Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z2WGyAyGxM9OzJNmgJju4WPcfxQ.roa
File: z2WGyAyGxM9OzJNmgJju4WPcfxQ.roa (raw, json)
Hash identifier: qty0fSh0KU1XE/uiJ0sA9eGXwt9L2U+5AqidN5+dqcA=
Subject key identifier: CF:65:86:C8:0C:86:C4:CF:4E:CC:93:66:80:98:EE:E1:63:DC:7F:14
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B648D14F010E3CDD760BA997151E39
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z2WGyAyGxM9OzJNmgJju4WPcfxQ.roa
Signing time: Mon 02 Jan 2023 09:00:49 +0000
ROA not before: Mon 02 Jan 2023 09:00:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 45.90.18.0/24 maxlen: 24
45.147.226.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jan 2023 11:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:48:d1:4f:01:0e:3c:dd:76:0b:a9:97:15:1e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf6586c80c86c4cf4ecc93668098eee163dc7f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ed:6e:8d:8c:b0:ca:ba:9a:9e:3b:e4:53:82:
08:88:2e:51:fe:f5:1a:72:6b:90:ee:fc:29:9f:01:
fe:33:2a:89:0d:fc:a7:ee:52:64:be:53:6c:46:46:
72:76:36:1c:ad:1a:78:db:8c:eb:21:e1:f5:ab:9f:
d9:5b:b7:af:62:35:66:ba:c6:9b:51:ea:ec:87:f4:
0f:27:dd:ce:34:fa:da:aa:5c:73:eb:7a:5d:76:2a:
b1:b4:14:36:7b:ac:fe:3c:95:3d:0c:c1:cd:4d:e5:
c8:4d:28:41:e3:10:c1:26:7a:62:b5:d0:e0:66:94:
37:8c:b7:72:17:a1:5d:f8:25:a7:54:7e:ee:b3:33:
6e:e2:78:cb:de:da:10:ba:8c:ec:b1:de:45:a6:ab:
a0:4e:74:90:85:34:47:9d:c0:d9:b0:33:e9:ed:3b:
da:19:b8:a8:1d:ab:1d:9d:b0:c7:e9:2c:ac:c5:64:
1a:2c:76:6b:57:0d:ee:4f:4a:31:1b:15:fb:36:5e:
61:75:24:76:a9:43:74:a1:90:77:13:80:a6:ca:62:
9e:12:27:d7:d3:4c:61:08:f2:ef:11:99:77:4c:b9:
bc:59:59:e0:16:0a:13:af:68:25:1c:75:08:d5:45:
d2:66:68:c1:13:2a:12:8f:65:9e:4e:82:a2:0b:ac:
c6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:65:86:C8:0C:86:C4:CF:4E:CC:93:66:80:98:EE:E1:63:DC:7F:14
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z2WGyAyGxM9OzJNmgJju4WPcfxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.18.0/24
45.147.226.0/24
185.246.113.0/24
194.147.17.0/24
Signature Algorithm: sha256WithRSAEncryption
15:8a:4a:06:3d:3b:60:ca:f0:5a:9c:df:92:a1:d2:bb:e6:69:
0c:9e:b8:45:5a:5e:c7:38:99:7b:41:47:00:7e:de:6b:d2:92:
76:26:77:e5:3c:ed:da:a8:ce:64:55:a0:c5:50:6a:bd:fb:1a:
0c:7c:06:05:62:7d:cc:a5:c2:55:c9:24:bd:17:25:74:44:ce:
f5:56:dd:c3:77:60:19:82:26:be:6a:10:66:e7:e4:86:17:01:
cc:6e:9f:05:52:0a:75:03:41:42:8e:01:b6:e6:88:46:1e:ef:
3c:18:91:35:3b:48:b6:72:44:63:7e:00:ed:6d:ae:c3:76:7e:
8a:37:92:54:fb:8d:d8:9a:d7:fb:0f:57:5c:98:67:f0:dd:c5:
2a:4e:75:f5:d3:4b:29:4c:25:42:30:b3:d8:60:c6:0f:a0:68:
11:66:58:5a:1f:2a:9f:05:5f:99:01:1f:24:6d:a7:78:56:04:
0d:48:89:ec:0c:b1:29:82:20:28:72:cd:7b:77:d3:2c:e6:64:
c9:55:6a:64:96:20:0a:d2:c6:e6:d4:56:17:e6:72:bd:63:9c:
07:6e:52:01:2c:f1:db:ed:88:26:89:c1:74:68:f7:22:09:4e:
b6:08:b3:97:03:92:c4:85:de:94:52:58:41:bb:ab:c5:f5:49:
8d:32:38:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxtkjRTwEOPN12C6mXFR45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjY1ODZjODBjODZjNGNmNGVjYzkzNjY4MDk4ZWVlMTYzZGM3ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe1ujYywyrqanjvkU4IIiC5R/vUa
cmuQ7vwpnwH+MyqJDfyn7lJkvlNsRkZydjYcrRp424zrIeH1q5/ZW7evYjVmusab
Uersh/QPJ93ONPraqlxz63pddiqxtBQ2e6z+PJU9DMHNTeXITShB4xDBJnpitdDg
ZpQ3jLdyF6Fd+CWnVH7uszNu4njL3toQuozssd5FpqugTnSQhTRHncDZsDPp7Tva
GbioHasdnbDH6SysxWQaLHZrVw3uT0oxGxX7Nl5hdSR2qUN0oZB3E4CmymKeEifX
00xhCPLvEZl3TLm8WVngFgoTr2glHHUI1UXSZmjBEyoSj2WeToKiC6zG6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM9lhsgMhsTPTsyTZoCY7uFj3H8UMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvejJXR3lBeUd4TTlPekpObWdKanU0V1BjZnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVoSAwQA
LZPiAwQAufZxAwQAwpMRMA0GCSqGSIb3DQEBCwUAA4IBAQAVikoGPTtgyvBanN+S
odK75mkMnrhFWl7HOJl7QUcAft5r0pJ2JnflPO3aqM5kVaDFUGq9+xoMfAYFYn3M
pcJVySS9FyV0RM71Vt3Dd2AZgia+ahBm5+SGFwHMbp8FUgp1A0FCjgG25ohGHu88
GJE1O0i2ckRjfgDtba7Ddn6KN5JU+43Ymtf7D1dcmGfw3cUqTnX100spTCVCMLPY
YMYPoGgRZlhaHyqfBV+ZAR8kbad4VgQNSInsDLEpgiAocs17d9Ms5mTJVWpkliAK
0sbm1FYX5nK9Y5wHblIBLPHb7YgmicF0aPciCU62CLOXA5LEhd6UUlhBu6vF9UmN
Mjjr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org