Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZDLGHNokw5RBM1queYPX6GLBBqc.roa
File: ZDLGHNokw5RBM1queYPX6GLBBqc.roa (raw, json)
Hash identifier: J9gZ0ZAHbpthJ7LYEBlnHTkL2XEl2xcwHgA3oR4+PLM=
Subject key identifier: 64:32:C6:1C:DA:24:C3:94:41:33:5A:AE:79:83:D7:E8:62:C1:06:A7
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E3020115EA4546CCCA559B85832AC
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZDLGHNokw5RBM1queYPX6GLBBqc.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30823
IP address blocks: 45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
185.117.1.0/24 maxlen: 24
185.117.2.0/24 maxlen: 24
204.11.1.0/24 maxlen: 24
45.91.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 16:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:30:20:11:5e:a4:54:6c:cc:a5:59:b8:58:32:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6432c61cda24c39441335aae7983d7e862c106a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d9:58:80:40:e6:f9:c7:cc:ff:7a:be:5a:c2:
00:ce:3d:3a:1a:50:f9:cf:b3:ad:22:58:47:83:6a:
2f:74:41:b6:cd:94:de:89:82:a7:d4:bb:a7:04:18:
60:06:05:90:6d:d5:7e:a8:89:7d:a4:8a:17:58:82:
70:44:12:f6:b6:39:59:c1:a2:15:16:c9:e7:4e:e6:
97:b6:b8:ab:d8:40:bc:d0:98:8e:10:d7:40:58:91:
cf:a4:23:fb:ac:b5:11:c9:ff:e4:b9:ad:b1:63:d3:
2a:3d:75:7f:7f:fe:23:11:a2:70:88:14:d5:16:c0:
1e:6c:04:04:19:3b:db:6c:8b:01:fd:68:45:5e:b9:
22:bc:65:7f:34:88:05:e2:19:d8:6f:f4:0e:86:d7:
ea:02:9b:3c:7a:d4:b9:8e:31:16:94:e1:d7:e0:3e:
a8:d4:90:95:c0:ef:55:d5:70:13:f3:81:fa:b7:ba:
fe:4d:fc:a1:7b:7a:5c:ff:af:23:c3:a6:b3:1f:ed:
78:27:bc:e5:fb:aa:4f:68:80:23:bb:06:78:98:cb:
35:12:cc:d9:8d:48:25:4b:83:ed:6a:eb:d4:07:ae:
b3:30:27:8d:05:7e:43:84:7c:2e:81:7d:ef:ae:56:
b2:b8:96:a8:24:e1:41:52:34:69:d0:c8:f1:b0:10:
30:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:32:C6:1C:DA:24:C3:94:41:33:5A:AE:79:83:D7:E8:62:C1:06:A7
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZDLGHNokw5RBM1queYPX6GLBBqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.124.0/22
45.91.250.0/24
185.117.1.0-185.117.2.255
204.11.1.0/24
Signature Algorithm: sha256WithRSAEncryption
78:77:a1:56:a3:56:78:8d:cb:77:df:e1:01:c1:e6:d0:42:ac:
93:4a:0f:93:2b:2f:11:67:ec:a7:21:54:c4:4e:2e:bd:6a:86:
19:32:be:89:34:3f:62:6e:9d:1a:c6:56:70:fd:9c:8f:c5:47:
91:a6:53:ab:b6:67:75:31:9b:46:0b:f6:0f:d8:4a:b2:2a:aa:
bc:a3:cf:43:16:07:bd:31:eb:a5:ab:e0:ba:13:02:6b:60:db:
87:2e:2e:7c:34:92:b0:71:8d:80:d0:8c:20:a1:bc:b2:a2:6c:
47:2f:47:59:6b:c0:d4:37:c0:53:04:17:f5:d6:d2:3f:f2:cc:
d4:39:ce:70:9b:3e:0b:97:b7:78:bb:1f:f7:1b:3a:f3:58:bc:
97:2e:ae:fc:bf:76:5f:9a:d3:aa:5f:35:e2:2a:50:35:6a:1a:
1c:40:70:e7:b5:86:21:e4:88:d1:18:34:36:d8:70:d6:a7:ea:
83:92:97:66:7a:ad:f4:b9:7a:0a:75:a7:ff:01:1a:5e:b1:42:
39:21:3e:84:42:0c:94:a3:5f:45:f6:92:4f:bc:73:2c:71:f5:
f4:f8:d7:d6:11:07:f3:64:5e:59:1d:84:c6:b3:9d:b0:a2:d4:
eb:f5:47:33:6f:b6:51:d6:c8:c2:83:c1:24:e7:58:0e:81:b5:
1e:95:e6:bb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJTjAgEV6kVGzMpVm4WDKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMyYzYxY2RhMjRjMzk0NDEzMzVhYWU3OTgzZDdlODYyYzEwNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9lYgEDm+cfM/3q+WsIAzj06GlD5
z7OtIlhHg2ovdEG2zZTeiYKn1LunBBhgBgWQbdV+qIl9pIoXWIJwRBL2tjlZwaIV
FsnnTuaXtrir2EC80JiOENdAWJHPpCP7rLURyf/kua2xY9MqPXV/f/4jEaJwiBTV
FsAebAQEGTvbbIsB/WhFXrkivGV/NIgF4hnYb/QOhtfqAps8etS5jjEWlOHX4D6o
1JCVwO9V1XAT84H6t7r+Tfyhe3pc/68jw6azH+14J7zl+6pPaIAjuwZ4mMs1EszZ
jUglS4PtauvUB66zMCeNBX5DhHwugX3vrlayuJaoJOFBUjRp0MjxsBAwaQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGQyxhzaJMOUQTNarnmD1+hiwQanMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWkRMR0hOb2t3NVJCTTFxdWVZUFg2R0xCQnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLVl8AwQA
LVv6MAwDBAC5dQEDBAC5dQIDBADMCwEwDQYJKoZIhvcNAQELBQADggEBAHh3oVaj
VniNy3ff4QHB5tBCrJNKD5MrLxFn7KchVMROLr1qhhkyvok0P2JunRrGVnD9nI/F
R5GmU6u2Z3Uxm0YL9g/YSrIqqryjz0MWB70x66Wr4LoTAmtg24cuLnw0krBxjYDQ
jCChvLKibEcvR1lrwNQ3wFMEF/XW0j/yzNQ5znCbPguXt3i7H/cbOvNYvJcurvy/
dl+a06pfNeIqUDVqGhxAcOe1hiHkiNEYNDbYcNan6oOSl2Z6rfS5egp1p/8BGl6x
QjkhPoRCDJSjX0X2kk+8cyxx9fT419YRB/NkXlkdhMaznbCi1Ov1RzNvtlHWyMKD
wSTnWA6BtR6V5rs=
-----END CERTIFICATE-----
Generated at Thu Jul 4 17:49:27 2024 by rpki-client on console-fra.rpki-client.org