Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/z4w5mf6q5Zlfwf4cH5oQ3h_FyS0.roa
File: z4w5mf6q5Zlfwf4cH5oQ3h_FyS0.roa (raw, json)
Hash identifier: nWJNWdTuLez1Jo9MbdsuabQcFJX06I3zW3TFoa56/zs=
Subject key identifier: CF:8C:39:99:FE:AA:E5:99:5F:C1:FE:1C:1F:9A:10:DE:1F:C5:C9:2D
Certificate issuer: /CN=798d7013a7fdbb5663fd384a4fed12303145e3ce
Certificate serial: 0187B8A19CA224E6FAD0E017E55DC57AB6D1
Authority key identifier: 79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/z4w5mf6q5Zlfwf4cH5oQ3h_FyS0.roa
Signing time: Tue 25 Apr 2023 13:36:51 +0000
ROA not before: Tue 25 Apr 2023 13:36:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59717
IP address blocks: 45.80.124.0/22 maxlen: 22
91.239.72.0/24 maxlen: 24
2a0e:4280::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:a1:9c:a2:24:e6:fa:d0:e0:17:e5:5d:c5:7a:b6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798d7013a7fdbb5663fd384a4fed12303145e3ce
Validity
Not Before: Apr 25 13:36:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf8c3999feaae5995fc1fe1c1f9a10de1fc5c92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:22:0c:ce:ef:88:4c:3a:1e:a6:2c:a6:7f:
fd:aa:51:e3:af:9d:a2:27:d5:85:30:32:a2:a3:e7:
0b:fe:a7:ec:6d:88:50:ac:12:fe:a0:35:dc:c3:43:
79:25:5c:94:e2:9f:c7:d3:85:97:57:71:30:88:89:
0d:8f:33:fc:bb:f9:3d:2a:a0:43:9e:97:75:0b:8c:
2a:68:aa:b0:8b:4a:ff:5e:44:8a:d7:d7:2d:61:fd:
4f:ed:d4:cb:8f:d7:e0:3b:cf:78:08:96:80:57:8e:
f5:19:cd:fc:e1:7d:05:e6:7c:76:07:99:52:a2:8e:
7c:de:8a:a8:63:3f:a1:61:e4:43:03:a6:36:ed:a5:
4c:36:5f:c4:51:3c:c8:96:a6:90:98:d5:43:a2:41:
f0:8a:ad:59:1e:49:62:ac:a3:d8:ce:9c:16:df:8c:
42:fd:bf:3f:8a:76:9d:e5:4c:bb:9b:47:0b:d9:12:
9e:76:13:f2:65:3a:0b:c5:db:a3:28:11:dc:28:31:
bf:30:bf:35:14:c2:e9:00:de:88:16:95:a5:53:5a:
b8:4d:f4:20:d8:7d:b3:de:23:7a:d9:22:c8:a2:d2:
be:de:dc:b2:31:f1:7a:5c:a8:cc:a9:c2:77:b4:c5:
b0:cb:ad:61:3d:60:97:9f:e1:d1:4e:64:28:56:e9:
53:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8C:39:99:FE:AA:E5:99:5F:C1:FE:1C:1F:9A:10:DE:1F:C5:C9:2D
X509v3 Authority Key Identifier:
keyid:79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/z4w5mf6q5Zlfwf4cH5oQ3h_FyS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/eY1wE6f9u1Zj_ThKT-0SMDFF484.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.124.0/22
91.239.72.0/24
IPv6:
2a0e:4280::/29
Signature Algorithm: sha256WithRSAEncryption
b9:26:b4:d6:5f:2b:60:6a:14:f9:0f:5f:a4:6b:9a:8b:1a:52:
d0:3b:17:50:9b:b1:56:ac:d9:d8:52:7e:39:bd:56:da:d3:3b:
8c:81:b2:3b:c8:a9:4f:8e:7c:4d:e6:43:d1:32:8b:90:82:1e:
ee:2f:6b:5c:d6:f1:26:fa:e9:4c:b5:bc:84:e5:da:9d:1c:89:
61:23:27:86:4a:8f:a4:95:da:29:43:53:4d:09:d8:a6:47:2e:
83:45:b5:c2:e1:cc:7a:a8:82:fe:82:0b:d9:c1:56:38:13:07:
02:59:de:b9:ca:e8:4b:4d:ff:b3:98:cf:5c:b0:24:c8:16:34:
a6:6b:6d:3c:aa:ba:97:1c:58:c2:6e:ce:4b:67:f0:18:c1:e5:
96:b4:08:47:cc:22:d6:43:f2:58:a8:d1:e1:ab:82:06:75:a1:
58:dc:33:5e:17:7b:7d:6c:65:e4:8d:dc:59:61:ba:1d:3f:ef:
d2:5e:92:e4:b2:c0:72:46:85:9b:63:cc:04:bd:62:1f:9e:cb:
cb:25:f5:39:3a:a8:d8:71:31:ba:a2:7c:2e:fa:e2:64:5f:42:
28:3c:8f:a0:2f:3d:87:81:c3:c1:27:84:c4:73:e0:d9:73:7e:
d9:cd:85:02:f6:11:6f:5a:ec:12:02:e8:22:b0:0a:7e:17:1f:
93:f9:0e:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYe4oZyiJOb60OAX5V3FerbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGQ3MDEzYTdmZGJiNTY2M2ZkMzg0YTRmZWQxMjMwMzE0
NWUzY2UwHhcNMjMwNDI1MTMzNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjhjMzk5OWZlYWFlNTk5NWZjMWZlMWMxZjlhMTBkZTFmYzVjOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiUiDM7viEw6HqYspn/9qlHjr52i
J9WFMDKio+cL/qfsbYhQrBL+oDXcw0N5JVyU4p/H04WXV3EwiIkNjzP8u/k9KqBD
npd1C4wqaKqwi0r/XkSK19ctYf1P7dTLj9fgO894CJaAV471Gc384X0F5nx2B5lS
oo583oqoYz+hYeRDA6Y27aVMNl/EUTzIlqaQmNVDokHwiq1ZHklirKPYzpwW34xC
/b8/inad5Uy7m0cL2RKedhPyZToLxdujKBHcKDG/ML81FMLpAN6IFpWlU1q4TfQg
2H2z3iN62SLIotK+3tyyMfF6XKjMqcJ3tMWwy61hPWCXn+HRTmQoVulTvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM+MOZn+quWZX8H+HB+aEN4fxcktMB8GA1UdIwQY
MBaAFHmNcBOn/btWY/04Sk/tEjAxRePOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVkxd0U2Zjl1MVpqX1RoS1QtMFNNREZGNDg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82N2E0Y2UtYjhiYS00NTYyLTlhMzct
MjRkODE4YmE3ZjI5LzEvejR3NW1mNnE1Wmxmd2Y0Y0g1b1EzaF9GeVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82N2E0Y2UtYjhiYS00NTYyLTlhMzctMjRkODE4YmE3ZjI5
LzEvZVkxd0U2Zjl1MVpqX1RoS1QtMFNNREZGNDg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVB8AwQA
W+9IMA0EAgACMAcDBQMqDkKAMA0GCSqGSIb3DQEBCwUAA4IBAQC5JrTWXytgahT5
D1+ka5qLGlLQOxdQm7FWrNnYUn45vVba0zuMgbI7yKlPjnxN5kPRMouQgh7uL2tc
1vEm+ulMtbyE5dqdHIlhIyeGSo+kldopQ1NNCdimRy6DRbXC4cx6qIL+ggvZwVY4
EwcCWd65yuhLTf+zmM9csCTIFjSma208qrqXHFjCbs5LZ/AYweWWtAhHzCLWQ/JY
qNHhq4IGdaFY3DNeF3t9bGXkjdxZYbodP+/SXpLkssByRoWbY8wEvWIfnsvLJfU5
OqjYcTG6onwu+uJkX0IoPI+gLz2HgcPBJ4TEc+DZc37ZzYUC9hFvWuwSAugisAp+
Fx+T+Q6x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:51 2024 by rpki-client on console-ams.rpki-client.org