Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa
File: Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa (raw, json)
Hash identifier: zNaaHJEqSLxQxadgD8YRNpREAKzY9R13AWlQT2ZGWeM=
Subject key identifier: 67:66:E9:FA:F6:18:53:CA:95:8C:28:25:A6:6A:95:F8:AA:BE:CD:18
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 018571FA2E9D806EA764DF58D58521065502
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa
Signing time: Mon 02 Jan 2023 10:14:59 +0000
ROA not before: Mon 02 Jan 2023 10:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 145.46.255.0/24 maxlen: 24
145.46.191.0/24 maxlen: 24
145.46.192.0/18 maxlen: 18
145.46.128.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:2e:9d:80:6e:a7:64:df:58:d5:85:21:06:55:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Jan 2 10:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6766e9faf61853ca958c2825a66a95f8aabecd18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:01:fb:89:c0:31:8c:21:7a:24:ae:18:11:35:
1f:88:af:5b:ce:7d:33:92:0d:ea:df:f6:04:ab:ef:
a7:38:58:01:85:56:24:ed:76:27:cf:82:87:4d:2a:
84:12:6f:d3:e4:3b:42:42:4b:d8:f0:78:80:f4:c7:
2c:e4:ad:d3:d8:5a:a7:ea:2a:32:d1:ba:c4:be:8d:
69:c4:b2:60:13:e0:cc:fb:7e:99:77:09:8b:92:c4:
23:20:fa:af:75:86:d6:8a:b1:d7:26:b8:99:38:ea:
6c:b1:78:ca:eb:5a:d6:44:ef:2b:44:68:53:d8:ea:
06:59:2a:0e:aa:bb:91:2d:6d:ec:2a:32:17:e4:bf:
c9:02:a5:fd:af:37:ee:dc:24:a8:0a:77:8f:f5:d6:
c8:d4:de:95:33:4e:77:86:ed:41:5b:70:6e:c8:bb:
11:96:97:f5:84:f2:68:7d:83:cc:d6:0a:f3:e2:cd:
e5:d3:fe:62:42:8d:67:62:11:da:1d:26:20:35:a2:
5c:2d:7c:ca:cc:d1:c8:70:31:cf:ec:22:ca:a0:02:
d7:0a:68:1e:a6:0a:b2:b2:c4:28:c7:47:87:9c:d0:
a6:7a:fc:f0:95:9d:3b:9b:e7:09:93:69:70:22:51:
99:35:5a:30:69:d6:b7:65:b6:4d:b2:65:99:4d:98:
2b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:66:E9:FA:F6:18:53:CA:95:8C:28:25:A6:6A:95:F8:AA:BE:CD:18
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.128.0/17
Signature Algorithm: sha256WithRSAEncryption
58:16:de:7b:c8:81:db:1d:7c:53:35:79:e7:b0:1d:6b:0c:9e:
da:ff:2e:7c:b3:9f:9f:84:88:1d:d0:c5:a3:79:39:13:c6:92:
ee:cd:5e:ed:df:6a:0b:cd:9a:dc:09:ff:78:da:62:09:32:9c:
ca:39:13:e2:e2:f5:67:06:cc:e3:6a:d8:33:23:5b:07:a0:8b:
77:be:c3:a3:87:d5:bf:47:97:60:e6:85:59:fc:ef:81:fe:0d:
35:ea:d8:62:81:63:01:a0:95:04:69:aa:4f:84:dd:49:c3:e8:
1e:06:9c:3c:9c:e7:16:a1:b2:46:05:2c:48:2c:10:c2:48:77:
56:08:f7:30:81:d7:0d:c3:d7:32:84:4c:4b:f0:b1:69:62:11:
ba:ce:c1:13:0f:a4:d3:88:d0:c2:50:a5:41:dc:d0:54:8e:f8:
2e:2e:b7:be:c4:33:ba:3d:8d:6b:16:3b:07:dc:49:e3:93:e0:
9b:c1:b4:ba:6d:25:24:e6:9f:80:e1:a6:57:d3:b0:d5:ee:1e:
eb:d9:19:b4:79:5e:5b:47:7a:b7:6e:63:24:3e:dd:9a:f6:e4:
c3:01:26:b4:68:4b:a7:7b:fb:69:14:1c:09:d2:69:67:c8:41:
d7:a4:5b:a2:e4:d5:d8:17:17:36:c7:f1:ec:b5:1c:f0:4e:60:
56:96:25:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+i6dgG6nZN9Y1YUhBlUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjMwMTAyMTAxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY2ZTlmYWY2MTg1M2NhOTU4YzI4MjVhNjZhOTVmOGFhYmVjZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAH7icAxjCF6JK4YETUfiK9bzn0z
kg3q3/YEq++nOFgBhVYk7XYnz4KHTSqEEm/T5DtCQkvY8HiA9Mcs5K3T2Fqn6ioy
0brEvo1pxLJgE+DM+36ZdwmLksQjIPqvdYbWirHXJriZOOpssXjK61rWRO8rRGhT
2OoGWSoOqruRLW3sKjIX5L/JAqX9rzfu3CSoCneP9dbI1N6VM053hu1BW3BuyLsR
lpf1hPJofYPM1grz4s3l0/5iQo1nYhHaHSYgNaJcLXzKzNHIcDHP7CLKoALXCmge
pgqyssQox0eHnNCmevzwlZ07m+cJk2lwIlGZNVowada3ZbZNsmWZTZgrEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdm6fr2GFPKlYwoJaZqlfiqvs0YMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvWjJicC12WVlVOHFWakNnbHBtcVYtS3EtelJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHkS6AMA0G
CSqGSIb3DQEBCwUAA4IBAQBYFt57yIHbHXxTNXnnsB1rDJ7a/y58s5+fhIgd0MWj
eTkTxpLuzV7t32oLzZrcCf942mIJMpzKORPi4vVnBszjatgzI1sHoIt3vsOjh9W/
R5dg5oVZ/O+B/g016thigWMBoJUEaapPhN1Jw+geBpw8nOcWobJGBSxILBDCSHdW
CPcwgdcNw9cyhExL8LFpYhG6zsETD6TTiNDCUKVB3NBUjvguLre+xDO6PY1rFjsH
3Enjk+CbwbS6bSUk5p+A4aZX07DV7h7r2Rm0eV5bR3q3bmMkPt2a9uTDASa0aEun
e/tpFBwJ0mlnyEHXpFui5NXYFxc2x/HstRzwTmBWliVM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:20 2024 by rpki-client on console-fra.rpki-client.org