Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/ZwSeBQ2tXYDmOqW8V32VwrT1Ao8.roa
File: ZwSeBQ2tXYDmOqW8V32VwrT1Ao8.roa (raw, json)
Hash identifier: LCa2TdcPowYt2GZ2WKMCDJ7M+FWCyUnqKDWuhSEDIxU=
Subject key identifier: 67:04:9E:05:0D:AD:5D:80:E6:3A:A5:BC:57:7D:95:C2:B4:F5:02:8F
Certificate issuer: /CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Certificate serial: 018CC801C362702C15270754117E16B36090
Authority key identifier: BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/ZwSeBQ2tXYDmOqW8V32VwrT1Ao8.roa
Signing time: Tue 02 Jan 2024 02:30:07 +0000
ROA not before: Tue 02 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57461
IP address blocks: 91.232.73.0/24 maxlen: 24
91.232.72.0/22 maxlen: 22
91.232.72.0/24 maxlen: 24
91.232.75.0/24 maxlen: 24
91.232.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 11:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c3:62:70:2c:15:27:07:54:11:7e:16:b3:60:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Validity
Not Before: Jan 2 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67049e050dad5d80e63aa5bc577d95c2b4f5028f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:89:b6:26:0c:64:1f:ef:6b:bd:1b:16:0c:d7:
1e:d0:c5:6e:3e:61:17:aa:de:13:fd:f2:70:a4:4d:
4f:09:50:63:c8:1a:35:d7:11:59:80:31:f8:b3:f0:
66:05:e2:1e:cc:7a:04:cf:fe:e1:66:99:19:12:a9:
21:1f:f7:6d:1a:85:ca:d0:e7:80:3f:b2:2e:51:6e:
e9:98:30:98:68:d9:8a:8d:d1:88:5a:b0:d8:62:19:
94:15:2d:80:16:3b:c1:d3:a1:2f:04:ce:56:e4:d9:
b7:9a:6e:2e:e6:8a:15:61:5e:c0:15:33:17:86:33:
10:e0:78:9a:b0:d2:41:e6:4b:32:71:87:6c:e3:1f:
3f:ca:5f:bf:e5:ba:58:99:9b:fe:49:33:cb:11:0f:
c4:18:9c:e9:86:b4:97:6a:24:54:08:fb:e5:05:54:
8e:34:fc:81:35:c6:d0:88:e9:24:33:f6:93:cc:f7:
1c:20:78:4c:b2:23:97:18:23:d5:3e:53:91:83:f0:
67:86:f8:76:ba:d1:13:fe:16:a2:cc:67:d0:e3:b5:
d2:c7:f3:e5:c5:f0:24:f2:d4:c1:47:e4:fc:14:f2:
f9:8d:22:5c:fa:3d:7a:e1:83:b0:38:18:29:d7:5a:
60:3f:54:ed:02:e5:c0:7f:85:8d:90:21:bd:b0:38:
7a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:04:9E:05:0D:AD:5D:80:E6:3A:A5:BC:57:7D:95:C2:B4:F5:02:8F
X509v3 Authority Key Identifier:
keyid:BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/ZwSeBQ2tXYDmOqW8V32VwrT1Ao8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/u5tW2NluvLX8-H3i7CtSwZTM-fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.72.0/22
Signature Algorithm: sha256WithRSAEncryption
d9:08:66:17:60:64:39:3d:70:e5:61:94:70:df:52:fc:d8:fa:
21:08:31:30:11:1c:98:3e:8e:19:74:2a:3a:b6:f8:0f:0b:9f:
84:4f:c3:18:4f:52:19:76:29:cf:6e:1f:87:b4:fa:e7:ea:31:
ee:b0:e4:12:b0:02:32:1e:a2:54:38:2a:5b:2f:87:74:5e:5e:
55:d9:50:86:1a:6d:5a:91:50:6a:3c:81:a3:62:82:66:93:50:
2e:ab:6a:7c:65:8a:18:63:99:b3:ea:7c:11:3f:80:5a:1e:5a:
f6:61:69:d7:ff:7c:88:7f:0f:d4:1b:05:c6:e3:1c:d4:df:58:
1e:46:0c:07:f9:b5:c5:6a:e2:8a:c5:95:d3:13:ab:11:54:95:
d3:8f:14:42:d1:01:ce:40:60:17:16:9c:32:13:f8:45:77:27:
94:66:4f:b8:5c:64:32:b2:42:4d:30:c5:99:2e:4d:b9:48:0c:
d0:52:4b:68:79:30:08:e5:af:58:75:0f:d3:aa:48:ea:67:f0:
4c:e9:47:a3:4c:d3:23:2f:34:36:4d:d8:33:57:11:0d:d6:ba:
f2:b0:74:45:ce:8d:36:dc:d2:8b:cb:fe:9e:bb:e3:29:69:d6:
3a:35:76:4f:81:c9:bb:94:5a:be:94:2e:91:c2:7c:75:ad:ce:
62:34:34:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAcNicCwVJwdUEX4Ws2CQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOWI1NmQ4ZDk2ZWJjYjVmY2Y4N2RlMmVjMmI1MmMxOTRj
Y2Y5ZjkwHhcNMjQwMTAyMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA0OWUwNTBkYWQ1ZDgwZTYzYWE1YmM1NzdkOTVjMmI0ZjUwMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyom2JgxkH+9rvRsWDNce0MVuPmEX
qt4T/fJwpE1PCVBjyBo11xFZgDH4s/BmBeIezHoEz/7hZpkZEqkhH/dtGoXK0OeA
P7IuUW7pmDCYaNmKjdGIWrDYYhmUFS2AFjvB06EvBM5W5Nm3mm4u5ooVYV7AFTMX
hjMQ4HiasNJB5ksycYds4x8/yl+/5bpYmZv+STPLEQ/EGJzphrSXaiRUCPvlBVSO
NPyBNcbQiOkkM/aTzPccIHhMsiOXGCPVPlORg/Bnhvh2utET/haizGfQ47XSx/Pl
xfAk8tTBR+T8FPL5jSJc+j164YOwOBgp11pgP1TtAuXAf4WNkCG9sDh6/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcEngUNrV2A5jqlvFd9lcK09QKPMB8GA1UdIwQY
MBaAFLubVtjZbry1/Ph94uwrUsGUzPn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTV0VzJObHV2TFg4LUgzaTdDdFN3WlRNLWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZjM5NDItMTdmNy00OTNjLWJjNmIt
NGY0ZmU4MDNiMDE1LzEvWndTZUJRMnRYWURtT3FXOFYzMlZ3clQxQW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZjM5NDItMTdmNy00OTNjLWJjNmItNGY0ZmU4MDNiMDE1
LzEvdTV0VzJObHV2TFg4LUgzaTdDdFN3WlRNLWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+hIMA0G
CSqGSIb3DQEBCwUAA4IBAQDZCGYXYGQ5PXDlYZRw31L82PohCDEwERyYPo4ZdCo6
tvgPC5+ET8MYT1IZdinPbh+HtPrn6jHusOQSsAIyHqJUOCpbL4d0Xl5V2VCGGm1a
kVBqPIGjYoJmk1Auq2p8ZYoYY5mz6nwRP4BaHlr2YWnX/3yIfw/UGwXG4xzU31ge
RgwH+bXFauKKxZXTE6sRVJXTjxRC0QHOQGAXFpwyE/hFdyeUZk+4XGQyskJNMMWZ
Lk25SAzQUktoeTAI5a9YdQ/TqkjqZ/BM6UejTNMjLzQ2TdgzVxEN1rrysHRFzo02
3NKLy/6eu+MpadY6NXZPgcm7lFq+lC6Rwnx1rc5iNDTs
-----END CERTIFICATE-----
Generated at Mon Jul 29 13:52:11 2024 by rpki-client on console-fra.rpki-client.org