:d3:8c:58:98:cb:4a:e9:7a:89:ad:5b:48:16:07:f1:
9b:e5:ce:5c:10:c7:99:1d:6a:ac:e6:00:63:9e:cf:df:8a:dc:
7d:92:c1:af:9d:29:66:97:b2:1e:7b:3e:1b:50:49:3f:1d:2a:
64:9c:1d:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkqXWjX9/LtD9OmwxdwcHWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwNzA2MDg0MTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk2YzhjNzM5MGJiOGFjZjhjMWI5MTZiODJkOTcwMTA1M2ViNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu87yzK3k9+ZVf+925fdpEkeGTBg
ScIvhMhXsuHHoobfjeNL0X88dXOKUUyKFFdAeDmLMhprAb3bU4jSkPhVUDSmtiS6
g6vKw+A78q7occ/SS5c8fmMQRqUtHzOUUOQyv2NHAXgVqNP5HZbTttGQRNIB00V3
oqPnVA2iFx8sBLpuHCwDoEJpVVnHg75v5P2/QmZ3d7NW3eamiv/CaTtYvzD8kw8O
+fQ+HN4RQMUj7YlLgXF1OViK7Zr0Rfo0Y0RQ4iBc7y4XFTK6Cjmnwe2Bx3yhlwPX
Q/F7fwPqNBk3SwbRtcL9XPb75XZDt1AhkTEEuD6U/MSTti76ulNjzQpRswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDWWyMc5C7is+MG5FrgtlwEFPrT+MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvTlpiSXh6a0x1S3o0d2JrV3VDMlhBUVUtdFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSNNAwQA
XHJsMA0GCSqGSIb3DQEBCwUAA4IBAQBdREnDd+MPd8Tsh0KvYmmGgad3ptNplSXS
wEVFTqU9eskysel3/pEEDTuLbGpR3HnO5wbgaGxi6Omm5ozKRtv/8FOsOSkyF+01
hUdH/ppCGzJLHRBziBge4Iri575zjUByB0UMAffcHd0VDO/mNBpIj4iGIHaSvbjK
jNRcYeuG6yOJWGNKxap66FKOpl9RYw9ZrY2kAEasT3JrtFQg5NUdbVH63/VWj3sx
Y6zWcDBMFNoK2d+v1ucBtaecwHo6tZd22TBQrcplAMPTjFiYy0rpeomtW0gWB/Gb
5c5cEMeZHWqs5gBjns/fitx9ksGvnSlml7Ieez4bUEk/HSpknB0c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:06 2024 by rpki-client on console-fra.rpki-client.org