Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zL9KgzHLP_lJCqmT_zNVmy-J7O4.roa
File: zL9KgzHLP_lJCqmT_zNVmy-J7O4.roa (raw, json)
Hash identifier: +iXjKbHeQQNIel3daXPUmIQBpF+rg6LcER5MATZ0jAk=
Subject key identifier: CC:BF:4A:83:31:CB:3F:F9:49:0A:A9:93:FF:33:55:9B:2F:89:EC:EE
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01902A70D0210E37D01E75A507AB96F423F9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zL9KgzHLP_lJCqmT_zNVmy-J7O4.roa
Signing time: Tue 18 Jun 2024 08:22:34 +0000
ROA not before: Tue 18 Jun 2024 08:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142299
IP address blocks: 45.83.207.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:70:d0:21:0e:37:d0:1e:75:a5:07:ab:96:f4:23:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 18 08:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccbf4a8331cb3ff9490aa993ff33559b2f89ecee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0a:b5:86:4f:56:f1:bd:2d:ce:50:9c:49:27:
f1:56:74:d8:e6:1d:2b:82:95:32:04:a9:0a:29:a9:
b0:d2:70:61:1e:37:ac:db:4c:37:20:2e:8c:1a:38:
6e:f9:35:cc:d9:42:2a:98:e7:0d:ca:9d:cc:f4:ec:
c1:a0:d5:57:c1:73:a4:3a:2d:92:33:64:c4:4a:cf:
59:e0:46:6d:95:a0:2d:29:ce:66:17:c9:ee:34:65:
7d:ba:fa:9a:ac:04:1a:6a:64:e9:45:f7:f0:70:50:
8c:77:12:3f:6c:c8:5b:94:fa:88:7a:ce:f5:b9:0c:
08:9e:c1:07:97:3a:2d:43:92:82:d0:94:1c:71:bf:
f6:00:97:95:78:fd:75:6a:fc:69:97:b1:47:be:fc:
6e:1c:cb:36:3b:c3:64:c8:57:e0:c0:23:bd:c7:24:
78:8e:1c:66:7f:bd:e7:29:7b:c3:34:05:18:77:0f:
cf:48:97:e8:da:dd:d0:90:54:ce:bb:8b:ff:02:9f:
d2:b7:41:ce:e0:a0:ce:19:73:90:cc:ab:bc:20:dc:
9b:96:91:f3:a7:74:cb:80:83:76:12:ae:1b:1d:3e:
32:b1:7b:42:47:98:cc:a5:67:9a:82:e8:75:67:00:
74:47:42:a9:7b:9a:f4:01:47:18:5e:99:3d:7b:26:
90:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BF:4A:83:31:CB:3F:F9:49:0A:A9:93:FF:33:55:9B:2F:89:EC:EE
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zL9KgzHLP_lJCqmT_zNVmy-J7O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.207.0/24
89.251.2.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:50:53:37:ce:e0:8e:2d:24:09:5f:a6:4f:4f:28:8b:a7:f1:
e1:4c:17:b2:91:3b:e7:54:62:77:d7:93:58:68:a2:8a:14:8b:
70:7f:0a:83:c6:9a:cb:60:ca:2e:a4:dd:76:91:c8:ad:3f:0b:
ca:8d:57:ed:d5:79:7f:cd:1c:31:2a:a6:3e:c6:13:9a:20:15:
bb:ea:34:e5:b1:c3:e0:30:09:56:37:04:fa:64:89:48:cb:d9:
fe:57:f3:9b:7f:17:49:87:b4:97:77:6a:ac:84:93:d0:fa:58:
7b:f1:7b:9d:c9:35:23:c9:49:f5:87:6b:73:26:67:1f:ad:51:
cd:5d:8e:aa:96:26:7f:9c:66:3e:ed:bc:68:74:ac:62:5e:ff:
04:01:42:44:c8:a4:f0:b3:63:45:7c:b3:40:85:72:02:2d:f5:
60:e6:05:f4:4b:c2:4f:3a:54:29:07:f3:eb:0d:45:0f:48:27:
d0:f9:73:a1:66:15:99:e7:90:84:fb:00:0b:55:0e:47:4f:2b:
e0:c3:c3:bf:70:48:0f:21:61:30:15:6d:12:a4:54:29:62:f8:
db:11:9d:8b:d0:b6:71:b9:07:f6:15:b4:22:75:6e:fe:0e:a5:
22:6a:16:80:9b:f8:8a:8e:d9:d3:ec:5d:16:de:67:b6:2a:b4:
ef:74:55:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAqcNAhDjfQHnWlB6uW9CP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNjE4MDgyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JmNGE4MzMxY2IzZmY5NDkwYWE5OTNmZjMzNTU5YjJmODllY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgq1hk9W8b0tzlCcSSfxVnTY5h0r
gpUyBKkKKamw0nBhHjes20w3IC6MGjhu+TXM2UIqmOcNyp3M9OzBoNVXwXOkOi2S
M2TESs9Z4EZtlaAtKc5mF8nuNGV9uvqarAQaamTpRffwcFCMdxI/bMhblPqIes71
uQwInsEHlzotQ5KC0JQccb/2AJeVeP11avxpl7FHvvxuHMs2O8NkyFfgwCO9xyR4
jhxmf73nKXvDNAUYdw/PSJfo2t3QkFTOu4v/Ap/St0HO4KDOGXOQzKu8INyblpHz
p3TLgIN2Eq4bHT4ysXtCR5jMpWeaguh1ZwB0R0Kpe5r0AUcYXpk9eyaQ/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMy/SoMxyz/5SQqpk/8zVZsviezuMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvekw5S2d6SExQX2xKQ3FtVF96TlZteS1KN080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVPPAwQA
WfsCMA0GCSqGSIb3DQEBCwUAA4IBAQAMUFM3zuCOLSQJX6ZPTyiLp/HhTBeykTvn
VGJ315NYaKKKFItwfwqDxprLYMoupN12kcitPwvKjVft1Xl/zRwxKqY+xhOaIBW7
6jTlscPgMAlWNwT6ZIlIy9n+V/ObfxdJh7SXd2qshJPQ+lh78XudyTUjyUn1h2tz
JmcfrVHNXY6qliZ/nGY+7bxodKxiXv8EAUJEyKTws2NFfLNAhXICLfVg5gX0S8JP
OlQpB/PrDUUPSCfQ+XOhZhWZ55CE+wALVQ5HTyvgw8O/cEgPIWEwFW0SpFQpYvjb
EZ2L0LZxuQf2FbQidW7+DqUiahaAm/iKjtnT7F0W3me2KrTvdFXZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:10 2025 by rpki-client