Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zpfcFHONmqbmVHd9FDziVB_GKJs.roa
File: zpfcFHONmqbmVHd9FDziVB_GKJs.roa (raw, json)
Hash identifier: /MrDj1q9a7r2yd7UUddt5/DUcjd2BYSYdHwu86Bxe8U=
Subject key identifier: CE:97:DC:14:73:8D:9A:A6:E6:54:77:7D:14:3C:E2:54:1F:C6:28:9B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CF742377625BA8E31940EC6B9C458F935
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zpfcFHONmqbmVHd9FDziVB_GKJs.roa
Signing time: Thu 11 Jan 2024 06:42:41 +0000
ROA not before: Thu 11 Jan 2024 06:42:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 81.161.228.0/24 maxlen: 24
45.8.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 13:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:42:37:76:25:ba:8e:31:94:0e:c6:b9:c4:58:f9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 11 06:42:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce97dc14738d9aa6e654777d143ce2541fc6289b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1b:7c:13:24:f2:6d:e1:c4:8b:3f:36:cb:f7:
ed:f3:21:62:cb:17:47:b0:08:f3:bb:30:3f:3f:94:
79:86:19:6f:fa:aa:72:99:6d:88:12:34:f4:1d:67:
a4:89:21:da:56:67:b1:20:dc:2e:51:2f:34:ca:34:
76:f4:19:12:b9:bf:ee:e5:23:2f:6c:d4:ba:12:e8:
84:eb:3c:85:2e:93:bc:a9:72:fe:59:96:f7:d3:99:
f9:28:bb:13:32:c0:54:f2:2f:f2:b8:58:0d:b7:5e:
ea:d6:9f:d7:70:48:a4:06:96:56:fd:d6:be:18:36:
35:08:97:9d:7f:4c:3a:02:e6:47:f5:54:36:41:fe:
42:5c:8a:83:3c:a4:9c:d4:a0:98:24:36:94:59:bf:
de:59:88:01:cd:2b:7f:30:3a:73:07:2a:0a:65:3e:
68:98:6d:52:a4:50:19:29:02:e2:1b:a0:07:3f:d3:
67:96:12:c3:9f:91:d9:20:64:a1:ed:1b:f4:0d:0f:
62:8d:51:89:29:43:19:5f:26:35:58:0b:74:4c:21:
6f:52:43:f3:39:f8:29:09:44:85:44:cd:26:ba:9f:
af:0d:69:c2:4b:d2:d1:d9:71:0f:ef:f9:f9:64:3e:
87:53:f3:c8:bc:4c:19:ae:76:b6:8f:bb:20:a6:da:
a5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:97:DC:14:73:8D:9A:A6:E6:54:77:7D:14:3C:E2:54:1F:C6:28:9B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zpfcFHONmqbmVHd9FDziVB_GKJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.72.0/23
81.161.228.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:52:f0:00:52:02:a8:05:13:ee:d7:d3:bc:8a:71:88:63:37:
92:60:ca:a3:d0:19:04:48:84:0d:dd:9a:98:62:1f:bf:6e:f4:
25:fe:95:82:c1:26:5e:f9:77:5d:75:00:74:f8:da:8b:1c:f0:
ca:6c:7a:fe:cc:25:e2:d6:af:b7:4e:c4:80:61:22:2f:cb:5d:
d9:dc:7e:0f:00:90:93:30:5a:10:e1:b0:c4:bb:fa:25:11:46:
d2:0d:be:14:2a:f8:ef:ff:10:62:fd:5d:75:5d:cb:a8:69:ec:
32:30:2c:e8:93:f8:d8:6a:e1:01:eb:84:64:78:10:1b:7c:ca:
89:cc:f0:bf:a8:d4:08:2a:15:bc:4a:93:3f:09:b5:87:af:07:
1a:d2:d2:14:26:51:8d:e7:63:dd:03:ec:5d:f3:90:a7:28:ed:
37:33:7b:97:05:21:00:26:28:1f:28:06:0e:ea:11:00:0f:f8:
ef:53:b5:05:07:dc:f9:33:74:97:51:b6:91:de:19:5b:3c:9d:
50:77:40:70:5f:1f:bd:05:6a:57:ad:39:fc:64:c9:48:25:7b:
c8:26:19:ca:fa:f5:2e:0b:96:15:6d:f2:47:49:c0:ec:07:b0:
06:84:46:84:d8:ee:1d:fe:4e:4d:57:6d:d4:68:2b:7b:04:cc:
28:37:21:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz3Qjd2JbqOMZQOxrnEWPk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTExMDY0MjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTk3ZGMxNDczOGQ5YWE2ZTY1NDc3N2QxNDNjZTI1NDFmYzYyODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRt8EyTybeHEiz82y/ft8yFiyxdH
sAjzuzA/P5R5hhlv+qpymW2IEjT0HWekiSHaVmexINwuUS80yjR29BkSub/u5SMv
bNS6EuiE6zyFLpO8qXL+WZb305n5KLsTMsBU8i/yuFgNt17q1p/XcEikBpZW/da+
GDY1CJedf0w6AuZH9VQ2Qf5CXIqDPKSc1KCYJDaUWb/eWYgBzSt/MDpzByoKZT5o
mG1SpFAZKQLiG6AHP9NnlhLDn5HZIGSh7Rv0DQ9ijVGJKUMZXyY1WAt0TCFvUkPz
OfgpCUSFRM0mup+vDWnCS9LR2XEP7/n5ZD6HU/PIvEwZrna2j7sgptqlyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM6X3BRzjZqm5lR3fRQ84lQfxiibMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvenBmY0ZIT05tcWJtVkhkOUZEemlWQl9HS0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQhIAwQA
UaHkMA0GCSqGSIb3DQEBCwUAA4IBAQBeUvAAUgKoBRPu19O8inGIYzeSYMqj0BkE
SIQN3ZqYYh+/bvQl/pWCwSZe+XdddQB0+NqLHPDKbHr+zCXi1q+3TsSAYSIvy13Z
3H4PAJCTMFoQ4bDEu/olEUbSDb4UKvjv/xBi/V11XcuoaewyMCzok/jYauEB64Rk
eBAbfMqJzPC/qNQIKhW8SpM/CbWHrwca0tIUJlGN52PdA+xd85CnKO03M3uXBSEA
JigfKAYO6hEAD/jvU7UFB9z5M3SXUbaR3hlbPJ1Qd0BwXx+9BWpXrTn8ZMlIJXvI
JhnK+vUuC5YVbfJHScDsB7AGhEaE2O4d/k5NV23UaCt7BMwoNyHc
-----END CERTIFICATE-----
Generated at Wed Apr 17 17:48:16 2024 by rpki-client on console-ams.rpki-client.org