Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Zx4zaFrnzZlTf2wp1HzVJ293Fmo.roa
File: Zx4zaFrnzZlTf2wp1HzVJ293Fmo.roa (raw, json)
Hash identifier: su9Dd4u5ZdbyO9Y5+IITlsYXPojC2qTtyppaAm62DIU=
Subject key identifier: 67:1E:33:68:5A:E7:CD:99:53:7F:6C:29:D4:7C:D5:27:6F:77:16:6A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F5870798689266F67526C034A5AF379E0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Zx4zaFrnzZlTf2wp1HzVJ293Fmo.roa
Signing time: Wed 08 May 2024 13:41:57 +0000
ROA not before: Wed 08 May 2024 13:41:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197450
IP address blocks: 45.128.233.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 13:22:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:70:79:86:89:26:6f:67:52:6c:03:4a:5a:f3:79:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 8 13:41:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=671e33685ae7cd99537f6c29d47cd5276f77166a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:50:1f:df:24:0c:29:13:bc:59:c1:21:a6:77:
6c:fe:8f:f2:11:85:89:c7:e9:22:44:45:a2:5e:fd:
25:e6:5c:36:19:7c:70:a0:86:84:25:52:59:ec:e2:
1a:16:73:31:a5:58:74:65:91:69:8d:2b:29:d7:34:
80:53:9d:b1:91:78:4a:57:3c:03:ca:a7:f8:65:a1:
01:56:98:8d:d3:83:09:00:ac:25:fd:6f:8d:37:aa:
94:40:92:f1:97:c5:6d:50:38:61:34:56:0e:bd:23:
6b:c4:2e:a0:a9:a8:bf:7b:ad:69:f4:b3:1e:26:68:
dd:a8:37:e1:bb:53:a8:c6:96:61:bf:b8:5b:7b:2e:
27:a1:80:d6:7b:83:16:5a:4e:34:9a:3f:fa:a4:49:
53:a0:95:08:36:ff:c2:0e:31:23:74:3a:e8:09:0a:
af:91:74:56:0d:c9:17:e3:eb:54:e1:1f:37:e4:35:
4a:62:9b:47:ea:18:83:2e:9b:02:41:7a:f3:dc:ac:
e9:f7:2a:6f:31:1b:d3:a3:81:50:fb:fb:09:9a:f1:
1f:8b:be:18:5d:e1:64:ec:21:5d:b5:b3:26:14:c5:
c1:a9:71:9b:46:17:a9:89:26:cb:c8:a3:b2:a7:9f:
1b:45:d8:c0:ec:af:c5:f4:b7:f9:9f:a9:fa:8a:5e:
af:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1E:33:68:5A:E7:CD:99:53:7F:6C:29:D4:7C:D5:27:6F:77:16:6A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Zx4zaFrnzZlTf2wp1HzVJ293Fmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
178.215.239.0/24
185.221.64.0/24
Signature Algorithm: sha256WithRSAEncryption
43:cf:12:74:17:0e:fe:cb:03:cb:8d:63:c1:d0:20:93:8f:d9:
fe:eb:70:c0:48:20:7a:5e:48:d4:b3:73:b4:1c:56:58:c9:26:
e1:fd:8e:52:d1:dc:4d:77:50:b6:f2:14:5a:80:f7:6a:f8:6c:
8c:a3:ad:7f:9a:ac:42:c5:c3:09:f4:b7:c4:68:80:15:87:ce:
fd:01:1d:c0:ab:84:69:a0:38:ea:dc:9d:73:f8:b7:e7:3f:d3:
eb:ee:40:9c:19:f9:f3:01:14:4c:39:08:01:12:7d:29:0a:1d:
2a:0e:99:32:97:d2:bf:6b:80:bb:74:e4:3c:20:4f:1a:e2:3a:
e7:d9:8e:11:14:64:5b:a5:0b:b0:a9:b3:ae:33:cf:37:2b:e4:
83:3b:68:ab:d5:ce:2a:f0:8a:fe:94:d7:81:62:2b:c4:7e:42:
20:b0:14:3c:1b:eb:2e:18:93:64:c1:13:7a:20:87:45:d4:6b:
9b:ee:7f:fb:91:df:e1:f8:48:34:57:d7:d4:d4:20:9f:b0:be:
1d:77:b0:1e:78:ea:88:96:72:79:19:fe:e9:6a:e3:f2:de:c8:
be:cc:30:5b:0a:6c:16:10:c9:7f:8b:01:0f:f3:4a:b1:cd:1c:
92:6d:e3:62:7f:8b:c9:29:45:4f:51:6b:27:e0:ae:37:56:29:
63:d5:59:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9YcHmGiSZvZ1JsA0pa83ngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTA4MTM0MTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFlMzM2ODVhZTdjZDk5NTM3ZjZjMjlkNDdjZDUyNzZmNzcxNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FAf3yQMKRO8WcEhpnds/o/yEYWJ
x+kiREWiXv0l5lw2GXxwoIaEJVJZ7OIaFnMxpVh0ZZFpjSsp1zSAU52xkXhKVzwD
yqf4ZaEBVpiN04MJAKwl/W+NN6qUQJLxl8VtUDhhNFYOvSNrxC6gqai/e61p9LMe
JmjdqDfhu1OoxpZhv7hbey4noYDWe4MWWk40mj/6pElToJUINv/CDjEjdDroCQqv
kXRWDckX4+tU4R835DVKYptH6hiDLpsCQXrz3Kzp9ypvMRvTo4FQ+/sJmvEfi74Y
XeFk7CFdtbMmFMXBqXGbRhepiSbLyKOyp58bRdjA7K/F9Lf5n6n6il6vTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGceM2ha582ZU39sKdR81SdvdxZqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWng0emFGcm56WmxUZjJ3cDFIelZKMjkzRm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYDpAwQA
stfvAwQAud1AMA0GCSqGSIb3DQEBCwUAA4IBAQBDzxJ0Fw7+ywPLjWPB0CCTj9n+
63DASCB6XkjUs3O0HFZYySbh/Y5S0dxNd1C28hRagPdq+GyMo61/mqxCxcMJ9LfE
aIAVh879AR3Aq4RpoDjq3J1z+LfnP9Pr7kCcGfnzARRMOQgBEn0pCh0qDpkyl9K/
a4C7dOQ8IE8a4jrn2Y4RFGRbpQuwqbOuM883K+SDO2ir1c4q8Ir+lNeBYivEfkIg
sBQ8G+suGJNkwRN6IIdF1Gub7n/7kd/h+Eg0V9fU1CCfsL4dd7AeeOqIlnJ5Gf7p
auPy3si+zDBbCmwWEMl/iwEP80qxzRySbeNif4vJKUVPUWsn4K43Vilj1Vn0
-----END CERTIFICATE-----
Generated at Wed Sep 4 15:47:28 2024 by rpki-client on console-ams.rpki-client.org