Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/zqKzdqALQVZKG8KkhLVimATmWrg.roa
File: zqKzdqALQVZKG8KkhLVimATmWrg.roa (raw, json)
Hash identifier: TRdI2yseZ8W7KTR5t6MkXC3CfJQCwSqdiVEb71brgIk=
Subject key identifier: CE:A2:B3:76:A0:0B:41:56:4A:1B:C2:A4:84:B5:62:98:04:E6:5A:B8
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018F674094E8096D9F26BC09BBE99EACDC1A
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/zqKzdqALQVZKG8KkhLVimATmWrg.roa
Signing time: Sat 11 May 2024 10:43:56 +0000
ROA not before: Sat 11 May 2024 10:43:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 45.147.156.0/24 maxlen: 24
45.147.157.0/24 maxlen: 24
45.147.158.0/24 maxlen: 24
91.190.185.0/24 maxlen: 24
92.61.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 08:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:67:40:94:e8:09:6d:9f:26:bc:09:bb:e9:9e:ac:dc:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: May 11 10:43:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cea2b376a00b41564a1bc2a484b5629804e65ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2e:30:57:4a:9b:62:1c:f4:e4:f8:01:0d:bf:
da:f6:9e:ba:3b:69:6f:b1:fd:26:f3:c3:d3:9b:99:
dc:2e:4c:91:b5:a6:f8:c1:ed:6b:c8:3b:d7:09:0a:
ea:5a:1e:7e:59:d7:ac:08:1a:52:1d:22:1e:3a:c7:
a3:d6:a6:50:70:fb:2a:4b:81:2f:d9:eb:bf:ed:3b:
9c:e5:92:43:25:cc:30:86:8a:70:b7:68:fe:bf:75:
c2:bd:25:6a:b0:3a:01:52:0c:73:54:54:48:4d:ab:
29:76:e5:b1:85:07:0c:b9:a3:fb:d3:09:42:c8:80:
85:a5:f6:53:c9:7d:33:5f:3d:8a:5f:1c:97:b6:39:
27:24:df:d5:ae:45:17:48:d9:0e:ec:8f:75:ba:c1:
22:67:df:43:db:d0:9c:6c:b7:c3:f2:da:d6:7b:08:
ac:48:b9:7b:f3:e4:16:74:42:2a:e7:0d:4f:27:69:
d2:1c:d6:77:68:07:9c:5c:81:3d:b5:eb:7e:17:3a:
46:80:23:c6:b1:70:08:b0:d5:ca:e7:9e:da:16:d1:
fc:7e:1b:25:a0:4d:a7:51:3d:9a:35:8a:f7:c1:b7:
db:8a:04:00:1f:9b:2e:91:6b:86:b0:c6:88:75:17:
65:ed:53:60:70:05:05:7c:58:af:33:7c:b5:02:13:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A2:B3:76:A0:0B:41:56:4A:1B:C2:A4:84:B5:62:98:04:E6:5A:B8
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/zqKzdqALQVZKG8KkhLVimATmWrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.156.0-45.147.158.255
91.190.185.0/24
92.61.102.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:fc:9f:2c:1d:17:1b:17:e4:78:8d:69:6b:4c:fc:bf:20:ba:
1f:c9:cd:1d:98:d9:b6:d6:f0:c7:f2:f3:e2:23:fd:5e:30:20:
a3:a0:ad:69:ec:f3:60:11:e5:91:e3:3b:04:c7:cf:f8:48:51:
84:a9:01:0c:bc:7e:3b:4f:74:57:99:0a:92:33:75:20:1c:15:
c9:dd:8d:09:ee:8f:8f:e3:54:78:63:41:cf:10:77:fe:da:bb:
34:61:76:d2:9f:7c:66:ef:9a:a8:dc:92:36:14:7f:e6:f1:61:
e0:b0:24:d9:31:ba:60:4a:5c:c0:22:bb:51:85:b5:34:e1:61:
83:58:52:a3:c4:df:f4:bf:c2:3d:5d:70:4c:5b:06:68:79:d9:
f7:d3:a3:ae:77:15:35:c8:dc:87:62:38:f4:92:be:31:ce:6d:
4f:e5:99:08:20:0e:12:94:1f:e3:a0:c4:7e:3e:ef:21:f4:70:
4d:7d:64:e9:98:fc:5a:b2:5c:4d:dd:fa:23:c8:25:41:7c:6b:
92:8b:1b:df:ab:d1:e5:e2:b8:4d:66:3f:cb:4e:49:78:cb:54:
5f:e0:98:9b:a2:19:28:64:e9:38:30:95:39:af:4f:46:37:fc:
be:d0:46:bb:47:1d:9f:b7:4f:56:57:e9:37:61:0e:85:8c:df:
56:0e:18:4e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9nQJToCW2fJrwJu+merNwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwNTExMTA0MzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWEyYjM3NmEwMGI0MTU2NGExYmMyYTQ4NGI1NjI5ODA0ZTY1YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi4wV0qbYhz05PgBDb/a9p66O2lv
sf0m88PTm5ncLkyRtab4we1ryDvXCQrqWh5+WdesCBpSHSIeOsej1qZQcPsqS4Ev
2eu/7Tuc5ZJDJcwwhopwt2j+v3XCvSVqsDoBUgxzVFRITaspduWxhQcMuaP70wlC
yICFpfZTyX0zXz2KXxyXtjknJN/VrkUXSNkO7I91usEiZ99D29CcbLfD8trWewis
SLl78+QWdEIq5w1PJ2nSHNZ3aAecXIE9tet+FzpGgCPGsXAIsNXK557aFtH8fhsl
oE2nUT2aNYr3wbfbigQAH5sukWuGsMaIdRdl7VNgcAUFfFivM3y1AhPcgwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFM6is3agC0FWShvCpIS1YpgE5lq4MB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvenFLemRxQUxRVlpLRzhLa2hMVmltQVRtV3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAItk5wD
BAAtk54DBABbvrkDBABcPWYwDQYJKoZIhvcNAQELBQADggEBAAr8nywdFxsX5HiN
aWtM/L8guh/JzR2Y2bbW8Mfy8+Ij/V4wIKOgrWns82AR5ZHjOwTHz/hIUYSpAQy8
fjtPdFeZCpIzdSAcFcndjQnuj4/jVHhjQc8Qd/7auzRhdtKffGbvmqjckjYUf+bx
YeCwJNkxumBKXMAiu1GFtTThYYNYUqPE3/S/wj1dcExbBmh52ffTo653FTXI3Idi
OPSSvjHObU/lmQggDhKUH+OgxH4+7yH0cE19ZOmY/FqyXE3d+iPIJUF8a5KLG9+r
0eXiuE1mP8tOSXjLVF/gmJuiGShk6TgwlTmvT0Y3/L7QRrtHHZ+3T1ZX6TdhDoWM
31YOGE4=
-----END CERTIFICATE-----
Generated at Tue Jun 11 10:55:58 2024 by rpki-client on console-fra.rpki-client.org