Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zhty2lhXOlnYaTCA5oCtMAD2DoE.roa
File: zhty2lhXOlnYaTCA5oCtMAD2DoE.roa (raw, json)
Hash identifier: WfnN59rfhUxQyG52Fip7zLJHs785u68Tx3Io+863YW0=
Subject key identifier: CE:1B:72:DA:58:57:3A:59:D8:69:30:80:E6:80:AD:30:00:F6:0E:81
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01876145E1DE919ECA08CBAD6264B29E2DB7
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zhty2lhXOlnYaTCA5oCtMAD2DoE.roa
Signing time: Sat 08 Apr 2023 14:29:42 +0000
ROA not before: Sat 08 Apr 2023 14:29:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 194.146.93.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 16:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:61:45:e1:de:91:9e:ca:08:cb:ad:62:64:b2:9e:2d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 8 14:29:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce1b72da58573a59d8693080e680ad3000f60e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:13:5f:ce:5b:a5:32:17:70:d7:8b:b6:98:
aa:0b:cf:f0:ce:85:67:a0:83:72:76:c2:3d:16:62:
a0:3c:dc:8e:85:d2:1c:7c:d5:54:49:af:87:2f:24:
a2:77:ff:51:f4:91:8b:df:6c:a6:d4:de:23:b8:65:
92:75:0b:3d:e5:30:8d:60:02:fd:92:b4:0b:63:6a:
7d:ac:95:83:b2:57:fc:12:4c:ec:84:de:c7:a9:ef:
49:d6:90:73:fc:59:76:c9:7f:ac:87:85:12:9e:6e:
0c:b4:1f:22:c6:ac:21:c6:c7:21:35:f4:e5:82:71:
69:b6:97:7d:b2:47:81:1b:b6:6c:eb:23:77:7d:af:
34:54:c9:18:a1:a6:e9:e5:6c:40:92:dd:87:ca:41:
5e:9b:4a:95:90:1f:43:6f:e3:f9:bf:4c:f7:f5:ef:
67:ea:99:07:49:ac:6a:0e:69:a7:a5:a8:76:1e:db:
eb:1e:c6:a6:4c:cb:21:02:11:52:8a:8b:8d:16:7c:
b5:7a:11:e0:79:3f:7a:2d:62:e2:54:cd:1c:ea:c3:
f4:ff:16:ba:9f:ef:4f:ef:97:f7:3d:b7:5d:9a:a7:
9e:e5:d1:ed:27:a0:bf:62:5b:84:b4:3e:e2:97:bd:
1d:b8:c6:0a:55:e3:15:6d:27:ed:29:0c:45:32:11:
25:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:1B:72:DA:58:57:3A:59:D8:69:30:80:E6:80:AD:30:00:F6:0E:81
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zhty2lhXOlnYaTCA5oCtMAD2DoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.210.0/24
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
26:e2:2d:44:1a:d5:a4:4d:58:72:6a:6f:74:87:9f:b4:f1:1a:
d7:35:a5:61:bd:65:df:f6:4c:61:30:43:9d:43:8c:16:78:ef:
09:f8:6d:f6:ed:2d:c2:11:94:f5:f1:23:cb:40:4a:4d:6d:a8:
53:17:ff:37:c1:10:10:7f:d1:04:02:8a:0e:6f:0c:97:dd:cb:
df:ca:0a:e6:6a:75:f3:f6:3b:05:06:20:bc:f4:41:a0:23:fb:
38:ff:d6:b9:da:5d:f3:ec:ca:81:ba:5c:8c:9c:ab:d0:5c:07:
1e:3f:16:76:39:7f:d1:cd:24:41:21:8f:ce:36:ff:47:dd:5b:
7d:fc:06:6f:1f:cb:f8:2d:25:e1:2d:95:31:5a:12:0b:75:2c:
9c:43:a4:fa:e1:cd:02:5d:07:3e:ee:78:05:dd:93:4b:a3:be:
c4:01:e3:8c:dc:c4:4d:2b:d1:43:a2:c8:d0:85:0e:3d:4d:ed:
20:20:f4:4d:05:a4:fe:ec:d6:b4:ea:7a:ac:e7:7b:39:f0:87:
54:2a:70:fb:30:47:4c:93:1e:bf:1d:dc:bd:1a:44:33:b2:ba:
87:72:7f:11:71:ef:94:0e:ef:2c:8a:ce:e1:d2:41:37:cd:e2:
02:0d:d4:ac:a5:fc:09:c2:5d:67:32:4b:03:1b:f3:ee:a9:93:
93:24:7e:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdhReHekZ7KCMutYmSyni23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDA4MTQyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTFiNzJkYTU4NTczYTU5ZDg2OTMwODBlNjgwYWQzMDAwZjYwZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKgTX85bpTIXcNeLtpiqC8/wzoVn
oINydsI9FmKgPNyOhdIcfNVUSa+HLySid/9R9JGL32ym1N4juGWSdQs95TCNYAL9
krQLY2p9rJWDslf8EkzshN7Hqe9J1pBz/Fl2yX+sh4USnm4MtB8ixqwhxschNfTl
gnFptpd9skeBG7Zs6yN3fa80VMkYoabp5WxAkt2HykFem0qVkB9Db+P5v0z39e9n
6pkHSaxqDmmnpah2HtvrHsamTMshAhFSiouNFny1ehHgeT96LWLiVM0c6sP0/xa6
n+9P75f3Pbddmqee5dHtJ6C/YluEtD7il70duMYKVeMVbSftKQxFMhEl4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM4bctpYVzpZ2GkwgOaArTAA9g6BMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvemh0eTJsaFhPbG5ZYVRDQTVvQ3RNQUQyRG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ3SAwQA
wpJdMA0GCSqGSIb3DQEBCwUAA4IBAQAm4i1EGtWkTVhyam90h5+08RrXNaVhvWXf
9kxhMEOdQ4wWeO8J+G327S3CEZT18SPLQEpNbahTF/83wRAQf9EEAooObwyX3cvf
ygrmanXz9jsFBiC89EGgI/s4/9a52l3z7MqBulyMnKvQXAcePxZ2OX/RzSRBIY/O
Nv9H3Vt9/AZvH8v4LSXhLZUxWhILdSycQ6T64c0CXQc+7ngF3ZNLo77EAeOM3MRN
K9FDosjQhQ49Te0gIPRNBaT+7Na06nqs53s58IdUKnD7MEdMkx6/Hdy9GkQzsrqH
cn8Rce+UDu8sis7h0kE3zeICDdSspfwJwl1nMksDG/PuqZOTJH7C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org