Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/zbY0KyS5QbqMt0jIYz9r2fKwq1Q.roa
File: zbY0KyS5QbqMt0jIYz9r2fKwq1Q.roa (raw, json)
Hash identifier: XQpgnE7ZuwjHVNPgHnFX5iHGr8s+BgWBVHmFfk+Wpf4=
Subject key identifier: CD:B6:34:2B:24:B9:41:BA:8C:B7:48:C8:63:3F:6B:D9:F2:B0:AB:54
Certificate issuer: /CN=ad3cc1a7870b610c355c6ec299b166edaba3df04
Certificate serial: 018B0419875A542C9367EAFB3C9260C4DA75
Authority key identifier: AD:3C:C1:A7:87:0B:61:0C:35:5C:6E:C2:99:B1:66:ED:AB:A3:DF:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTzBp4cLYQw1XG7CmbFm7auj3wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/zbY0KyS5QbqMt0jIYz9r2fKwq1Q.roa
Signing time: Fri 06 Oct 2023 08:27:43 +0000
ROA not before: Fri 06 Oct 2023 08:27:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44001
IP address blocks: 91.229.36.0/24 maxlen: 24
2001:67c:2cc4::/48 maxlen: 48
2001:67c:cf4::/48 maxlen: 48
2001:67c:2f38::/48 maxlen: 48
2001:67c:cf8::/48 maxlen: 48
2001:67c:cf0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:19:87:5a:54:2c:93:67:ea:fb:3c:92:60:c4:da:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad3cc1a7870b610c355c6ec299b166edaba3df04
Validity
Not Before: Oct 6 08:27:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdb6342b24b941ba8cb748c8633f6bd9f2b0ab54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:00:72:7c:43:1f:19:d8:19:b5:b7:b4:c9:0e:
97:a1:09:47:23:4c:75:36:2e:4b:1a:36:16:98:cd:
b9:04:46:57:8d:d2:84:80:76:5c:09:96:9e:61:39:
d8:b5:91:21:af:33:13:93:68:a3:f3:fd:ca:e9:0d:
41:25:66:8b:8e:01:22:7e:0d:f4:0e:cd:a8:ac:c3:
3b:3d:16:6f:62:99:d7:f6:33:5f:dc:6b:89:e8:74:
59:c1:6f:7a:fb:dc:7c:ce:11:5e:bd:32:8f:ba:d4:
98:f9:28:7f:8c:dc:cf:04:64:68:f1:ca:87:43:ec:
22:16:08:60:9d:0c:85:bc:ac:16:11:8a:f1:be:d7:
02:31:a4:da:c4:78:d2:e6:7d:30:f0:cb:37:c0:24:
e6:2e:7f:73:fd:66:3e:27:6b:e0:e7:f8:2d:9f:e0:
e3:f9:69:ca:ad:3f:2a:a1:b9:d4:51:0f:38:b5:cc:
6b:28:36:ae:3e:ce:2a:3f:0c:68:38:80:ba:50:65:
91:02:2f:6f:46:60:cc:42:35:52:44:63:03:c1:dd:
b0:fb:4c:df:8d:e3:35:59:f2:a3:8f:9e:04:2f:b2:
ab:cd:bf:9d:ef:4a:37:c5:65:95:6c:b7:2c:53:0a:
8e:38:1d:96:a7:39:23:3d:55:f9:cd:78:55:ef:f0:
18:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B6:34:2B:24:B9:41:BA:8C:B7:48:C8:63:3F:6B:D9:F2:B0:AB:54
X509v3 Authority Key Identifier:
keyid:AD:3C:C1:A7:87:0B:61:0C:35:5C:6E:C2:99:B1:66:ED:AB:A3:DF:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTzBp4cLYQw1XG7CmbFm7auj3wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/zbY0KyS5QbqMt0jIYz9r2fKwq1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.36.0/24
IPv6:
2001:67c:cf0::/48
2001:67c:cf4::/48
2001:67c:cf8::/48
2001:67c:2cc4::/48
2001:67c:2f38::/48
Signature Algorithm: sha256WithRSAEncryption
7c:f6:eb:98:1a:1f:ce:a0:fe:a7:83:bd:da:27:84:16:f8:95:
60:2d:15:ed:5d:e3:6d:d3:de:3a:0a:83:23:46:f5:b4:ee:5d:
48:f7:a2:c3:bb:4b:02:8b:a3:ca:4e:21:3c:51:75:1c:95:d5:
51:12:8a:eb:14:5f:ad:b0:11:8c:92:33:30:4e:0b:db:b9:04:
68:8d:44:33:4d:a6:94:13:7e:80:4b:b9:61:ee:0d:b5:d0:bc:
10:c6:c1:82:20:e5:dc:59:39:29:ec:8a:e5:63:24:1d:c3:31:
01:58:39:5b:f5:8d:73:b3:a5:aa:c7:8c:20:6c:c9:78:77:b5:
ba:dc:3c:96:a5:8f:52:91:e7:89:5d:e0:8b:2f:8b:43:91:7c:
41:63:6f:33:04:c4:3a:5d:9b:53:63:41:ad:8c:0a:75:bc:71:
08:e7:b1:60:35:4d:c7:46:df:5d:46:6e:46:b3:a7:5b:7b:49:
4c:17:9c:ca:98:4a:2e:7f:ec:37:8b:3f:09:49:cd:c6:b9:2e:
b5:e2:e2:7b:6c:01:96:c2:a4:bf:ea:10:ff:d4:b0:f9:68:0a:
f9:0c:d7:7e:07:2c:ce:41:f3:61:25:57:65:80:dd:f2:31:99:
14:0e:9b:a6:44:82:ca:7a:8b:1c:87:fe:92:07:3c:b1:65:ff:
58:0b:97:8f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYsEGYdaVCyTZ+r7PJJgxNp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkM2NjMWE3ODcwYjYxMGMzNTVjNmVjMjk5YjE2NmVkYWJh
M2RmMDQwHhcNMjMxMDA2MDgyNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGI2MzQyYjI0Yjk0MWJhOGNiNzQ4Yzg2MzNmNmJkOWYyYjBhYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAByfEMfGdgZtbe0yQ6XoQlHI0x1
Ni5LGjYWmM25BEZXjdKEgHZcCZaeYTnYtZEhrzMTk2ij8/3K6Q1BJWaLjgEifg30
Ds2orMM7PRZvYpnX9jNf3GuJ6HRZwW96+9x8zhFevTKPutSY+Sh/jNzPBGRo8cqH
Q+wiFghgnQyFvKwWEYrxvtcCMaTaxHjS5n0w8Ms3wCTmLn9z/WY+J2vg5/gtn+Dj
+WnKrT8qobnUUQ84tcxrKDauPs4qPwxoOIC6UGWRAi9vRmDMQjVSRGMDwd2w+0zf
jeM1WfKjj54EL7Krzb+d70o3xWWVbLcsUwqOOB2WpzkjPVX5zXhV7/AYOQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFM22NCskuUG6jLdIyGM/a9nysKtUMB8GA1UdIwQY
MBaAFK08waeHC2EMNVxuwpmxZu2ro98EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclR6QnA0Y0xZUXcxWEc3Q21iRm03YXVqM3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zZDA0NmMtMTE3OC00NmEzLTgyZTAt
NzRkNTZjNDQxZGMxLzEvemJZMEt5UzVRYnFNdDBqSVl6OXIyZkt3cTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zZDA0NmMtMTE3OC00NmEzLTgyZTAtNzRkNTZjNDQxZGMx
LzEvclR6QnA0Y0xZUXcxWEc3Q21iRm03YXVqM3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAMBAIAATAGAwQAW+UkMDME
AgACMC0DBwAgAQZ8DPADBwAgAQZ8DPQDBwAgAQZ8DPgDBwAgAQZ8LMQDBwAgAQZ8
LzgwDQYJKoZIhvcNAQELBQADggEBAHz265gaH86g/qeDvdonhBb4lWAtFe1d423T
3joKgyNG9bTuXUj3osO7SwKLo8pOITxRdRyV1VESiusUX62wEYySMzBOC9u5BGiN
RDNNppQTfoBLuWHuDbXQvBDGwYIg5dxZOSnsiuVjJB3DMQFYOVv1jXOzparHjCBs
yXh3tbrcPJalj1KR54ld4Isvi0ORfEFjbzMExDpdm1NjQa2MCnW8cQjnsWA1TcdG
311Gbkazp1t7SUwXnMqYSi5/7DeLPwlJzca5LrXi4ntsAZbCpL/qEP/UsPloCvkM
134HLM5B82ElV2WA3fIxmRQOm6ZEgsp6ixyH/pIHPLFl/1gLl48=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:21 2024 by rpki-client on console-fra.rpki-client.org