Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZjWfJ7fbodvLwR3tK5ocW_1z2HQ.roa
File: ZjWfJ7fbodvLwR3tK5ocW_1z2HQ.roa (raw, json)
Hash identifier: I2CirAXgQgSoeDZlcmGRIHhy1iFNSGqocEBl65Pbf1A=
Subject key identifier: 66:35:9F:27:B7:DB:A1:DB:CB:C1:1D:ED:2B:9A:1C:5B:FD:73:D8:74
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018B1D720E051F02206037CE8FD728520644
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZjWfJ7fbodvLwR3tK5ocW_1z2HQ.roa
Signing time: Wed 11 Oct 2023 06:34:55 +0000
ROA not before: Wed 11 Oct 2023 06:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203363
IP address blocks: 2.58.201.0/24 maxlen: 24
2.58.203.0/24 maxlen: 24
45.80.193.0/24 maxlen: 24
45.67.84.0/24 maxlen: 24
45.67.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:72:0e:05:1f:02:20:60:37:ce:8f:d7:28:52:06:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Oct 11 06:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66359f27b7dba1dbcbc11ded2b9a1c5bfd73d874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cc:6b:96:3f:35:0f:db:0e:3a:e1:ab:93:5f:
7e:3e:74:0e:f5:6d:4e:f2:6b:be:6a:38:cf:6b:33:
db:d5:70:48:e0:66:a3:a1:bb:99:07:64:a3:08:3d:
b9:de:10:ad:ae:27:2f:1d:dd:95:a0:e5:57:a7:80:
18:5a:c2:0c:69:82:c3:97:77:4b:a5:54:d9:45:5b:
69:19:04:b2:44:d1:c2:bc:df:02:0d:bc:ac:d9:d6:
f1:2b:89:7a:49:d3:77:c3:4c:60:e9:82:11:ed:81:
39:29:7b:f8:5c:f1:52:4a:df:f4:74:ca:5b:05:5d:
7c:24:8b:23:66:86:cd:ac:17:85:6f:a0:b6:6b:3f:
7d:4f:0c:e6:b0:15:fc:e4:c0:1b:97:9a:f2:b8:df:
fe:0b:8e:5a:1e:f8:19:e8:35:d6:2c:5c:23:ea:d7:
b0:20:78:d6:64:28:97:f1:92:31:35:5c:45:90:3b:
6a:fe:38:38:e8:69:cd:56:c0:7b:65:33:46:1f:79:
00:0e:92:31:03:9f:2a:7b:8d:d9:ee:26:7e:3d:a6:
32:d5:f0:2c:8b:c6:3e:1d:99:0a:5b:ca:8a:a6:e2:
24:cd:0e:19:d4:bd:4c:db:b4:da:c5:66:e7:06:1a:
97:4b:92:14:1d:a0:32:15:52:fd:23:e1:e0:ea:ab:
79:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:35:9F:27:B7:DB:A1:DB:CB:C1:1D:ED:2B:9A:1C:5B:FD:73:D8:74
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZjWfJ7fbodvLwR3tK5ocW_1z2HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.201.0/24
2.58.203.0/24
45.67.84.0/23
45.80.193.0/24
Signature Algorithm: sha256WithRSAEncryption
60:19:55:56:67:89:d4:07:5c:13:a9:9c:98:d3:8f:6d:f4:ea:
8e:79:64:97:f6:53:0d:c3:08:04:61:20:b7:42:57:cd:c2:66:
d2:b3:a3:7e:f7:a2:20:ee:8a:8e:1c:91:80:f3:f6:99:9c:fb:
76:f6:53:94:2a:df:a5:f8:4b:bb:43:6a:ef:28:7b:9a:17:f2:
38:5b:ae:e5:58:26:ef:67:89:0f:67:f5:ca:d0:a7:30:f9:94:
cf:a8:c4:48:f3:ea:ce:42:d0:78:a0:ca:c6:52:c1:18:7e:af:
24:44:5e:31:a2:f9:26:47:fb:7d:c2:47:58:92:d2:52:aa:3d:
12:ae:6e:8e:29:66:01:c7:54:7e:ac:a2:1c:bd:b3:6a:c8:f9:
7f:8d:f2:6a:4a:7a:72:bc:be:f2:ab:ee:17:ce:7b:ca:50:90:
e1:82:20:1e:4b:66:c6:2f:dd:2b:70:76:a5:3f:64:82:80:b0:
ae:8f:25:bb:d7:9e:d8:82:f9:a5:58:ea:0d:5d:e4:8d:96:92:
c0:1a:fe:49:83:97:2f:2e:92:fd:f1:e5:2c:bc:a4:29:30:87:
2f:3a:fa:d0:1c:36:9e:9a:0f:10:b9:03:30:a1:45:12:b0:be:
bf:19:b8:71:db:62:82:3c:4a:29:a9:1a:42:53:2c:48:e2:81:
4d:4c:96:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsdcg4FHwIgYDfOj9coUgZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMDExMDYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjM1OWYyN2I3ZGJhMWRiY2JjMTFkZWQyYjlhMWM1YmZkNzNkODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsxrlj81D9sOOuGrk19+PnQO9W1O
8mu+ajjPazPb1XBI4GajobuZB2SjCD253hCtricvHd2VoOVXp4AYWsIMaYLDl3dL
pVTZRVtpGQSyRNHCvN8CDbys2dbxK4l6SdN3w0xg6YIR7YE5KXv4XPFSSt/0dMpb
BV18JIsjZobNrBeFb6C2az99TwzmsBX85MAbl5ryuN/+C45aHvgZ6DXWLFwj6tew
IHjWZCiX8ZIxNVxFkDtq/jg46GnNVsB7ZTNGH3kADpIxA58qe43Z7iZ+PaYy1fAs
i8Y+HZkKW8qKpuIkzQ4Z1L1M27TaxWbnBhqXS5IUHaAyFVL9I+Hg6qt5/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGY1nye326Hby8Ed7SuaHFv9c9h0MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWmpXZko3ZmJvZHZMd1IzdEs1b2NXXzF6MkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjrJAwQA
AjrLAwQBLUNUAwQALVDBMA0GCSqGSIb3DQEBCwUAA4IBAQBgGVVWZ4nUB1wTqZyY
049t9OqOeWSX9lMNwwgEYSC3QlfNwmbSs6N+96Ig7oqOHJGA8/aZnPt29lOUKt+l
+Eu7Q2rvKHuaF/I4W67lWCbvZ4kPZ/XK0Kcw+ZTPqMRI8+rOQtB4oMrGUsEYfq8k
RF4xovkmR/t9wkdYktJSqj0Srm6OKWYBx1R+rKIcvbNqyPl/jfJqSnpyvL7yq+4X
znvKUJDhgiAeS2bGL90rcHalP2SCgLCujyW7157YgvmlWOoNXeSNlpLAGv5Jg5cv
LpL98eUsvKQpMIcvOvrQHDaemg8QuQMwoUUSsL6/Gbhx22KCPEopqRpCUyxI4oFN
TJYX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org