Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Z8OtQ8sbzNWAfaFHApJTos418ik.roa
File: Z8OtQ8sbzNWAfaFHApJTos418ik.roa (raw, json)
Hash identifier: bbE5rPcdNRps+1KBqhnPcg91JG3mTM1DMCb9B8K8rcg=
Subject key identifier: 67:C3:AD:43:CB:1B:CC:D5:80:7D:A1:47:02:92:53:A2:CE:35:F2:29
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01856EC236B00C1937B6C50F798E1AAE44D1
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Z8OtQ8sbzNWAfaFHApJTos418ik.roa
Signing time: Sun 01 Jan 2023 19:14:59 +0000
ROA not before: Sun 01 Jan 2023 19:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134094
IP address blocks: 89.252.132.0/24 maxlen: 24
89.252.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:36:b0:0c:19:37:b6:c5:0f:79:8e:1a:ae:44:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 19:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67c3ad43cb1bccd5807da147029253a2ce35f229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:99:97:c1:71:8f:69:03:4a:f4:d8:40:70:be:
56:b9:5c:87:65:95:61:2b:b6:6d:72:23:b2:21:32:
98:8b:43:c5:1e:0f:9c:34:d4:be:cc:3b:0a:c9:9a:
27:bc:48:92:a6:16:d9:77:52:21:63:25:5f:88:7d:
c4:3d:44:cf:71:74:89:1d:22:f8:a3:34:63:73:f6:
02:eb:16:b0:5d:7e:c1:9c:7a:ab:c3:76:6e:59:da:
f7:8e:bc:07:79:f9:bb:37:7d:5d:b9:2b:02:e3:d6:
eb:33:6c:f5:a6:b6:90:fb:3b:cc:da:26:fb:be:44:
10:60:5e:0c:14:55:a3:3a:6f:57:f5:6c:ce:71:3a:
f2:c4:c3:ba:34:9c:f6:86:1a:29:b5:0f:73:0e:32:
d6:51:da:dc:04:72:6b:36:18:17:d6:37:09:ee:36:
c2:9a:fb:32:a3:2d:59:02:13:b0:e8:4d:19:be:2c:
4c:03:83:da:c3:6e:45:70:ea:c1:65:05:7b:5c:ae:
91:c6:e2:ff:12:d7:78:a6:bd:3f:42:ce:3d:fb:c2:
83:50:aa:bb:af:c4:d9:01:29:e1:11:64:e9:52:39:
3a:81:9a:3b:a8:ff:54:97:df:46:37:64:1e:61:0b:
cb:9b:78:3c:4e:ec:09:7e:a7:b3:16:ea:15:29:68:
64:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C3:AD:43:CB:1B:CC:D5:80:7D:A1:47:02:92:53:A2:CE:35:F2:29
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Z8OtQ8sbzNWAfaFHApJTos418ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.132.0/23
Signature Algorithm: sha256WithRSAEncryption
59:53:8d:81:8c:3b:da:39:37:bf:dc:7e:cd:fc:a8:69:73:25:
62:be:7b:36:4d:b5:ac:d8:20:1b:35:a0:b7:f2:ef:02:ef:fa:
66:9b:c3:e3:5a:0c:38:07:29:24:2e:90:68:c5:78:2d:f5:c1:
79:c5:12:f6:07:86:32:b5:3f:f8:ea:51:be:e4:84:cc:4a:2f:
25:29:8b:03:86:16:e6:75:7c:f1:b3:77:a6:d1:d3:a2:26:a5:
3b:93:71:f5:45:ae:26:08:25:9a:bb:45:9a:03:37:db:60:b3:
b3:c1:da:99:dc:8f:8c:eb:00:01:cc:12:24:d6:69:5a:3a:21:
c2:1b:28:02:b9:ee:2d:7c:ba:9a:4d:ba:60:f7:b3:d6:a6:c3:
72:32:8e:6d:b5:ff:9d:5b:85:ae:64:75:42:9e:2f:4d:bf:f9:
49:af:d9:3b:b2:6a:e7:81:9d:51:53:ba:34:59:c6:d2:07:d0:
a6:33:ab:e9:53:72:fa:17:38:a1:1a:29:a1:7c:21:77:1c:51:
25:69:26:05:99:c4:06:95:84:2c:8d:65:dd:ec:70:51:c4:82:
7f:3a:b1:21:d3:9e:fd:11:a1:e9:f2:e0:06:fa:c3:53:85:5b:
8f:26:5f:63:96:9d:8a:3d:31:c6:d1:c1:fc:70:1e:8b:ac:7b:
6b:50:e5:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwjawDBk3tsUPeY4arkTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMwMTAxMTkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2MzYWQ0M2NiMWJjY2Q1ODA3ZGExNDcwMjkyNTNhMmNlMzVmMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5mXwXGPaQNK9NhAcL5WuVyHZZVh
K7ZtciOyITKYi0PFHg+cNNS+zDsKyZonvEiSphbZd1IhYyVfiH3EPUTPcXSJHSL4
ozRjc/YC6xawXX7BnHqrw3ZuWdr3jrwHefm7N31duSsC49brM2z1praQ+zvM2ib7
vkQQYF4MFFWjOm9X9WzOcTryxMO6NJz2hhoptQ9zDjLWUdrcBHJrNhgX1jcJ7jbC
mvsyoy1ZAhOw6E0ZvixMA4Paw25FcOrBZQV7XK6RxuL/Etd4pr0/Qs49+8KDUKq7
r8TZASnhEWTpUjk6gZo7qP9Ul99GN2QeYQvLm3g8TuwJfqezFuoVKWhkIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfDrUPLG8zVgH2hRwKSU6LONfIpMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvWjhPdFE4c2J6TldBZmFGSEFwSlRvczQxOGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfyEMA0G
CSqGSIb3DQEBCwUAA4IBAQBZU42BjDvaOTe/3H7N/KhpcyVivns2TbWs2CAbNaC3
8u8C7/pmm8PjWgw4BykkLpBoxXgt9cF5xRL2B4YytT/46lG+5ITMSi8lKYsDhhbm
dXzxs3em0dOiJqU7k3H1Ra4mCCWau0WaAzfbYLOzwdqZ3I+M6wABzBIk1mlaOiHC
GygCue4tfLqaTbpg97PWpsNyMo5ttf+dW4WuZHVCni9Nv/lJr9k7smrngZ1RU7o0
WcbSB9CmM6vpU3L6FzihGimhfCF3HFElaSYFmcQGlYQsjWXd7HBRxIJ/OrEh0579
EaHp8uAG+sNThVuPJl9jlp2KPTHG0cH8cB6LrHtrUOVQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org