Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ZKTWobmH5P2n0yWOBXtjr6JJO2s.roa
File: ZKTWobmH5P2n0yWOBXtjr6JJO2s.roa (raw, json)
Hash identifier: lX5lfj02Rx35Xd30WUBkukQjPWPIXzY5MMxwIvWfViE=
Subject key identifier: 64:A4:D6:A1:B9:87:E4:FD:A7:D3:25:8E:05:7B:63:AF:A2:49:3B:6B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018E7C61558157E8D303B28838A2A246BE1A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ZKTWobmH5P2n0yWOBXtjr6JJO2s.roa
Signing time: Tue 26 Mar 2024 20:08:57 +0000
ROA not before: Tue 26 Mar 2024 20:08:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 265770
IP address blocks: 45.15.244.0/22 maxlen: 22
45.91.84.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.32.126.0/24 maxlen: 24
89.40.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 17:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:61:55:81:57:e8:d3:03:b2:88:38:a2:a2:46:be:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 26 20:08:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64a4d6a1b987e4fda7d3258e057b63afa2493b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c0:c4:0a:d1:27:fa:14:95:dd:e8:97:25:b8:
d4:fd:58:58:19:f0:ef:e7:02:20:19:6c:50:84:ee:
ca:a8:f4:b8:bd:39:2a:6b:a9:a2:59:f3:dd:4d:6b:
ea:1e:00:81:9a:20:ea:93:fb:b6:fe:ec:15:7d:86:
0f:4f:53:ab:7a:19:6b:33:d7:3b:da:c9:67:6c:6d:
21:97:03:2e:12:55:e4:dd:d9:f0:17:eb:a4:4e:ff:
bf:8d:5d:72:63:82:a5:ba:cd:6c:4c:94:02:3c:70:
dd:58:b1:42:31:0a:8d:3c:e6:ba:c7:cc:9b:8c:70:
33:ea:17:ec:49:93:98:8e:90:56:0d:d7:65:3e:0a:
a5:e4:33:32:26:16:22:46:7e:40:a9:3a:da:ba:f8:
0b:57:fc:81:a5:c1:3d:b6:bb:1a:37:f4:8c:75:03:
59:ee:e3:e5:8e:4b:c8:19:5d:49:f5:93:a6:a2:78:
54:64:9b:94:cb:00:73:c4:e8:a4:57:a9:13:31:b9:
7b:2a:5e:d6:1d:81:21:4b:9b:c3:08:43:b3:41:84:
a6:e2:62:f2:47:df:bf:50:4a:b3:fc:81:50:e0:35:
c3:68:15:6d:e6:a8:bf:54:9d:42:8e:03:8e:06:58:
5e:5d:65:c7:66:25:e4:f4:9c:4b:ff:2d:e2:15:c0:
01:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A4:D6:A1:B9:87:E4:FD:A7:D3:25:8E:05:7B:63:AF:A2:49:3B:6B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ZKTWobmH5P2n0yWOBXtjr6JJO2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.244.0/22
45.91.84.0/22
45.128.20.0/22
45.151.196.0/22
89.32.126.0/24
89.40.35.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:11:04:6b:7f:d9:06:cf:0d:39:5b:ca:f4:1d:bf:4e:84:f3:
bf:48:74:3a:c7:bf:99:4d:79:b0:ef:30:44:d1:63:2e:a7:d9:
81:ec:32:c8:ae:27:6e:cb:3a:1e:aa:07:e3:a3:28:d5:48:e1:
2e:69:bb:40:4b:b6:93:fe:a6:e6:4f:7f:7c:33:87:5d:2f:a6:
ad:e8:5a:f0:4f:79:ab:98:3e:5d:b9:45:f1:72:6b:81:cb:49:
c0:d3:16:9e:69:85:18:a2:27:71:4a:44:ba:60:ed:d5:ba:14:
5a:10:40:98:ec:df:4f:7a:ea:2e:5f:02:db:a8:bf:51:bd:f6:
4d:97:6a:88:46:dc:9b:97:3a:63:d6:0f:09:ad:41:c9:69:c7:
cb:c8:0a:69:1b:b8:e6:b7:be:9f:57:ed:7a:bd:1b:02:20:36:
80:03:5b:ca:63:39:35:21:85:d9:69:6d:db:aa:20:f2:f0:3b:
d1:45:d2:25:4e:c9:9b:08:b0:44:ab:b3:e2:1e:84:ca:60:8d:
cd:1a:45:9d:53:e3:03:16:3b:ce:17:3f:3d:d2:24:dc:83:83:
53:8f:d4:e7:70:df:2b:4a:6f:39:56:08:09:b8:fa:8a:22:04:
52:e4:70:bf:c8:90:7f:0f:ba:2a:fe:fe:ca:b5:68:52:c1:07:
5a:81:ce:52
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY58YVWBV+jTA7KIOKKiRr4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMzI2MjAwODU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGE0ZDZhMWI5ODdlNGZkYTdkMzI1OGUwNTdiNjNhZmEyNDkzYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsDECtEn+hSV3eiXJbjU/VhYGfDv
5wIgGWxQhO7KqPS4vTkqa6miWfPdTWvqHgCBmiDqk/u2/uwVfYYPT1OrehlrM9c7
2slnbG0hlwMuElXk3dnwF+ukTv+/jV1yY4Klus1sTJQCPHDdWLFCMQqNPOa6x8yb
jHAz6hfsSZOYjpBWDddlPgql5DMyJhYiRn5AqTrauvgLV/yBpcE9trsaN/SMdQNZ
7uPljkvIGV1J9ZOmonhUZJuUywBzxOikV6kTMbl7Kl7WHYEhS5vDCEOzQYSm4mLy
R9+/UEqz/IFQ4DXDaBVt5qi/VJ1CjgOOBlheXWXHZiXk9JxL/y3iFcAB0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGSk1qG5h+T9p9MljgV7Y6+iSTtrMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWktUV29ibUg1UDJuMHlXT0JYdGpyNkpKTzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQ/0AwQC
LVtUAwQCLYAUAwQCLZfEAwQAWSB+AwQAWSgjMA0GCSqGSIb3DQEBCwUAA4IBAQB6
EQRrf9kGzw05W8r0Hb9OhPO/SHQ6x7+ZTXmw7zBE0WMup9mB7DLIriduyzoeqgfj
oyjVSOEuabtAS7aT/qbmT398M4ddL6at6FrwT3mrmD5duUXxcmuBy0nA0xaeaYUY
oidxSkS6YO3VuhRaEECY7N9PeuouXwLbqL9RvfZNl2qIRtyblzpj1g8JrUHJacfL
yAppG7jmt76fV+16vRsCIDaAA1vKYzk1IYXZaW3bqiDy8DvRRdIlTsmbCLBEq7Pi
HoTKYI3NGkWdU+MDFjvOFz890iTcg4NTj9TncN8rSm85VggJuPqKIgRS5HC/yJB/
D7oq/v7KtWhSwQdagc5S
-----END CERTIFICATE-----
Generated at Wed Apr 3 22:21:54 2024 by rpki-client on console-ams.rpki-client.org