Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/z2SsfemhXSDuRO7LRGankDONa0U.roa
File: z2SsfemhXSDuRO7LRGankDONa0U.roa (raw, json)
Hash identifier: jVmQhvv9ZbS8WRTB2ObEZ6cHjOlwugf/Ubqce9L8x4k=
Subject key identifier: CF:64:AC:7D:E9:A1:5D:20:EE:44:EE:CB:44:66:A7:90:33:8D:6B:45
Certificate issuer: /CN=2e0a2316f4e9b58aa52deee5c7d1f4b84476ec86
Certificate serial: 018F0EAA79B2BC8F257419275C43A38E3DA2
Authority key identifier: 2E:0A:23:16:F4:E9:B5:8A:A5:2D:EE:E5:C7:D1:F4:B8:44:76:EC:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgojFvTptYqlLe7lx9H0uER27IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/z2SsfemhXSDuRO7LRGankDONa0U.roa
Signing time: Wed 24 Apr 2024 05:53:24 +0000
ROA not before: Wed 24 Apr 2024 05:53:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29545
IP address blocks: 86.111.40.0/22 maxlen: 22
86.111.40.0/24 maxlen: 24
86.111.41.0/24 maxlen: 24
86.111.50.0/23 maxlen: 23
86.111.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 13:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0e:aa:79:b2:bc:8f:25:74:19:27:5c:43:a3:8e:3d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a2316f4e9b58aa52deee5c7d1f4b84476ec86
Validity
Not Before: Apr 24 05:53:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf64ac7de9a15d20ee44eecb4466a790338d6b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:87:cf:8f:9d:2a:73:20:c0:92:52:8a:e7:af:
c2:98:d6:b5:d6:34:2a:91:d8:c6:b0:fa:08:2a:ac:
1d:6d:6b:c8:a9:b3:ae:1a:bc:cc:ee:00:d3:ab:7e:
0f:8b:12:83:34:5e:39:c6:c7:43:b2:8d:ff:aa:ed:
51:1e:bb:be:f7:c2:e9:75:0a:33:0f:68:fc:be:3d:
18:c0:8a:2c:dc:4e:0e:f0:08:e0:9d:68:4a:d6:54:
8c:9c:29:ab:05:4e:8a:96:54:33:5a:3b:00:90:6f:
e1:8f:88:7a:2c:3f:fe:5c:e6:df:ff:d3:cc:dd:db:
72:0a:67:8e:0a:52:be:48:18:49:b1:85:8f:b2:f4:
ce:03:4e:57:22:ca:a5:d7:c3:7b:9d:91:fc:0e:9f:
31:83:10:ea:a2:ac:e5:94:99:6c:9f:28:67:69:ee:
57:62:33:50:f1:64:9b:db:77:33:b1:bb:52:4b:a5:
d3:f7:c7:4f:99:01:38:35:2e:67:0d:d8:da:02:ae:
02:d0:f7:04:94:f6:b8:ad:09:8a:48:5b:54:ed:18:
f2:38:fb:3f:c9:7e:f5:72:a2:0b:a9:7c:54:22:c1:
8a:97:ac:43:34:5a:39:d8:17:83:73:c9:f1:16:6f:
76:f8:d2:fa:49:3c:ee:a4:03:7c:c1:34:65:00:7c:
89:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:64:AC:7D:E9:A1:5D:20:EE:44:EE:CB:44:66:A7:90:33:8D:6B:45
X509v3 Authority Key Identifier:
keyid:2E:0A:23:16:F4:E9:B5:8A:A5:2D:EE:E5:C7:D1:F4:B8:44:76:EC:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgojFvTptYqlLe7lx9H0uER27IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/z2SsfemhXSDuRO7LRGankDONa0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/LgojFvTptYqlLe7lx9H0uER27IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.40.0/22
86.111.50.0/23
Signature Algorithm: sha256WithRSAEncryption
59:cb:3b:14:cb:fa:2e:81:68:0e:a2:3b:3f:af:bb:be:a3:4b:
3e:f7:bc:f3:10:76:ec:5a:01:11:cd:be:36:8d:ba:ce:e7:52:
ab:d2:9a:02:b9:99:f0:73:d4:ff:ac:3e:ff:49:22:b9:b9:4f:
6b:c4:6c:fc:66:96:9f:d8:69:07:68:ad:e7:e2:a9:f3:b5:1b:
31:95:9e:af:da:3d:40:26:82:49:22:de:89:ac:08:ca:64:3d:
2f:e8:e0:16:db:51:3c:fb:6e:51:2c:66:79:ad:0a:f3:be:50:
a9:ec:2e:bc:25:7e:62:df:98:84:60:d3:b7:e6:6f:bb:ea:1c:
db:7e:f9:0e:be:bc:91:b0:cd:2e:52:d1:37:e9:25:ee:16:7c:
1f:56:d5:fd:7e:1a:05:06:16:e4:11:ac:e6:e5:86:bf:cf:cc:
cb:5b:6c:72:d3:3f:d4:25:49:99:5c:ce:a0:1a:81:56:33:70:
34:73:65:c1:16:95:7d:2e:13:34:82:d5:72:2b:aa:3b:6a:df:
04:b6:83:34:d2:da:8a:91:2e:30:4b:d7:7a:17:fb:33:1f:f7:
ef:ac:3f:7d:f9:f4:da:92:64:cd:56:74:d0:09:47:75:1b:ab:
52:47:60:80:66:70:bf:b0:d4:89:ff:6e:7d:93:a9:b2:3f:02:
07:92:b5:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8OqnmyvI8ldBknXEOjjj2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGEyMzE2ZjRlOWI1OGFhNTJkZWVlNWM3ZDFmNGI4NDQ3
NmVjODYwHhcNMjQwNDI0MDU1MzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjY0YWM3ZGU5YTE1ZDIwZWU0NGVlY2I0NDY2YTc5MDMzOGQ2YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYfPj50qcyDAklKK56/CmNa11jQq
kdjGsPoIKqwdbWvIqbOuGrzM7gDTq34PixKDNF45xsdDso3/qu1RHru+98LpdQoz
D2j8vj0YwIos3E4O8AjgnWhK1lSMnCmrBU6KllQzWjsAkG/hj4h6LD/+XObf/9PM
3dtyCmeOClK+SBhJsYWPsvTOA05XIsql18N7nZH8Dp8xgxDqoqzllJlsnyhnae5X
YjNQ8WSb23czsbtSS6XT98dPmQE4NS5nDdjaAq4C0PcElPa4rQmKSFtU7RjyOPs/
yX71cqILqXxUIsGKl6xDNFo52BeDc8nxFm92+NL6STzupAN8wTRlAHyJdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM9krH3poV0g7kTuy0Rmp5AzjWtFMB8GA1UdIwQY
MBaAFC4KIxb06bWKpS3u5cfR9LhEduyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdvakZ2VHB0WXFsTGU3bHg5SDB1RVIyN0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jNDU4MTEtNzViYS00ZGQ3LWE0MjEt
ZjM2ZDllZTM0NmQ0LzEvejJTc2ZlbWhYU0R1Uk83TFJHYW5rRE9OYTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jNDU4MTEtNzViYS00ZGQ3LWE0MjEtZjM2ZDllZTM0NmQ0
LzEvTGdvakZ2VHB0WXFsTGU3bHg5SDB1RVIyN0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVm8oAwQB
Vm8yMA0GCSqGSIb3DQEBCwUAA4IBAQBZyzsUy/ougWgOojs/r7u+o0s+97zzEHbs
WgERzb42jbrO51Kr0poCuZnwc9T/rD7/SSK5uU9rxGz8Zpaf2GkHaK3n4qnztRsx
lZ6v2j1AJoJJIt6JrAjKZD0v6OAW21E8+25RLGZ5rQrzvlCp7C68JX5i35iEYNO3
5m+76hzbfvkOvryRsM0uUtE36SXuFnwfVtX9fhoFBhbkEazm5Ya/z8zLW2xy0z/U
JUmZXM6gGoFWM3A0c2XBFpV9LhM0gtVyK6o7at8EtoM00tqKkS4wS9d6F/szH/fv
rD99+fTakmTNVnTQCUd1G6tSR2CAZnC/sNSJ/259k6myPwIHkrWp
-----END CERTIFICATE-----
Generated at Fri Apr 26 07:41:56 2024 by rpki-client on console.sobornost.net