Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/ZQB7r2repoKFCsG5gleVNLnVdD0.roa
File: ZQB7r2repoKFCsG5gleVNLnVdD0.roa (raw, json)
Hash identifier: R20pw1w5sUbE5HvaOMhXQcXNvtlRG6DbHdC+TplqnA0=
Subject key identifier: 65:00:7B:AF:6A:DE:A6:82:85:0A:C1:B9:82:57:95:34:B9:D5:74:3D
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 018572FA61D46425AEFFB6E79B9F126B8D95
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/ZQB7r2repoKFCsG5gleVNLnVdD0.roa
Signing time: Mon 02 Jan 2023 14:54:49 +0000
ROA not before: Mon 02 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29646
IP address blocks: 89.30.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:61:d4:64:25:ae:ff:b6:e7:9b:9f:12:6b:8d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 2 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65007baf6adea682850ac1b982579534b9d5743d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a2:e5:fb:5c:a8:c2:d6:7f:7d:c3:06:de:d0:
cd:32:03:c5:89:a6:a3:c5:e2:32:53:e4:5a:1b:3d:
27:eb:91:3f:69:ee:ef:d8:b4:69:07:ca:9c:cd:76:
25:c2:4c:9e:0a:59:42:44:f5:c8:f0:f9:aa:51:6c:
f2:a0:ba:44:5f:33:d8:8f:2b:7f:45:c0:da:17:3d:
8f:f8:f6:3b:f4:ea:9a:6e:3e:18:9d:cc:30:c7:c3:
89:f0:c6:2e:17:f5:87:3b:57:cc:b7:17:e0:16:df:
ad:2d:53:37:d4:5a:6c:9e:2e:b1:39:12:b0:8e:b9:
b4:42:7a:46:80:67:1e:05:8e:54:ea:7a:3a:2a:1e:
f0:9c:2e:f9:a6:db:5a:33:a5:33:b5:eb:1a:08:3f:
4a:1b:74:b3:b0:15:71:52:99:0f:de:8b:e3:94:bd:
85:d4:0c:78:3e:a2:7a:8e:42:c1:ce:0a:45:bd:9a:
ee:fe:68:85:eb:72:2e:f6:11:e8:22:93:0c:44:ff:
54:c3:05:e3:12:79:a0:05:da:f9:26:89:7f:14:e1:
80:a6:bb:fb:77:26:c7:f0:00:69:60:61:14:0f:ae:
76:c5:ad:c3:83:ee:a3:91:5b:c5:e4:6a:3b:2d:89:
65:bc:cd:d7:6a:f5:c3:7d:5b:75:a3:9a:e7:f2:5c:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:00:7B:AF:6A:DE:A6:82:85:0A:C1:B9:82:57:95:34:B9:D5:74:3D
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/ZQB7r2repoKFCsG5gleVNLnVdD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.113.0/24
Signature Algorithm: sha256WithRSAEncryption
af:6b:5a:09:c0:c5:f8:7b:74:55:9e:e3:32:f6:6b:a5:9e:ca:
89:54:9f:93:14:d7:ca:3b:3f:de:5a:ed:9f:0b:52:4e:16:db:
98:62:77:2f:d8:0d:1b:21:39:7a:7f:78:a4:9e:89:1b:26:62:
14:b9:2e:a6:38:b7:7f:b0:e1:75:4e:90:50:22:97:6e:22:4c:
6f:fd:a7:e8:7e:0b:6a:95:ec:9b:57:ed:70:aa:7c:ba:63:a3:
db:7d:f6:ac:69:de:49:ef:f9:f7:2b:24:f2:b4:9a:d2:4c:2f:
e4:29:84:12:d6:f6:7c:31:c2:86:5e:68:90:8a:2c:e9:f1:c9:
95:5b:91:e5:d5:92:8d:05:b3:33:35:bd:e4:d3:c6:93:2d:8f:
9e:4e:31:67:da:28:9d:62:18:94:3c:6a:3c:14:6d:51:bd:8d:
b3:80:01:69:ff:7e:c9:9e:af:15:30:1b:0e:e6:3b:49:3e:05:
58:1d:b5:dd:69:7f:f2:0c:86:a5:c1:50:5c:62:e1:7f:1b:68:
51:81:11:21:d8:e3:f8:34:24:1d:2d:f3:f8:80:c7:37:d8:5f:
93:40:54:e5:a9:01:fc:74:6d:39:aa:7c:2e:ba:3e:79:49:eb:
5b:8f:41:93:70:c3:25:97:90:b8:74:04:d4:45:5a:f6:e3:f9:
8a:a9:70:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+mHUZCWu/7bnm58Sa42VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAwN2JhZjZhZGVhNjgyODUwYWMxYjk4MjU3OTUzNGI5ZDU3NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6Ll+1yowtZ/fcMG3tDNMgPFiaaj
xeIyU+RaGz0n65E/ae7v2LRpB8qczXYlwkyeCllCRPXI8PmqUWzyoLpEXzPYjyt/
RcDaFz2P+PY79Oqabj4Yncwwx8OJ8MYuF/WHO1fMtxfgFt+tLVM31Fpsni6xORKw
jrm0QnpGgGceBY5U6no6Kh7wnC75pttaM6UztesaCD9KG3SzsBVxUpkP3ovjlL2F
1Ax4PqJ6jkLBzgpFvZru/miF63Iu9hHoIpMMRP9UwwXjEnmgBdr5Jol/FOGAprv7
dybH8ABpYGEUD652xa3Dg+6jkVvF5Go7LYllvM3XavXDfVt1o5rn8lxfJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUAe69q3qaChQrBuYJXlTS51XQ9MB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvWlFCN3IycmVwb0tGQ3NHNWdsZVZOTG5WZEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWR5xMA0G
CSqGSIb3DQEBCwUAA4IBAQCva1oJwMX4e3RVnuMy9mulnsqJVJ+TFNfKOz/eWu2f
C1JOFtuYYncv2A0bITl6f3iknokbJmIUuS6mOLd/sOF1TpBQIpduIkxv/afofgtq
leybV+1wqny6Y6Pbffasad5J7/n3KyTytJrSTC/kKYQS1vZ8McKGXmiQiizp8cmV
W5Hl1ZKNBbMzNb3k08aTLY+eTjFn2iidYhiUPGo8FG1RvY2zgAFp/37Jnq8VMBsO
5jtJPgVYHbXdaX/yDIalwVBcYuF/G2hRgREh2OP4NCQdLfP4gMc32F+TQFTlqQH8
dG05qnwuuj55Setbj0GTcMMll5C4dATURVr24/mKqXDO
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:27 2024 by rpki-client on console.sobornost.net