Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/zn707wsiycWEcRQzVgcd48S5IrI.roa
File: zn707wsiycWEcRQzVgcd48S5IrI.roa (raw, json)
Hash identifier: R8cQQTVcG1UJosVmPpDmXAAbdMQrvphkM5BJ7V5LM7Y=
Subject key identifier: CE:7E:F4:EF:0B:22:C9:C5:84:71:14:33:56:07:1D:E3:C4:B9:22:B2
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 0191362C64C68074DA8833683EDC1EBF4FE1
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/zn707wsiycWEcRQzVgcd48S5IrI.roa
Signing time: Fri 09 Aug 2024 08:06:04 +0000
ROA not before: Fri 09 Aug 2024 08:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216154
IP address blocks: 45.10.172.0/23 maxlen: 23
45.10.172.0/24 maxlen: 24
45.10.173.0/24 maxlen: 24
84.252.102.0/23 maxlen: 23
89.150.34.0/23 maxlen: 23
89.150.41.0/24 maxlen: 24
89.150.59.0/24 maxlen: 24
2a0c:db40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 Aug 2024 08:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:2c:64:c6:80:74:da:88:33:68:3e:dc:1e:bf:4f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Aug 9 08:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce7ef4ef0b22c9c58471143356071de3c4b922b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d8:8a:a0:97:09:90:7c:e1:30:36:43:ce:15:
0e:c6:c0:c8:f3:7a:14:6d:68:4f:18:cc:4f:ae:88:
41:e5:27:4c:5d:c6:36:45:18:39:0b:db:ba:cb:79:
f9:c1:30:bd:24:43:69:d4:1e:1f:99:bb:a5:ea:51:
5a:df:b5:cf:8e:d2:72:2d:54:c3:4e:13:e0:ae:1b:
ec:cd:03:bb:02:47:97:e9:11:0e:9e:19:13:65:5c:
79:79:60:f0:82:9e:1d:4e:0a:f4:25:0b:8f:db:d7:
80:16:95:bd:80:57:8a:6d:4b:07:69:57:d5:28:f6:
c2:de:6e:5e:27:99:59:d6:d4:cf:8f:df:27:5e:ae:
d7:bc:a8:f6:0e:fd:f3:39:cb:0e:63:fa:3d:c9:f3:
5a:26:6a:08:fb:4b:66:54:7e:67:35:95:3b:3f:31:
d6:e9:57:96:c6:f3:61:fe:f4:42:b8:cb:18:81:0a:
93:5b:11:aa:50:a7:f9:b9:47:39:d6:3b:af:c7:49:
a1:d0:be:49:3a:d8:b2:4f:c3:68:60:f2:45:43:c1:
5a:55:c6:b3:df:04:06:49:c1:d1:9b:60:7b:5b:dd:
00:2c:b5:5f:c5:fa:c5:e6:f3:1a:cf:2d:6a:0d:d3:
df:6d:8f:b3:e4:10:25:33:c0:02:38:99:c6:01:a1:
29:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:7E:F4:EF:0B:22:C9:C5:84:71:14:33:56:07:1D:E3:C4:B9:22:B2
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/zn707wsiycWEcRQzVgcd48S5IrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.172.0/23
84.252.102.0/23
89.150.34.0/23
89.150.41.0/24
89.150.59.0/24
IPv6:
2a0c:db40::/48
Signature Algorithm: sha256WithRSAEncryption
c4:14:1d:8a:60:78:e2:ba:bf:4c:c2:72:01:f0:5c:2f:fe:2a:
3f:c9:1e:a3:39:17:7f:4d:50:dc:2a:21:5a:f0:85:34:8b:1d:
ae:07:d0:88:2c:87:0a:48:13:d2:27:65:2a:13:e9:db:90:de:
c0:21:a1:7f:fc:93:13:08:05:0b:3d:e1:2d:af:c3:0f:ea:57:
c4:bf:75:f4:7f:00:81:b0:b4:28:2c:62:84:72:bd:af:1d:7f:
8c:4a:bf:0a:a0:2d:ab:31:27:36:50:9e:49:bc:f4:31:d9:a3:
06:49:ff:7d:89:e8:44:88:14:75:8e:12:32:7a:72:15:79:11:
5c:59:df:7d:58:59:ae:2f:66:97:04:e8:77:14:8e:59:3a:8e:
d4:3e:ed:86:74:bb:7e:01:37:21:86:39:dd:63:1a:59:55:d6:
e7:0a:ae:46:d7:f6:25:d2:5a:c0:d1:6a:e5:6d:17:46:a9:39:
ab:73:e2:1e:80:a8:87:00:21:93:9b:b3:c7:71:52:d4:f2:93:
e6:ac:56:a4:f3:c3:cc:33:b9:db:3e:39:35:dd:92:52:c8:dd:
a1:14:6b:46:46:86:bf:ad:13:c1:2b:b7:28:f8:cb:0a:bf:7f:
fd:dd:8d:9c:9a:5a:87:97:84:bf:ef:98:e1:5c:79:d1:60:98:
9c:98:7f:b3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZE2LGTGgHTaiDNoPtwev0/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjQwODA5MDgwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTdlZjRlZjBiMjJjOWM1ODQ3MTE0MzM1NjA3MWRlM2M0YjkyMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNiKoJcJkHzhMDZDzhUOxsDI83oU
bWhPGMxProhB5SdMXcY2RRg5C9u6y3n5wTC9JENp1B4fmbul6lFa37XPjtJyLVTD
ThPgrhvszQO7AkeX6REOnhkTZVx5eWDwgp4dTgr0JQuP29eAFpW9gFeKbUsHaVfV
KPbC3m5eJ5lZ1tTPj98nXq7XvKj2Dv3zOcsOY/o9yfNaJmoI+0tmVH5nNZU7PzHW
6VeWxvNh/vRCuMsYgQqTWxGqUKf5uUc51juvx0mh0L5JOtiyT8NoYPJFQ8FaVcaz
3wQGScHRm2B7W90ALLVfxfrF5vMazy1qDdPfbY+z5BAlM8ACOJnGAaEpZQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFM5+9O8LIsnFhHEUM1YHHePEuSKyMB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvem43MDd3c2l5Y1dFY1JRelZnY2Q0OFM1SXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBLQqsAwQB
VPxmAwQBWZYiAwQAWZYpAwQAWZY7MA8EAgACMAkDBwAqDNtAAAAwDQYJKoZIhvcN
AQELBQADggEBAMQUHYpgeOK6v0zCcgHwXC/+Kj/JHqM5F39NUNwqIVrwhTSLHa4H
0IgshwpIE9InZSoT6duQ3sAhoX/8kxMIBQs94S2vww/qV8S/dfR/AIGwtCgsYoRy
va8df4xKvwqgLasxJzZQnkm89DHZowZJ/32J6ESIFHWOEjJ6chV5EVxZ331YWa4v
ZpcE6HcUjlk6jtQ+7YZ0u34BNyGGOd1jGllV1ucKrkbX9iXSWsDRauVtF0apOatz
4h6AqIcAIZObs8dxUtTyk+asVqTzw8wzuds+OTXdklLI3aEUa0ZGhr+tE8Ertyj4
ywq/f/3djZyaWoeXhL/vmOFcedFgmJyYf7M=
-----END CERTIFICATE-----
Generated at Mon Aug 12 10:21:00 2024 by rpki-client on console-fra.rpki-client.org