Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/Z41DpxVF2FYZDcu5RatZaR4XTSI.roa
File: Z41DpxVF2FYZDcu5RatZaR4XTSI.roa (raw, json)
Hash identifier: Cj68AWNU54uoN8z1dNo8DR866VIlEzLRC8DOhGZ7rrs=
Subject key identifier: 67:8D:43:A7:15:45:D8:56:19:0D:CB:B9:45:AB:59:69:1E:17:4D:22
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018AE17C62BE80B68F64A6B44A60946CD060
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/Z41DpxVF2FYZDcu5RatZaR4XTSI.roa
Signing time: Fri 29 Sep 2023 15:08:59 +0000
ROA not before: Fri 29 Sep 2023 15:08:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.147.159.0/24 maxlen: 24
45.147.157.0/24 maxlen: 24
92.61.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:7c:62:be:80:b6:8f:64:a6:b4:4a:60:94:6c:d0:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Sep 29 15:08:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=678d43a71545d856190dcbb945ab59691e174d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ed:81:9c:f8:39:ef:c3:45:f4:dd:a0:86:7e:
92:9f:79:ae:cf:36:a2:ba:a2:e4:04:63:16:5a:3e:
f0:3d:02:56:d7:03:be:0d:96:4d:ab:aa:70:4f:96:
e1:00:1a:64:4d:b9:55:97:e3:d9:d1:7e:5a:9c:c8:
89:e9:bc:43:68:ab:06:6b:2b:31:44:f3:d2:65:e6:
44:b0:b1:1b:ba:27:40:70:42:4a:48:34:26:a3:0d:
bd:87:eb:d2:f4:16:a0:82:5e:76:d6:86:0d:c2:b6:
b8:5a:c8:c7:ff:f8:d4:44:24:e3:96:58:87:e3:3e:
db:9c:88:19:18:45:05:86:e7:32:f7:ce:f9:d1:4c:
0e:4c:f1:41:0d:44:81:93:4b:db:46:da:a9:05:af:
82:9f:bc:d2:f6:b1:71:d9:0a:c9:23:f6:54:06:19:
db:4a:02:18:44:a4:12:12:09:09:71:b9:e8:eb:0d:
52:a8:fd:38:38:3a:d4:5c:56:b5:a4:45:ff:86:1e:
43:a7:84:64:0e:62:5e:86:a3:0d:6e:ea:cb:18:4e:
67:36:7d:55:ba:9f:e9:cb:33:49:10:4a:77:6b:d0:
fc:5d:05:4d:1f:51:a2:9a:62:d5:fa:06:9b:5d:4d:
14:69:19:2a:fa:b7:9c:fc:ba:a5:00:89:f9:1a:67:
d6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8D:43:A7:15:45:D8:56:19:0D:CB:B9:45:AB:59:69:1E:17:4D:22
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/Z41DpxVF2FYZDcu5RatZaR4XTSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.157.0/24
45.147.159.0/24
92.61.103.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:18:47:c4:a7:be:e1:f7:e8:09:0c:ae:c8:74:70:85:de:23:
86:e0:90:27:15:fe:dc:01:db:a1:ad:23:f8:3e:89:9b:ff:13:
80:df:fc:d4:ee:8a:d0:eb:14:4a:5d:7c:e6:00:09:3f:4f:94:
e0:a4:92:60:bc:10:cb:70:61:54:26:5d:43:96:ea:38:cd:4b:
d7:b1:f5:05:3a:39:63:8a:39:d8:ef:5e:0b:60:c1:55:43:b8:
5f:7c:54:9d:31:b7:18:6d:60:76:b1:a0:fa:da:c5:c5:0a:f2:
3b:be:2f:2a:47:cc:00:21:7b:9e:bf:f8:00:e1:98:76:60:0a:
f5:6d:67:a8:83:56:4d:9d:e6:aa:b4:a0:10:ac:4d:92:40:24:
ef:1e:d7:d0:dd:27:c9:2e:da:6b:cc:68:56:7e:86:3d:7d:d4:
83:bd:c4:fc:e7:49:39:4c:8b:19:d0:08:ad:f2:c4:05:eb:ab:
51:d3:ab:f1:a9:eb:6a:af:1b:d3:ad:90:91:64:7d:a1:f9:e0:
46:ad:f0:24:ad:45:38:a3:20:58:ca:b0:99:8c:de:73:e2:33:
22:1f:0e:67:0d:03:83:4e:a9:69:c4:19:90:2d:fd:98:47:91:
22:c7:80:cc:ac:d6:49:41:b4:8b:ca:a0:51:dc:7b:b5:c1:a0:
72:3d:3e:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrhfGK+gLaPZKa0SmCUbNBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwOTI5MTUwODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzhkNDNhNzE1NDVkODU2MTkwZGNiYjk0NWFiNTk2OTFlMTc0ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+2BnPg578NF9N2ghn6Sn3muzzai
uqLkBGMWWj7wPQJW1wO+DZZNq6pwT5bhABpkTblVl+PZ0X5anMiJ6bxDaKsGaysx
RPPSZeZEsLEbuidAcEJKSDQmow29h+vS9Baggl521oYNwra4WsjH//jURCTjlliH
4z7bnIgZGEUFhucy98750UwOTPFBDUSBk0vbRtqpBa+Cn7zS9rFx2QrJI/ZUBhnb
SgIYRKQSEgkJcbno6w1SqP04ODrUXFa1pEX/hh5Dp4RkDmJehqMNburLGE5nNn1V
up/pyzNJEEp3a9D8XQVNH1GimmLV+gabXU0UaRkq+rec/LqlAIn5GmfWRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGeNQ6cVRdhWGQ3LuUWrWWkeF00iMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvWjQxRHB4VkYyRllaRGN1NVJhdFphUjRYVFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZOdAwQA
LZOfAwQAXD1nMA0GCSqGSIb3DQEBCwUAA4IBAQAOGEfEp77h9+gJDK7IdHCF3iOG
4JAnFf7cAduhrSP4Pomb/xOA3/zU7orQ6xRKXXzmAAk/T5TgpJJgvBDLcGFUJl1D
luo4zUvXsfUFOjljijnY714LYMFVQ7hffFSdMbcYbWB2saD62sXFCvI7vi8qR8wA
IXuev/gA4Zh2YAr1bWeog1ZNneaqtKAQrE2SQCTvHtfQ3SfJLtprzGhWfoY9fdSD
vcT850k5TIsZ0Ait8sQF66tR06vxqetqrxvTrZCRZH2h+eBGrfAkrUU4oyBYyrCZ
jN5z4jMiHw5nDQODTqlpxBmQLf2YR5Eix4DMrNZJQbSLyqBR3Hu1waByPT4n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org