Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Za9L8VoR2ivEZ7RRVWhleaKYClE.roa
File: Za9L8VoR2ivEZ7RRVWhleaKYClE.roa (raw, json)
Hash identifier: k5hxPmB/FQ4g1IMr4GjNShizkPrBtV89kP53wX1Tdxo=
Subject key identifier: 65:AF:4B:F1:5A:11:DA:2B:C4:67:B4:51:55:68:65:79:A2:98:0A:51
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01862BE4F211137AAFC352FB680EE629AA3E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Za9L8VoR2ivEZ7RRVWhleaKYClE.roa
Signing time: Tue 07 Feb 2023 12:41:09 +0000
ROA not before: Tue 07 Feb 2023 12:41:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 45.128.199.0/24 maxlen: 24
45.146.55.0/24 maxlen: 24
194.5.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:e4:f2:11:13:7a:af:c3:52:fb:68:0e:e6:29:aa:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Feb 7 12:41:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65af4bf15a11da2bc467b45155686579a2980a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:50:54:de:f6:b3:f8:31:1c:da:f1:24:d0:
9a:b6:8a:0c:36:4d:0b:f3:3e:07:5d:61:06:91:1d:
27:a8:77:62:3a:2d:c4:7f:40:a0:84:57:d0:66:cb:
f9:ad:7a:f9:32:cc:08:c5:58:82:0b:a5:22:2a:29:
62:97:b8:bf:02:40:25:68:c6:50:15:1e:f4:a9:89:
5c:af:c7:fb:d4:db:94:16:3f:81:c4:76:06:57:21:
9d:c2:6a:59:c6:00:50:b8:e6:89:ab:5c:8f:42:f7:
2a:8f:56:0b:57:2c:fc:b1:f3:af:37:2e:de:21:e4:
d4:54:71:a8:89:e0:48:0d:bc:4b:3b:08:1c:79:f5:
7c:2c:60:5a:8e:d8:87:33:e3:1d:44:15:29:d4:5e:
26:0d:c9:b3:75:35:97:98:57:4a:c3:2f:13:04:7c:
0f:e7:56:75:60:28:d7:b0:c9:ef:50:9c:c3:83:6d:
cc:4c:c1:e2:19:15:e6:18:3e:c0:19:d5:3e:ed:83:
0b:bb:a0:8d:f3:bd:c1:05:71:98:b1:28:2f:1a:61:
10:9e:e9:b7:46:66:40:bf:b6:bd:1e:0a:96:c0:0b:
6e:60:8a:7f:3e:1f:29:6d:2f:de:25:a0:41:4f:9b:
05:d0:0a:70:96:c3:77:db:e8:bf:f8:b4:17:13:2f:
23:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AF:4B:F1:5A:11:DA:2B:C4:67:B4:51:55:68:65:79:A2:98:0A:51
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Za9L8VoR2ivEZ7RRVWhleaKYClE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.199.0/24
45.146.55.0/24
194.5.52.0/24
Signature Algorithm: sha256WithRSAEncryption
11:a5:40:1f:66:2b:0a:58:f4:b9:13:58:44:9d:63:2b:b8:7d:
32:62:2f:f1:33:63:76:77:97:a3:f8:68:21:4d:ce:1a:47:79:
30:ac:a5:c9:2c:93:44:36:be:01:09:5d:45:9e:c7:56:46:a9:
61:c9:bf:e0:92:79:c4:52:7f:f6:2a:ac:14:8e:12:11:34:18:
92:06:f8:64:9b:d3:0a:e3:1c:1e:d2:5f:0b:12:6f:9f:cb:eb:
c1:ad:72:1d:ca:0c:ff:fc:64:7a:17:8d:03:b5:09:ca:25:44:
22:9c:db:c7:2d:04:b1:20:6e:d6:e4:2a:c6:68:cb:53:13:b6:
a2:f4:a5:40:bf:f5:c2:f1:25:92:51:f8:34:d4:af:d3:da:e4:
48:ff:37:0b:ad:b6:6a:bf:35:05:d3:74:96:a5:87:88:57:17:
82:b8:78:da:57:d8:3b:ae:6d:5d:ac:16:16:c1:16:ae:50:cb:
ba:2c:02:c7:a6:8d:2d:e8:06:d9:81:4e:cc:c9:2e:40:99:06:
08:f0:d0:e5:8e:73:26:02:94:91:be:fe:df:0a:62:bd:a7:a3:
6d:f7:dd:05:48:f4:d1:d4:00:cf:33:c9:bc:f6:51:b7:19:98:
8b:c1:5b:dd:af:70:f1:56:04:67:7a:a9:a5:81:f5:75:e8:5b:
d8:2a:80:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYr5PIRE3qvw1L7aA7mKao+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMjA3MTI0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFmNGJmMTVhMTFkYTJiYzQ2N2I0NTE1NTY4NjU3OWEyOTgwYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7lQVN72s/gxHNrxJNCatooMNk0L
8z4HXWEGkR0nqHdiOi3Ef0CghFfQZsv5rXr5MswIxViCC6UiKilil7i/AkAlaMZQ
FR70qYlcr8f71NuUFj+BxHYGVyGdwmpZxgBQuOaJq1yPQvcqj1YLVyz8sfOvNy7e
IeTUVHGoieBIDbxLOwgcefV8LGBajtiHM+MdRBUp1F4mDcmzdTWXmFdKwy8TBHwP
51Z1YCjXsMnvUJzDg23MTMHiGRXmGD7AGdU+7YMLu6CN873BBXGYsSgvGmEQnum3
RmZAv7a9HgqWwAtuYIp/Ph8pbS/eJaBBT5sF0ApwlsN32+i/+LQXEy8j0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGWvS/FaEdorxGe0UVVoZXmimApRMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWmE5TDhWb1IyaXZFWjdSUlZXaGxlYUtZQ2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYDHAwQA
LZI3AwQAwgU0MA0GCSqGSIb3DQEBCwUAA4IBAQARpUAfZisKWPS5E1hEnWMruH0y
Yi/xM2N2d5ej+GghTc4aR3kwrKXJLJNENr4BCV1FnsdWRqlhyb/gknnEUn/2KqwU
jhIRNBiSBvhkm9MK4xwe0l8LEm+fy+vBrXIdygz//GR6F40DtQnKJUQinNvHLQSx
IG7W5CrGaMtTE7ai9KVAv/XC8SWSUfg01K/T2uRI/zcLrbZqvzUF03SWpYeIVxeC
uHjaV9g7rm1drBYWwRauUMu6LALHpo0t6AbZgU7MyS5AmQYI8NDljnMmApSRvv7f
CmK9p6Nt990FSPTR1ADPM8m89lG3GZiLwVvdr3DxVgRneqmlgfV16FvYKoBM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org