Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/KVg9oeKHRDYj-_Hy_TjMrfh8RSo.roa
File: KVg9oeKHRDYj-_Hy_TjMrfh8RSo.roa (raw, json)
Hash identifier: tudNjDadb3qZ7FydcIceAJqR8gRDg/YNeM9zXTBiGPc=
Subject key identifier: 29:58:3D:A1:E2:87:44:36:23:FB:F1:F2:FD:38:CC:AD:F8:7C:45:2A
Certificate issuer: /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial: 019227CB032BF1F18C8164011465019848AC
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/KVg9oeKHRDYj-_Hy_TjMrfh8RSo.roa
Signing time: Wed 25 Sep 2024 06:07:48 +0000
ROA not before: Wed 25 Sep 2024 06:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2872
IP address blocks: 2.58.40.0/22 maxlen: 22
2.58.40.0/24 maxlen: 24
2.58.41.0/24 maxlen: 24
2.58.42.0/24 maxlen: 24
45.115.92.0/22 maxlen: 22
45.115.92.0/24 maxlen: 24
45.115.93.0/24 maxlen: 24
45.115.94.0/24 maxlen: 24
45.115.95.0/24 maxlen: 24
89.43.206.0/23 maxlen: 23
89.43.206.0/24 maxlen: 24
89.43.207.0/24 maxlen: 24
185.123.0.0/22 maxlen: 22
185.123.0.0/24 maxlen: 24
185.123.1.0/24 maxlen: 24
185.123.2.0/24 maxlen: 24
185.123.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 09:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:27:cb:03:2b:f1:f1:8c:81:64:01:14:65:01:98:48:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Validity
Not Before: Sep 25 06:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29583da1e287443623fbf1f2fd38ccadf87c452a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:7b:b4:a4:8d:eb:d7:96:5d:db:21:69:60:
ef:5d:34:be:24:60:a6:c1:74:d7:43:f4:07:42:2d:
12:43:bc:fc:b1:d0:60:e3:d3:7c:0d:0c:81:82:c6:
d4:72:88:6a:e0:9d:ad:a0:ff:23:f6:67:55:57:d9:
a2:de:f2:4d:53:ed:3a:3a:2d:8b:07:84:5c:8b:6b:
a1:70:a7:2f:2e:03:be:85:95:c7:7d:52:33:34:b1:
bc:74:96:3e:0d:93:c6:7e:46:f9:3b:96:c2:48:4e:
c3:14:f5:17:62:d5:a2:df:7d:29:f2:b7:db:9d:4a:
ab:13:2e:b4:7f:3f:19:6c:2f:e7:34:1c:52:af:4b:
09:de:b8:2d:69:d5:24:01:f6:a7:a1:0a:80:d9:bc:
c8:12:0c:a3:c0:13:06:b5:5c:43:ab:dd:05:6a:ba:
e1:ed:1f:53:56:5a:b1:af:42:90:e7:5d:4b:ef:82:
0b:8d:a8:44:23:8b:2d:f4:04:6b:04:57:d7:37:37:
b2:7b:4a:71:07:91:7d:63:11:2e:d2:ab:9c:43:a7:
af:24:50:dc:5c:cf:37:f4:54:9e:8f:61:5e:f1:05:
b2:d3:f8:c5:51:d2:14:52:18:4d:ee:5a:f3:b0:c1:
8e:39:9a:14:4d:be:38:20:3a:31:56:3f:f0:e0:ca:
50:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:58:3D:A1:E2:87:44:36:23:FB:F1:F2:FD:38:CC:AD:F8:7C:45:2A
X509v3 Authority Key Identifier:
keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/KVg9oeKHRDYj-_Hy_TjMrfh8RSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.40.0/22
45.115.92.0/22
89.43.206.0/23
185.123.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:d2:4b:b4:4e:d3:48:ce:e2:a0:53:99:60:a0:d9:e2:11:93:
db:f6:b3:30:7b:cd:91:b2:95:cd:06:c0:75:0f:4d:c9:b8:4a:
86:22:8f:1b:2f:db:a9:13:b6:2f:61:f6:04:61:19:9e:31:df:
28:aa:36:72:0c:30:5e:31:30:3e:c3:cf:14:59:41:f3:fd:53:
51:8c:41:01:ab:d7:00:02:a1:01:08:84:e0:34:42:7a:b7:eb:
8a:20:b6:b0:47:f4:d7:c7:f7:56:63:f2:da:24:f1:0e:61:35:
18:86:82:a2:f4:02:be:56:4f:43:74:63:53:75:f0:f0:e2:8a:
59:d1:d5:a9:d9:b4:b6:1b:bf:c0:fe:f9:cf:5d:b4:1c:b9:bc:
ff:29:0c:44:aa:d2:95:62:bc:77:fd:79:05:53:a4:4f:24:e8:
06:1d:4b:79:2a:a6:1a:0a:d7:f8:38:a3:3f:37:65:d1:12:77:
6b:c7:3a:74:9a:cf:85:45:dc:c2:8e:56:fb:77:ad:57:d3:f6:
43:48:19:91:c4:c8:ce:69:68:df:ad:81:2e:c8:62:38:aa:31:
b9:af:30:6a:23:d2:dd:91:33:ec:9a:1d:ec:03:d8:7d:37:a1:
72:6e:58:db:82:a1:0d:ac:30:5b:85:cf:6e:18:ff:ac:48:ca:
90:06:5b:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZInywMr8fGMgWQBFGUBmEisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2
Yjc3NGMwHhcNMjQwOTI1MDYwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU4M2RhMWUyODc0NDM2MjNmYmYxZjJmZDM4Y2NhZGY4N2M0NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdZ7tKSN69eWXdshaWDvXTS+JGCm
wXTXQ/QHQi0SQ7z8sdBg49N8DQyBgsbUcohq4J2toP8j9mdVV9mi3vJNU+06Oi2L
B4Rci2uhcKcvLgO+hZXHfVIzNLG8dJY+DZPGfkb5O5bCSE7DFPUXYtWi330p8rfb
nUqrEy60fz8ZbC/nNBxSr0sJ3rgtadUkAfanoQqA2bzIEgyjwBMGtVxDq90Farrh
7R9TVlqxr0KQ511L74ILjahEI4st9ARrBFfXNzeye0pxB5F9YxEu0qucQ6evJFDc
XM839FSej2Fe8QWy0/jFUdIUUhhN7lrzsMGOOZoUTb44IDoxVj/w4MpQjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFClYPaHih0Q2I/vx8v04zK34fEUqMB8GA1UdIwQY
MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt
MTc3OGJhMjVkOGI5LzEvS1ZnOW9lS0hSRFlqLV9IeV9Uak1yZmg4UlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5
LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjooAwQC
LXNcAwQBWSvOAwQCuXsAMA0GCSqGSIb3DQEBCwUAA4IBAQCM0ku0TtNIzuKgU5lg
oNniEZPb9rMwe82RspXNBsB1D03JuEqGIo8bL9upE7YvYfYEYRmeMd8oqjZyDDBe
MTA+w88UWUHz/VNRjEEBq9cAAqEBCITgNEJ6t+uKILawR/TXx/dWY/LaJPEOYTUY
hoKi9AK+Vk9DdGNTdfDw4opZ0dWp2bS2G7/A/vnPXbQcubz/KQxEqtKVYrx3/XkF
U6RPJOgGHUt5KqYaCtf4OKM/N2XREndrxzp0ms+FRdzCjlb7d61X0/ZDSBmRxMjO
aWjfrYEuyGI4qjG5rzBqI9LdkTPsmh3sA9h9N6FybljbgqENrDBbhc9uGP+sSMqQ
Blv+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:03 2025 by rpki-client