Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/zb75LaIwyNyjN9N17nUtv1dTkcU.roa
File: zb75LaIwyNyjN9N17nUtv1dTkcU.roa (raw, json)
Hash identifier: vSuIA7zUKkXqGgtJ/53zZS5CiwFn9flzPT7bxksyAig=
Subject key identifier: CD:BE:F9:2D:A2:30:C8:DC:A3:37:D3:75:EE:75:2D:BF:57:53:91:C5
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01929BD763362F5879F20E11E0AB40ACEA58
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/zb75LaIwyNyjN9N17nUtv1dTkcU.roa
Signing time: Thu 17 Oct 2024 18:57:17 +0000
ROA not before: Thu 17 Oct 2024 18:57:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 10:47:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9b:d7:63:36:2f:58:79:f2:0e:11:e0:ab:40:ac:ea:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Oct 17 18:57:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdbef92da230c8dca337d375ee752dbf575391c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:84:e9:53:18:bb:7b:75:71:1d:6f:02:8f:45:
82:10:e5:72:8a:26:70:55:eb:e3:fb:c0:82:dd:51:
bf:d3:84:f4:fe:60:ad:34:ba:24:75:d3:fb:c2:ac:
a1:d7:e1:bd:e5:da:60:59:94:63:5e:41:f4:1f:32:
1d:d7:50:d0:46:57:bb:90:dc:d3:09:04:ad:99:25:
9d:4e:48:5f:10:2d:77:6d:b6:9d:b0:eb:6f:33:1c:
b6:29:4a:ed:f8:c7:4d:23:a4:b5:4c:5c:0e:83:b3:
b2:3b:83:43:a2:88:3e:c7:a1:52:9a:7c:5a:31:fa:
63:30:0a:63:5e:7b:c9:8f:e4:d7:9c:e6:ac:b4:ad:
01:f8:b3:5f:14:ae:6e:78:ce:c2:35:35:93:68:fd:
b7:6c:bb:f3:a3:91:38:bc:d4:2a:c0:81:6a:de:15:
84:7d:9a:c1:97:3c:68:59:c4:38:62:02:07:27:ec:
04:56:74:d2:c7:3f:75:96:2d:54:7e:5e:2a:10:ae:
01:b0:13:c2:c7:6d:7c:af:63:d4:e2:3c:06:67:af:
56:58:7b:d9:1f:f7:db:2b:f5:db:7b:ba:f6:f1:64:
10:1a:25:8b:38:0e:b9:4e:2d:88:68:d4:83:5c:08:
1d:43:79:40:f6:42:96:8b:89:94:00:1c:98:c5:f6:
81:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BE:F9:2D:A2:30:C8:DC:A3:37:D3:75:EE:75:2D:BF:57:53:91:C5
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/zb75LaIwyNyjN9N17nUtv1dTkcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.40.0/24
91.92.42.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:9b:a2:7b:6c:bf:73:d5:a4:5d:58:ad:ee:bf:6a:2c:6f:9e:
0c:10:ef:2c:60:d3:a9:4e:37:b1:c4:bb:8b:53:2e:a1:31:d9:
d5:5b:85:b0:5e:46:d8:bc:d7:e6:d3:a4:82:48:1f:e8:09:fa:
ef:52:b3:11:5d:45:c8:4f:f4:ce:b2:79:d1:09:8f:37:4f:06:
53:ff:49:f5:16:57:44:b4:23:c5:01:8d:d4:fe:15:b6:d8:3c:
bd:11:1f:9e:d4:3f:a8:2c:a1:a5:8d:7f:fe:f6:26:26:a7:31:
e2:fb:10:94:d8:7b:01:27:ca:23:3b:c9:ed:45:0d:0b:31:26:
e5:ab:a2:01:65:18:1a:55:71:78:6c:55:c2:67:78:20:41:69:
a1:39:44:f9:bc:b1:1b:5c:9f:47:e7:6d:f5:0e:01:69:87:ca:
50:a2:d8:5f:c5:98:57:f0:1a:db:40:06:4a:cf:1d:32:68:49:
66:b0:8b:e8:f8:dc:54:44:a0:42:27:47:1e:3f:b9:71:2d:da:
96:1f:3d:1a:a9:3e:ac:30:e9:35:a5:ad:dd:9e:6a:a8:a0:3f:
f2:67:4e:31:63:8d:ec:f9:e9:9e:c5:89:d5:b2:bf:fb:d8:92:
38:58:a1:bf:86:95:23:3a:47:ea:bd:a4:bd:bb:1f:0b:d8:b4:
95:7d:17:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKb12M2L1h58g4R4KtArOpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQxMDE3MTg1NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGJlZjkyZGEyMzBjOGRjYTMzN2QzNzVlZTc1MmRiZjU3NTM5MWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYTpUxi7e3VxHW8Cj0WCEOVyiiZw
Vevj+8CC3VG/04T0/mCtNLokddP7wqyh1+G95dpgWZRjXkH0HzId11DQRle7kNzT
CQStmSWdTkhfEC13bbadsOtvMxy2KUrt+MdNI6S1TFwOg7OyO4NDoog+x6FSmnxa
MfpjMApjXnvJj+TXnOastK0B+LNfFK5ueM7CNTWTaP23bLvzo5E4vNQqwIFq3hWE
fZrBlzxoWcQ4YgIHJ+wEVnTSxz91li1Ufl4qEK4BsBPCx218r2PU4jwGZ69WWHvZ
H/fbK/Xbe7r28WQQGiWLOA65Ti2IaNSDXAgdQ3lA9kKWi4mUAByYxfaBbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM2++S2iMMjcozfTde51Lb9XU5HFMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvemI3NUxhSXd5TnlqTjlOMTduVXR2MWRUa2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1woAwQA
W1wqMA0GCSqGSIb3DQEBCwUAA4IBAQCnm6J7bL9z1aRdWK3uv2osb54MEO8sYNOp
TjexxLuLUy6hMdnVW4WwXkbYvNfm06SCSB/oCfrvUrMRXUXIT/TOsnnRCY83TwZT
/0n1FldEtCPFAY3U/hW22Dy9ER+e1D+oLKGljX/+9iYmpzHi+xCU2HsBJ8ojO8nt
RQ0LMSblq6IBZRgaVXF4bFXCZ3ggQWmhOUT5vLEbXJ9H5231DgFph8pQothfxZhX
8BrbQAZKzx0yaElmsIvo+NxURKBCJ0ceP7lxLdqWHz0aqT6sMOk1pa3dnmqooD/y
Z04xY43s+emexYnVsr/72JI4WKG/hpUjOkfqvaS9ux8L2LSVfReA
-----END CERTIFICATE-----
Generated at Fri Nov 1 13:22:31 2024 by rpki-client on console-ams.rpki-client.org