Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/TZYfPYfMtzF9iY3zikkIWxcfydA.roa
File: TZYfPYfMtzF9iY3zikkIWxcfydA.roa (raw, json)
Hash identifier: CMfaUf/79s/+UwMqvjrPIY1HMm8Ll/zEM5idql/Aa+4=
Subject key identifier: 4D:96:1F:3D:87:CC:B7:31:7D:89:8D:F3:8A:49:08:5B:17:1F:C9:D0
Certificate issuer: /CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Certificate serial: 01856F428FF13C425001CD9DB6E2C537BF77
Authority key identifier: 43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/TZYfPYfMtzF9iY3zikkIWxcfydA.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.2.244.0/22 maxlen: 22
185.2.244.0/24 maxlen: 24
185.2.245.0/24 maxlen: 24
185.2.246.0/24 maxlen: 24
185.2.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:8f:f1:3c:42:50:01:cd:9d:b6:e2:c5:37:bf:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d961f3d87ccb7317d898df38a49085b171fc9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:57:15:a3:70:4e:da:b0:d9:1d:e9:03:95:ac:
7e:9f:15:54:b2:e2:f3:1e:91:c0:0a:ac:22:2a:e7:
40:b0:71:c5:4c:74:58:e5:63:7b:6f:61:25:90:74:
0c:42:99:52:5f:c0:4b:ea:17:69:14:44:b9:4f:fb:
94:d7:67:e0:45:2c:af:67:34:46:14:e5:fa:d0:12:
26:84:e1:6c:92:12:76:db:13:41:8b:86:53:48:3f:
d7:8b:98:cf:99:35:24:f4:7a:89:b0:d4:85:14:90:
bc:f5:6a:bb:f7:d7:40:7b:01:53:42:8f:d7:a2:41:
dc:c8:7a:8a:a1:68:cd:d8:d0:8f:70:91:f3:c2:e9:
d7:2f:1c:3f:dd:82:07:15:07:34:8d:76:ed:1e:ac:
50:cd:d5:20:09:45:44:f0:ba:ef:0e:13:63:f8:be:
5e:e1:9b:6f:f9:b9:c0:ec:97:04:29:a5:d4:88:12:
83:96:e9:59:33:48:e6:df:6c:49:56:c6:d9:39:1a:
f5:8d:85:c3:9e:51:ba:7e:d5:a4:7c:55:0c:ce:c8:
cf:b9:df:38:8a:a1:b3:92:49:99:96:ba:78:3f:77:
16:19:17:22:0a:b4:f7:7e:2d:56:a9:df:98:43:b1:
3e:92:fd:00:28:cb:91:f2:bd:28:12:65:81:18:46:
dc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:96:1F:3D:87:CC:B7:31:7D:89:8D:F3:8A:49:08:5B:17:1F:C9:D0
X509v3 Authority Key Identifier:
keyid:43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/TZYfPYfMtzF9iY3zikkIWxcfydA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.244.0/22
Signature Algorithm: sha256WithRSAEncryption
43:c8:d5:e3:24:06:cd:3b:ef:26:38:e6:f0:d0:97:60:74:f8:
d7:d3:d0:25:02:01:c0:67:4e:01:54:02:1f:bb:95:f3:a7:76:
17:86:6a:3e:8f:e1:3f:de:a4:ea:4a:49:ba:a9:36:7a:d5:48:
02:fb:b6:9b:ff:de:0a:57:53:0e:b0:d1:cf:b2:df:58:9d:2a:
af:9d:27:d1:35:a8:ba:bf:c8:f4:ec:2a:be:19:02:c3:e1:31:
53:3d:1b:22:ce:54:8e:96:3b:f3:84:9c:25:ed:96:fc:04:b8:
50:d3:fe:94:b1:60:51:94:7e:84:0c:9a:59:72:66:49:8b:fb:
92:aa:25:27:76:00:c9:07:0a:e9:97:36:04:d2:ce:6a:f7:a4:
8a:cb:9c:69:3d:00:3a:22:b1:37:6e:a4:62:58:29:7c:35:1c:
d7:88:c1:d9:90:6e:57:6c:53:50:19:93:90:3e:62:4f:82:b0:
60:b1:0b:2c:44:93:2e:2c:6c:03:e1:52:2d:da:78:c6:99:1b:
ab:5a:32:dc:4e:e4:51:28:c9:db:81:51:40:9e:87:80:a4:f3:
bb:04:2b:31:ed:d5:1d:c4:34:15:ff:ec:73:fc:5a:29:b3:35:
11:ef:8a:25:8f:17:83:56:86:46:2b:48:6a:6d:87:75:11:bb:
6e:19:d6:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQo/xPEJQAc2dtuLFN793MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWYyZTk4N2QyYjYzYWRkYWE1YWRjMTc4ZjMxZTkwZDg3
NmFhYTcwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk2MWYzZDg3Y2NiNzMxN2Q4OThkZjM4YTQ5MDg1YjE3MWZjOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVcVo3BO2rDZHekDlax+nxVUsuLz
HpHACqwiKudAsHHFTHRY5WN7b2ElkHQMQplSX8BL6hdpFES5T/uU12fgRSyvZzRG
FOX60BImhOFskhJ22xNBi4ZTSD/Xi5jPmTUk9HqJsNSFFJC89Wq799dAewFTQo/X
okHcyHqKoWjN2NCPcJHzwunXLxw/3YIHFQc0jXbtHqxQzdUgCUVE8LrvDhNj+L5e
4Ztv+bnA7JcEKaXUiBKDlulZM0jm32xJVsbZORr1jYXDnlG6ftWkfFUMzsjPud84
iqGzkkmZlrp4P3cWGRciCrT3fi1Wqd+YQ7E+kv0AKMuR8r0oEmWBGEbc1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2WHz2HzLcxfYmN84pJCFsXH8nQMB8GA1UdIwQY
MBaAFEOvLph9K2Ot2qWtwXjzHpDYdqqnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3Yzgt
Y2M3NzQ2NzE5NDA2LzEvVFpZZlBZZk10ekY5aVkzemlra0lXeGNmeWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3YzgtY2M3NzQ2NzE5NDA2
LzEvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQL0MA0G
CSqGSIb3DQEBCwUAA4IBAQBDyNXjJAbNO+8mOObw0JdgdPjX09AlAgHAZ04BVAIf
u5Xzp3YXhmo+j+E/3qTqSkm6qTZ61UgC+7ab/94KV1MOsNHPst9YnSqvnSfRNai6
v8j07Cq+GQLD4TFTPRsizlSOljvzhJwl7Zb8BLhQ0/6UsWBRlH6EDJpZcmZJi/uS
qiUndgDJBwrplzYE0s5q96SKy5xpPQA6IrE3bqRiWCl8NRzXiMHZkG5XbFNQGZOQ
PmJPgrBgsQssRJMuLGwD4VIt2njGmRurWjLcTuRRKMnbgVFAnoeApPO7BCsx7dUd
xDQV/+xz/FopszUR74oljxeDVoZGK0hqbYd1EbtuGdaV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:06 2024 by rpki-client on console-ams.rpki-client.org