Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ZBLnCN28ULPDvxN3gD1xdTKaTH4.roa
File: ZBLnCN28ULPDvxN3gD1xdTKaTH4.roa (raw, json)
Hash identifier: 4xJ6qVTDFcSykTLDNn5L3DO/EqlhoBiRDIwllZXMc0o=
Subject key identifier: 64:12:E7:08:DD:BC:50:B3:C3:BF:13:77:80:3D:71:75:32:9A:4C:7E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0192042E3093897C374D8DFEE8D16AEAE281
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ZBLnCN28ULPDvxN3gD1xdTKaTH4.roa
Signing time: Wed 18 Sep 2024 08:09:48 +0000
ROA not before: Wed 18 Sep 2024 08:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 91.92.40.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 07:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:2e:30:93:89:7c:37:4d:8d:fe:e8:d1:6a:ea:e2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 18 08:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6412e708ddbc50b3c3bf1377803d7175329a4c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5f:03:5c:a2:dc:e5:44:47:f8:15:27:ae:d1:
b7:0a:d3:f3:a5:b4:d1:6b:2e:b7:00:3c:b3:de:1f:
ca:35:72:fc:7c:4d:e0:77:82:50:cb:a1:6d:14:e9:
a0:36:11:99:d7:3e:ed:ca:10:a8:a3:65:41:47:54:
e4:52:e1:94:61:89:04:0e:5d:c3:ed:dc:37:bb:f8:
be:9e:54:eb:77:5e:da:a4:e7:f3:89:0e:c8:4a:87:
6e:c1:a5:f0:a6:37:c3:59:ce:b1:f7:2c:59:ea:9b:
d0:46:0b:de:49:13:45:85:53:7b:44:2b:4a:dc:d3:
a4:81:2c:0f:cc:de:6f:15:31:93:56:7f:de:69:b5:
5d:87:fc:6b:68:f5:b9:fb:0a:91:ab:6a:9b:e3:46:
2b:a5:df:61:e8:66:35:20:e2:5a:2c:94:63:22:39:
31:35:53:ef:d2:88:25:75:69:d5:d6:b1:ea:c6:a6:
22:59:d8:72:01:8b:fc:16:e2:22:cc:49:31:b9:45:
99:e4:f7:d2:90:c0:a4:8f:70:50:06:a4:fc:5f:0c:
6f:ca:54:5f:52:aa:90:3e:42:1c:40:7b:ad:12:83:
79:ca:c5:bd:ce:ae:a6:0a:46:72:b7:9e:f1:8b:6f:
7a:de:bf:6e:1a:66:62:e5:fd:6d:9d:97:2c:24:a9:
24:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:12:E7:08:DD:BC:50:B3:C3:BF:13:77:80:3D:71:75:32:9A:4C:7E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ZBLnCN28ULPDvxN3gD1xdTKaTH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.40.0/24
91.92.43.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:78:33:04:8e:73:af:f5:42:a4:f5:1e:2a:e2:b4:a5:09:79:
9e:2b:d4:0f:5f:d2:c9:1a:04:56:2e:50:8f:50:41:c1:5a:a3:
05:05:7e:c8:3f:fb:bc:21:5d:64:a8:b0:52:11:a8:70:4e:4d:
20:d5:5d:1a:c3:d6:5c:3d:b6:1d:7b:63:2a:2e:5e:2c:c3:df:
0d:74:61:77:6d:f5:3c:57:55:3a:52:d6:2c:e8:fe:4b:58:e6:
78:44:82:96:7d:2f:e5:65:a2:b1:de:8f:83:b1:b9:89:de:2f:
29:66:9e:07:1b:25:c4:cc:d3:37:c9:2d:eb:ff:bb:f9:e0:13:
4f:82:75:aa:7b:6d:2f:5b:1e:3a:ae:7d:6e:06:81:b1:85:f2:
7e:ae:db:0e:81:1c:75:2b:03:46:e5:90:df:d7:7d:09:ed:7a:
d1:df:01:3d:78:09:6b:44:cc:8b:fd:07:bb:36:b3:a8:e0:62:
fa:7f:e1:f1:ef:a9:0f:45:25:b6:ec:33:f1:39:59:f4:f0:69:
bc:d6:ae:76:91:e4:d3:b5:9b:65:9c:bf:dc:df:36:96:6c:6e:
bf:c4:fc:41:49:e1:9e:00:ff:f4:30:d6:5e:40:9c:33:85:7a:
81:c1:52:55:d2:b9:ac:33:a6:27:27:d2:05:16:18:b0:7e:38:
43:98:07:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIELjCTiXw3TY3+6NFq6uKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwOTE4MDgwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDEyZTcwOGRkYmM1MGIzYzNiZjEzNzc4MDNkNzE3NTMyOWE0YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj18DXKLc5URH+BUnrtG3CtPzpbTR
ay63ADyz3h/KNXL8fE3gd4JQy6FtFOmgNhGZ1z7tyhCoo2VBR1TkUuGUYYkEDl3D
7dw3u/i+nlTrd17apOfziQ7ISoduwaXwpjfDWc6x9yxZ6pvQRgveSRNFhVN7RCtK
3NOkgSwPzN5vFTGTVn/eabVdh/xraPW5+wqRq2qb40Yrpd9h6GY1IOJaLJRjIjkx
NVPv0ogldWnV1rHqxqYiWdhyAYv8FuIizEkxuUWZ5PfSkMCkj3BQBqT8XwxvylRf
UqqQPkIcQHutEoN5ysW9zq6mCkZyt57xi2963r9uGmZi5f1tnZcsJKkkvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGQS5wjdvFCzw78Td4A9cXUymkx+MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvWkJMbkNOMjhVTFBEdnhOM2dEMXhkVEthVEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1woAwQA
W1wrMA0GCSqGSIb3DQEBCwUAA4IBAQCOeDMEjnOv9UKk9R4q4rSlCXmeK9QPX9LJ
GgRWLlCPUEHBWqMFBX7IP/u8IV1kqLBSEahwTk0g1V0aw9ZcPbYde2MqLl4sw98N
dGF3bfU8V1U6UtYs6P5LWOZ4RIKWfS/lZaKx3o+DsbmJ3i8pZp4HGyXEzNM3yS3r
/7v54BNPgnWqe20vWx46rn1uBoGxhfJ+rtsOgRx1KwNG5ZDf130J7XrR3wE9eAlr
RMyL/Qe7NrOo4GL6f+Hx76kPRSW27DPxOVn08Gm81q52keTTtZtlnL/c3zaWbG6/
xPxBSeGeAP/0MNZeQJwzhXqBwVJV0rmsM6YnJ9IFFhiwfjhDmAdm
-----END CERTIFICATE-----
Generated at Wed Oct 2 10:53:39 2024 by rpki-client on console-ams.rpki-client.org