Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zn2GZv4ItOlcv_LsXUYH6I1s3Js.roa
File: Zn2GZv4ItOlcv_LsXUYH6I1s3Js.roa (raw, json)
Hash identifier: j+dbYLI5KJ3a12ViaET0/KkW4zTBVuFdb1H1XN+fTQo=
Subject key identifier: 66:7D:86:66:FE:08:B4:E9:5C:BF:F2:EC:5D:46:07:E8:8D:6C:DC:9B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B8B6FFEA95ADE6302930FD34B9F6D2505
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zn2GZv4ItOlcv_LsXUYH6I1s3Js.roa
Signing time: Wed 01 Nov 2023 15:10:54 +0000
ROA not before: Wed 01 Nov 2023 15:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 45.91.50.0/24 maxlen: 24
45.8.68.0/24 maxlen: 24
45.67.97.0/24 maxlen: 24
45.67.99.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Nov 2023 06:07:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:6f:fe:a9:5a:de:63:02:93:0f:d3:4b:9f:6d:25:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 1 15:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=667d8666fe08b4e95cbff2ec5d4607e88d6cdc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:24:1f:bb:c7:00:9c:a0:02:83:d8:df:f7:34:
c6:41:06:a7:44:ed:40:5a:73:77:e3:f2:9e:2e:37:
4a:b4:f0:07:78:42:31:87:a9:80:7b:25:01:3c:55:
7f:f8:ea:94:89:36:66:d0:0b:4f:de:29:7a:a0:d1:
eb:95:e3:da:fd:e4:f4:c0:36:da:6b:c1:69:62:ef:
d1:9b:98:fe:23:7c:43:4f:dc:6e:16:40:f8:94:a5:
07:3f:ad:ab:e2:4a:67:e2:4f:19:99:6f:46:b7:f6:
6a:28:33:91:ac:74:95:bc:0a:f3:cd:c1:50:eb:5b:
8d:05:b6:d0:72:f5:51:da:94:4c:83:8f:a9:cc:2f:
f2:14:7b:4e:8c:7f:58:f7:d2:b1:03:15:46:9a:99:
7f:19:5a:aa:b1:5d:76:ac:e3:a5:8d:a0:6e:ac:32:
5d:3c:05:1c:13:1f:0a:ba:07:59:41:9c:6a:e3:d0:
6e:72:8f:d5:3f:2c:b3:6a:76:ca:6d:42:85:b2:ea:
50:de:bf:ee:31:67:fd:e5:91:de:a2:83:e8:72:db:
97:45:c2:69:57:76:c4:4c:b0:b6:d6:c8:66:b9:b3:
83:c3:c1:bb:a4:6e:fa:4e:33:79:7b:2e:af:af:e6:
00:43:f1:ca:a3:31:06:1e:6c:6d:7b:04:b5:59:85:
3a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7D:86:66:FE:08:B4:E9:5C:BF:F2:EC:5D:46:07:E8:8D:6C:DC:9B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zn2GZv4ItOlcv_LsXUYH6I1s3Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.68.0/24
45.67.97.0/24
45.67.99.0/24
45.91.50.0/24
188.214.208.0/24
188.241.110.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ee:d4:51:f9:a1:80:48:b5:46:d3:1a:13:d5:30:0b:c5:d3:
5d:42:4a:4e:3c:fa:5c:50:7a:1d:c2:7c:f8:ab:b9:64:8a:89:
a5:99:0b:61:8c:53:88:37:4e:a2:19:88:34:6a:30:30:3b:b9:
c1:4a:75:c2:a0:9b:64:3b:77:31:95:f4:e6:21:28:e2:7a:2f:
2f:a1:0f:15:ad:c4:8c:7b:2e:7c:7c:c6:c3:ec:21:58:8c:8c:
1b:7e:63:87:8d:66:5d:fc:ba:7e:97:1b:55:87:a3:7f:fd:f3:
2f:f4:43:8b:bf:f2:dc:74:77:38:a9:02:d1:27:e1:dc:be:22:
ce:e7:be:26:b1:49:da:a4:0e:b9:72:41:e5:6d:36:97:b2:22:
c7:9e:d1:0a:a3:1a:ab:57:35:16:e9:fd:76:f3:99:84:1d:45:
84:6f:67:e8:99:42:20:23:28:77:30:68:0d:34:6c:2d:ec:13:
9e:16:4c:f6:ac:83:44:07:d6:35:f7:c5:44:01:cc:a2:56:b7:
f5:e5:9a:15:25:a0:90:40:29:14:76:fe:50:f8:57:c1:c0:84:
b4:b9:50:b1:f1:cf:7d:76:5d:a4:db:7b:8c:4d:21:8c:99:8d:
b3:c6:5c:50:de:ce:53:67:df:04:94:68:44:08:99:64:d4:75:
7d:fe:d4:dd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuLb/6pWt5jApMP00ufbSUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAxMTUxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjdkODY2NmZlMDhiNGU5NWNiZmYyZWM1ZDQ2MDdlODhkNmNkYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCQfu8cAnKACg9jf9zTGQQanRO1A
WnN34/KeLjdKtPAHeEIxh6mAeyUBPFV/+OqUiTZm0AtP3il6oNHrlePa/eT0wDba
a8FpYu/Rm5j+I3xDT9xuFkD4lKUHP62r4kpn4k8ZmW9Gt/ZqKDORrHSVvArzzcFQ
61uNBbbQcvVR2pRMg4+pzC/yFHtOjH9Y99KxAxVGmpl/GVqqsV12rOOljaBurDJd
PAUcEx8KugdZQZxq49Buco/VPyyzanbKbUKFsupQ3r/uMWf95ZHeooPoctuXRcJp
V3bETLC21shmubODw8G7pG76TjN5ey6vr+YAQ/HKozEGHmxtewS1WYU6bwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGZ9hmb+CLTpXL/y7F1GB+iNbNybMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWm4yR1p2NEl0T2xjdl9Mc1hVWUg2STFzM0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQhEAwQA
LUNhAwQALUNjAwQALVsyAwQAvNbQAwQAvPFuMA0GCSqGSIb3DQEBCwUAA4IBAQBv
7tRR+aGASLVG0xoT1TALxdNdQkpOPPpcUHodwnz4q7lkiomlmQthjFOIN06iGYg0
ajAwO7nBSnXCoJtkO3cxlfTmISjiei8voQ8VrcSMey58fMbD7CFYjIwbfmOHjWZd
/Lp+lxtVh6N//fMv9EOLv/LcdHc4qQLRJ+HcviLO574msUnapA65ckHlbTaXsiLH
ntEKoxqrVzUW6f1285mEHUWEb2fomUIgIyh3MGgNNGwt7BOeFkz2rINEB9Y198VE
AcyiVrf15ZoVJaCQQCkUdv5Q+FfBwIS0uVCx8c99dl2k23uMTSGMmY2zxlxQ3s5T
Z98ElGhECJlk1HV9/tTd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org