Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/ZYjgY7ryfIbHpiMArvCmlxQ1VwM.roa
File: ZYjgY7ryfIbHpiMArvCmlxQ1VwM.roa (raw, json)
Hash identifier: EOHKrIL7wB3KzmgEhfTjF3+bIkjHNIy5Cuup7n1zkkI=
Subject key identifier: 65:88:E0:63:BA:F2:7C:86:C7:A6:23:00:AE:F0:A6:97:14:35:57:03
Certificate issuer: /CN=f694668ba76cf550c4139c17300160077dcea059
Certificate serial: 01856D3867F9A6A645B0A472E009E6CEBF29
Authority key identifier: F6:94:66:8B:A7:6C:F5:50:C4:13:9C:17:30:01:60:07:7D:CE:A0:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9pRmi6ds9VDEE5wXMAFgB33OoFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/ZYjgY7ryfIbHpiMArvCmlxQ1VwM.roa
Signing time: Sun 01 Jan 2023 12:04:51 +0000
ROA not before: Sun 01 Jan 2023 12:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 89.35.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:67:f9:a6:a6:45:b0:a4:72:e0:09:e6:ce:bf:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f694668ba76cf550c4139c17300160077dcea059
Validity
Not Before: Jan 1 12:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6588e063baf27c86c7a62300aef0a69714355703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9a:a8:32:b3:21:96:c5:88:3e:69:54:23:ca:
79:b5:7a:8b:57:8c:fa:03:5a:1c:5f:f1:66:e1:c6:
c8:9d:b7:b7:6f:e4:1f:6e:5c:7b:bc:04:8c:72:5e:
d5:8e:f5:9c:26:1e:73:f2:99:d1:4d:b1:89:9c:22:
93:9d:80:ec:8b:da:13:31:42:69:1f:2c:dd:56:97:
6e:84:00:d9:11:8c:84:a7:07:5b:1c:c8:ef:0a:0f:
22:5b:28:8f:22:ff:8d:79:d1:c7:c2:b1:7c:57:50:
1b:25:bb:87:39:aa:47:60:b5:2a:c6:c2:f3:80:b2:
5a:71:9a:be:e1:06:06:57:86:bf:c2:8e:46:0f:6d:
ec:a9:95:0d:d8:7e:64:90:cc:b0:e5:6f:87:5e:e0:
91:7a:4b:8e:9b:3c:86:a7:68:c8:42:8a:b6:a2:54:
e2:87:7d:75:f1:06:6e:91:fb:40:40:61:14:26:84:
f1:f9:8c:f6:31:fe:78:57:09:6a:90:7c:81:a7:cf:
97:74:dc:67:3f:26:32:dd:db:c3:1c:66:8f:b9:a4:
8c:a3:ca:8a:c4:97:8d:ba:18:a6:f1:33:e8:05:81:
cc:01:e4:ed:23:9e:1d:76:90:fd:21:cd:32:65:66:
aa:4f:e9:f0:ff:a5:b5:ce:c3:d3:fd:6f:cd:25:79:
69:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:88:E0:63:BA:F2:7C:86:C7:A6:23:00:AE:F0:A6:97:14:35:57:03
X509v3 Authority Key Identifier:
keyid:F6:94:66:8B:A7:6C:F5:50:C4:13:9C:17:30:01:60:07:7D:CE:A0:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9pRmi6ds9VDEE5wXMAFgB33OoFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/ZYjgY7ryfIbHpiMArvCmlxQ1VwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/9pRmi6ds9VDEE5wXMAFgB33OoFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.39.0/24
Signature Algorithm: sha256WithRSAEncryption
79:fc:f2:93:19:5a:65:6a:e1:82:2c:31:8b:0f:da:02:d3:4b:
45:22:45:00:b4:6f:c2:10:07:e4:e8:39:12:ed:6e:64:2d:13:
c1:e4:3d:ba:91:84:1d:6d:99:63:4e:56:e5:01:cc:25:4a:6c:
68:45:fd:4d:3b:c2:d9:0d:a7:35:8e:22:e3:11:0b:d2:ea:8a:
68:42:43:14:bb:33:16:2a:01:0d:da:43:83:53:a6:d9:fd:64:
cc:f0:e2:cb:bd:aa:9c:ca:28:02:c5:13:1e:9b:bc:53:1a:3e:
dd:1f:96:a0:b8:d9:9c:55:35:41:64:df:1b:11:71:bf:b9:49:
fe:b0:a9:1e:b3:8b:4a:74:9a:aa:b3:c0:b0:a7:f8:99:76:db:
68:54:23:ab:e7:91:4f:e3:8a:6b:89:b1:22:69:04:a9:3f:eb:
54:19:ea:a3:fe:fb:5e:58:60:6b:d5:28:72:06:83:28:0c:d6:
ab:c7:54:03:28:11:8b:a5:d0:13:8e:27:c1:15:8a:5e:13:c1:
51:76:16:4a:b9:36:89:9b:fe:23:21:cf:a1:d9:7a:51:2c:02:
d0:a7:de:10:bf:f1:00:ab:da:d3:39:9e:1b:1b:de:66:2c:28:
9f:90:96:7f:d4:5f:ce:79:50:7b:a4:59:b5:b6:c2:36:6d:c3:
b2:dc:c1:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGf5pqZFsKRy4Anmzr8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OTQ2NjhiYTc2Y2Y1NTBjNDEzOWMxNzMwMDE2MDA3N2Rj
ZWEwNTkwHhcNMjMwMTAxMTIwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg4ZTA2M2JhZjI3Yzg2YzdhNjIzMDBhZWYwYTY5NzE0MzU1NzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5qoMrMhlsWIPmlUI8p5tXqLV4z6
A1ocX/Fm4cbInbe3b+Qfblx7vASMcl7VjvWcJh5z8pnRTbGJnCKTnYDsi9oTMUJp
HyzdVpduhADZEYyEpwdbHMjvCg8iWyiPIv+NedHHwrF8V1AbJbuHOapHYLUqxsLz
gLJacZq+4QYGV4a/wo5GD23sqZUN2H5kkMyw5W+HXuCRekuOmzyGp2jIQoq2olTi
h3118QZukftAQGEUJoTx+Yz2Mf54VwlqkHyBp8+XdNxnPyYy3dvDHGaPuaSMo8qK
xJeNuhim8TPoBYHMAeTtI54ddpD9Ic0yZWaqT+nw/6W1zsPT/W/NJXlpQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWI4GO68nyGx6YjAK7wppcUNVcDMB8GA1UdIwQY
MBaAFPaUZounbPVQxBOcFzABYAd9zqBZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXBSbWk2ZHM5VkRFRTV3WE1BRmdCMzNPb0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS82ZTAzMTYtZjRiOS00Zjg5LWE4YTEt
N2U1MDkxM2FjMDFkLzEvWllqZ1k3cnlmSWJIcGlNQXJ2Q21seFExVndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS82ZTAzMTYtZjRiOS00Zjg5LWE4YTEtN2U1MDkxM2FjMDFk
LzEvOXBSbWk2ZHM5VkRFRTV3WE1BRmdCMzNPb0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSMnMA0G
CSqGSIb3DQEBCwUAA4IBAQB5/PKTGVplauGCLDGLD9oC00tFIkUAtG/CEAfk6DkS
7W5kLRPB5D26kYQdbZljTlblAcwlSmxoRf1NO8LZDac1jiLjEQvS6opoQkMUuzMW
KgEN2kODU6bZ/WTM8OLLvaqcyigCxRMem7xTGj7dH5aguNmcVTVBZN8bEXG/uUn+
sKkes4tKdJqqs8Cwp/iZdttoVCOr55FP44pribEiaQSpP+tUGeqj/vteWGBr1Shy
BoMoDNarx1QDKBGLpdATjifBFYpeE8FRdhZKuTaJm/4jIc+h2XpRLALQp94Qv/EA
q9rTOZ4bG95mLCifkJZ/1F/OeVB7pFm1tsI2bcOy3MFw
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:31 2024 by rpki-client on console-fra.rpki-client.org