Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/Rz7QN-N0hJ-EH45_3EGxkrNvWbg.roa
File: Rz7QN-N0hJ-EH45_3EGxkrNvWbg.roa (raw, json)
Hash identifier: fTB9cI9jZt5qRt4ybG3ShF6MG+Ez/g47E59hx9jNbzY=
Subject key identifier: 47:3E:D0:37:E3:74:84:9F:84:1F:8E:7F:DC:41:B1:92:B3:6F:59:B8
Certificate issuer: /CN=cb608201f88aeae9486b9fa87189d796c54027dd
Certificate serial: 018CC7274C86E5F683A0B781D73E739EB1BF
Authority key identifier: CB:60:82:01:F8:8A:EA:E9:48:6B:9F:A8:71:89:D7:96:C5:40:27:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2CCAfiK6ulIa5-ocYnXlsVAJ90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/Rz7QN-N0hJ-EH45_3EGxkrNvWbg.roa
Signing time: Mon 01 Jan 2024 22:31:30 +0000
ROA not before: Mon 01 Jan 2024 22:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213296
IP address blocks: 89.23.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 21:25:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4c:86:e5:f6:83:a0:b7:81:d7:3e:73:9e:b1:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb608201f88aeae9486b9fa87189d796c54027dd
Validity
Not Before: Jan 1 22:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=473ed037e374849f841f8e7fdc41b192b36f59b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a6:05:aa:4f:29:49:4a:bb:db:d7:dc:15:63:
c6:9a:30:17:85:47:39:6b:ef:dd:0b:dd:f0:51:46:
f9:cf:70:a8:ed:5a:90:f1:ed:7d:e2:39:b2:2a:4c:
6d:f4:d4:39:fb:cb:e9:d7:f5:81:23:76:f1:9c:9a:
03:1f:f5:35:ec:49:a5:3a:e5:68:13:9c:e3:33:7b:
6d:a7:ab:6b:ce:47:8a:78:8e:ca:e7:15:3e:f0:8e:
84:10:39:ab:36:a9:8f:25:48:05:39:8b:b2:4a:27:
f6:de:d5:a4:ca:f6:2a:ad:55:b4:d8:02:0c:44:e5:
a9:07:cc:6f:e9:c1:4d:a0:96:78:49:3c:1a:27:8f:
ae:68:26:21:13:98:34:d9:e8:36:1c:c2:25:c8:e3:
42:6d:be:56:38:97:5d:0b:1c:cf:e1:8a:b6:55:0a:
33:19:a2:b5:fa:8f:a3:d9:68:e9:bb:6e:47:25:aa:
44:12:46:13:59:6c:99:c3:09:21:dc:e3:07:87:fc:
3f:6f:05:6d:00:e9:71:61:28:87:2d:1f:b3:b4:8a:
bb:8a:23:a4:53:85:3e:02:f5:0c:d6:57:15:d7:0e:
7e:ee:09:f3:16:43:2c:2d:03:c9:bb:94:41:11:ed:
c3:75:f0:4e:18:51:25:9f:75:06:0a:bf:a8:00:1e:
11:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:3E:D0:37:E3:74:84:9F:84:1F:8E:7F:DC:41:B1:92:B3:6F:59:B8
X509v3 Authority Key Identifier:
keyid:CB:60:82:01:F8:8A:EA:E9:48:6B:9F:A8:71:89:D7:96:C5:40:27:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2CCAfiK6ulIa5-ocYnXlsVAJ90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/Rz7QN-N0hJ-EH45_3EGxkrNvWbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/y2CCAfiK6ulIa5-ocYnXlsVAJ90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.126.0/24
Signature Algorithm: sha256WithRSAEncryption
00:6d:cc:03:da:ab:1f:e0:d7:0d:02:31:fb:94:30:91:89:9f:
1c:65:92:9b:81:cd:ae:89:b2:14:dd:02:af:73:ec:92:16:3d:
51:ba:f0:25:1d:2f:80:6c:b2:b8:d8:33:04:a7:56:0d:98:bb:
9b:dc:63:f6:69:c3:8c:c1:b6:47:09:74:8d:a1:c5:2c:0a:20:
ab:8b:b5:9d:c4:2c:ff:fe:c1:a1:b6:36:9e:69:40:fe:15:5f:
f7:43:fc:14:82:40:19:83:20:b4:aa:86:8b:77:fa:67:1e:08:
13:ad:8b:a0:1a:cc:b3:dc:2a:59:9f:d3:2c:37:f3:a4:45:30:
6b:d7:57:d7:f8:de:41:0b:b8:b8:96:0c:f0:55:11:3e:f4:d1:
10:51:6f:05:11:ab:4c:af:c7:c4:84:91:ed:f5:b9:2e:de:66:
47:ff:9c:c0:71:4b:6c:fd:93:cf:b1:e1:63:1c:b0:e0:14:e2:
be:07:7a:c6:4f:c0:2e:37:2b:4a:87:6f:0e:31:09:cb:81:91:
1f:a7:a8:f8:aa:8b:9f:45:af:25:e9:21:b9:b8:a0:eb:ac:dc:
66:e8:3b:ea:cc:57:e2:27:aa:ec:85:7a:2a:0f:84:9c:a4:49:
3f:47:ef:5b:43:44:3d:d4:d9:3d:26:44:ba:3e:aa:cd:2f:e1:
18:da:cd:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ0yG5faDoLeB1z5znrG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjA4MjAxZjg4YWVhZTk0ODZiOWZhODcxODlkNzk2YzU0
MDI3ZGQwHhcNMjQwMTAxMjIzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzNlZDAzN2UzNzQ4NDlmODQxZjhlN2ZkYzQxYjE5MmIzNmY1OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6YFqk8pSUq729fcFWPGmjAXhUc5
a+/dC93wUUb5z3Co7VqQ8e194jmyKkxt9NQ5+8vp1/WBI3bxnJoDH/U17EmlOuVo
E5zjM3ttp6trzkeKeI7K5xU+8I6EEDmrNqmPJUgFOYuySif23tWkyvYqrVW02AIM
ROWpB8xv6cFNoJZ4STwaJ4+uaCYhE5g02eg2HMIlyONCbb5WOJddCxzP4Yq2VQoz
GaK1+o+j2Wjpu25HJapEEkYTWWyZwwkh3OMHh/w/bwVtAOlxYSiHLR+ztIq7iiOk
U4U+AvUM1lcV1w5+7gnzFkMsLQPJu5RBEe3DdfBOGFEln3UGCr+oAB4RewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEc+0DfjdISfhB+Of9xBsZKzb1m4MB8GA1UdIwQY
MBaAFMtgggH4iurpSGufqHGJ15bFQCfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJDQ0FmaUs2dWxJYTUtb2NZblhsc1ZBSjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mZjEwYTUtMmZhMy00OTQyLWIyYTkt
YmZlNTJiNGFmOGI3LzEvUno3UU4tTjBoSi1FSDQ1XzNFR3hrck52V2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mZjEwYTUtMmZhMy00OTQyLWIyYTktYmZlNTJiNGFmOGI3
LzEveTJDQ0FmaUs2dWxJYTUtb2NZblhsc1ZBSjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRd+MA0G
CSqGSIb3DQEBCwUAA4IBAQAAbcwD2qsf4NcNAjH7lDCRiZ8cZZKbgc2uibIU3QKv
c+ySFj1RuvAlHS+AbLK42DMEp1YNmLub3GP2acOMwbZHCXSNocUsCiCri7WdxCz/
/sGhtjaeaUD+FV/3Q/wUgkAZgyC0qoaLd/pnHggTrYugGsyz3CpZn9MsN/OkRTBr
11fX+N5BC7i4lgzwVRE+9NEQUW8FEatMr8fEhJHt9bku3mZH/5zAcUts/ZPPseFj
HLDgFOK+B3rGT8AuNytKh28OMQnLgZEfp6j4qoufRa8l6SG5uKDrrNxm6DvqzFfi
J6rshXoqD4ScpEk/R+9bQ0Q91Nk9JkS6PqrNL+EY2s1s
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:56 2024 by rpki-client on console.sobornost.net