Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/Zy3WQjBImL4zDuEMpKuzDTWqFdY.roa
File: Zy3WQjBImL4zDuEMpKuzDTWqFdY.roa (raw, json)
Hash identifier: 8LadJdVx8D3JIU4hTb5/5s65jHqNX/FqZvIbzBKoXfg=
Subject key identifier: 67:2D:D6:42:30:48:98:BE:33:0E:E1:0C:A4:AB:B3:0D:35:AA:15:D6
Certificate issuer: /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial: 018570DE2840E2FAABDD0C263828D91EC53C
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/Zy3WQjBImL4zDuEMpKuzDTWqFdY.roa
Signing time: Mon 02 Jan 2023 05:04:45 +0000
ROA not before: Mon 02 Jan 2023 05:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2872
IP address blocks: 2.58.41.0/24 maxlen: 24
185.123.0.0/22 maxlen: 22
185.123.0.0/24 maxlen: 24
2.58.40.0/24 maxlen: 24
185.123.3.0/24 maxlen: 24
2.58.40.0/22 maxlen: 22
185.123.2.0/24 maxlen: 24
2.58.42.0/24 maxlen: 24
185.123.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:28:40:e2:fa:ab:dd:0c:26:38:28:d9:1e:c5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Validity
Not Before: Jan 2 05:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=672dd642304898be330ee10ca4abb30d35aa15d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:74:f4:0b:78:62:29:65:30:c7:44:0d:55:3d:
50:48:cd:08:88:03:f6:18:92:66:c1:eb:b5:09:b9:
eb:c5:8d:ef:1f:bb:9d:e3:1d:e6:0e:cd:16:78:6d:
34:68:e7:86:1a:e7:59:59:65:ba:12:15:53:ad:fb:
52:d0:14:f5:d2:80:09:74:49:7d:7b:59:b9:36:5b:
35:69:30:d2:55:75:a4:08:2b:9f:16:1f:16:51:11:
09:8a:66:e2:19:a5:51:dd:7f:73:c2:26:e5:57:71:
6e:c2:ac:c7:4f:b5:67:ad:8a:d1:d3:65:14:9e:b3:
88:c9:25:aa:b8:a0:85:c2:83:40:de:5f:6e:d4:7e:
03:af:01:b2:d2:cf:f5:f7:17:ef:44:db:e6:68:8c:
1d:24:88:98:22:cf:a3:81:94:66:dd:ba:ca:4f:52:
1b:50:65:31:30:15:60:71:f2:c1:43:bf:84:7c:36:
31:2c:94:bb:b4:bd:62:b8:c0:a0:a7:65:df:2e:5e:
a6:c7:65:aa:fa:a6:f5:b0:16:83:c1:d8:ea:2d:77:
69:a5:a1:2f:6d:95:e4:48:26:97:55:7d:ee:36:4e:
29:d4:a9:03:5c:2a:63:85:c9:f2:42:ba:03:9c:f9:
7f:8c:32:f8:f2:92:ec:63:c2:d8:d7:12:02:fe:bd:
9f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2D:D6:42:30:48:98:BE:33:0E:E1:0C:A4:AB:B3:0D:35:AA:15:D6
X509v3 Authority Key Identifier:
keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/Zy3WQjBImL4zDuEMpKuzDTWqFdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.40.0/22
185.123.0.0/22
Signature Algorithm: sha256WithRSAEncryption
03:b8:9c:ec:cf:7c:f9:2a:6e:f8:d0:22:1b:ec:84:1e:31:93:
e5:32:50:bf:23:fc:74:90:28:03:75:e9:72:3e:d5:92:ca:ce:
98:95:6f:28:f6:2f:ae:3f:7e:7f:b5:1e:de:be:08:31:07:c8:
10:4a:57:50:f0:d9:28:ef:4b:8f:f9:bc:ed:f3:b4:d7:b9:bc:
38:7b:30:16:15:c5:5a:8b:c3:8d:24:4b:5c:ae:f1:1d:8b:7c:
b1:ff:db:75:26:40:34:c6:8e:e9:48:4a:b1:03:af:e0:3d:5e:
09:57:9f:77:20:14:ee:8b:8c:c6:21:df:5f:cd:d9:54:e1:d8:
78:97:9d:35:90:8b:df:73:0e:f2:44:fb:df:70:9c:65:10:00:
eb:47:be:a0:f2:d2:b1:e8:89:97:cf:f3:12:81:de:1a:9d:bd:
39:7a:f8:7d:0e:15:17:2b:9f:c4:61:8a:70:d9:aa:a3:4a:0f:
af:c9:6a:31:44:28:dd:93:96:37:4e:9c:7c:91:45:b7:a4:77:
f3:aa:91:b4:3c:8d:ec:c9:c5:d7:6b:77:8d:b5:7a:fb:b3:ae:
40:3b:cd:af:4f:c8:cf:17:28:c9:2e:1d:7d:07:60:73:99:11:
35:56:54:3f:a6:00:5f:b6:79:c3:e8:eb:0a:a1:c1:33:b5:c3:
31:d2:44:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw3ihA4vqr3QwmOCjZHsU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2
Yjc3NGMwHhcNMjMwMTAyMDUwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzJkZDY0MjMwNDg5OGJlMzMwZWUxMGNhNGFiYjMwZDM1YWExNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHT0C3hiKWUwx0QNVT1QSM0IiAP2
GJJmweu1CbnrxY3vH7ud4x3mDs0WeG00aOeGGudZWWW6EhVTrftS0BT10oAJdEl9
e1m5Nls1aTDSVXWkCCufFh8WUREJimbiGaVR3X9zwiblV3FuwqzHT7VnrYrR02UU
nrOIySWquKCFwoNA3l9u1H4DrwGy0s/19xfvRNvmaIwdJIiYIs+jgZRm3brKT1Ib
UGUxMBVgcfLBQ7+EfDYxLJS7tL1iuMCgp2XfLl6mx2Wq+qb1sBaDwdjqLXdppaEv
bZXkSCaXVX3uNk4p1KkDXCpjhcnyQroDnPl/jDL48pLsY8LY1xIC/r2fdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGct1kIwSJi+Mw7hDKSrsw01qhXWMB8GA1UdIwQY
MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt
MTc3OGJhMjVkOGI5LzEvWnkzV1FqQkltTDR6RHVFTXBLdXpEVFdxRmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5
LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjooAwQC
uXsAMA0GCSqGSIb3DQEBCwUAA4IBAQADuJzsz3z5Km740CIb7IQeMZPlMlC/I/x0
kCgDdelyPtWSys6YlW8o9i+uP35/tR7evggxB8gQSldQ8Nko70uP+bzt87TXubw4
ezAWFcVai8ONJEtcrvEdi3yx/9t1JkA0xo7pSEqxA6/gPV4JV593IBTui4zGId9f
zdlU4dh4l501kIvfcw7yRPvfcJxlEADrR76g8tKx6ImXz/MSgd4anb05evh9DhUX
K5/EYYpw2aqjSg+vyWoxRCjdk5Y3Tpx8kUW3pHfzqpG0PI3sycXXa3eNtXr7s65A
O82vT8jPFyjJLh19B2BzmRE1VlQ/pgBftnnD6OsKocEztcMx0kR6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:49 2024 by rpki-client on console-fra.rpki-client.org