Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/ZQRDRDkiM08IcKBYr4mYz3GmmYg.roa
File: ZQRDRDkiM08IcKBYr4mYz3GmmYg.roa (raw, json)
Hash identifier: 0Frl/3Bf/uFqGKj1fzEddrZmFLpi0VjWZdVvtLXLW6U=
Subject key identifier: 65:04:43:44:39:22:33:4F:08:70:A0:58:AF:89:98:CF:71:A6:99:88
Certificate issuer: /CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Certificate serial: 01856F4291A1017863700069ADCD7B31418B
Authority key identifier: 43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/ZQRDRDkiM08IcKBYr4mYz3GmmYg.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60185
IP address blocks: 185.2.245.0/24 maxlen: 24
185.2.244.0/23 maxlen: 23
185.2.244.0/22 maxlen: 22
185.2.246.0/24 maxlen: 24
185.2.246.0/23 maxlen: 23
185.2.244.0/24 maxlen: 24
185.2.247.0/24 maxlen: 24
2a02:4440::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:91:a1:01:78:63:70:00:69:ad:cd:7b:31:41:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=650443443922334f0870a058af8998cf71a69988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8b:5b:fc:fe:76:de:c1:6e:6a:8f:4d:c3:79:
76:ef:21:32:6a:36:14:84:91:9e:87:26:a5:5f:50:
4d:0f:71:6f:e4:28:2c:e9:cb:cf:e5:02:42:ea:9e:
c1:ce:f7:21:d3:e9:63:d6:63:00:68:2c:06:63:c3:
d9:be:d8:60:b9:19:d5:c3:30:62:68:df:16:14:3b:
53:56:ed:fe:3e:0e:1a:c3:a2:64:3c:80:16:40:11:
83:97:9f:90:45:64:f2:21:5b:96:03:53:ed:1c:a5:
13:23:37:4b:b9:8b:0a:53:28:60:bf:d1:e6:89:f8:
ba:06:ce:80:79:41:ce:f5:13:c1:fc:f9:e8:ef:e9:
78:e2:47:9b:34:92:11:a4:1e:51:1b:4c:ea:9a:59:
49:35:37:0f:fc:2d:52:ec:0d:68:b6:3f:fa:8d:c8:
dc:3b:d5:46:1b:49:cd:08:f4:44:2b:59:dc:22:38:
b8:96:2d:1c:48:be:46:ba:e9:c7:ef:a0:9b:3a:1e:
2a:e6:10:2e:a1:67:7d:7d:74:4d:c3:c3:f6:11:0b:
2f:1c:6a:28:20:59:99:6f:2e:4d:08:f2:17:c8:04:
cd:a3:44:37:84:5a:e9:f5:de:ad:5e:c5:71:a1:45:
33:a7:f8:6b:41:47:24:3a:16:5d:a5:f0:46:de:da:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:04:43:44:39:22:33:4F:08:70:A0:58:AF:89:98:CF:71:A6:99:88
X509v3 Authority Key Identifier:
keyid:43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/ZQRDRDkiM08IcKBYr4mYz3GmmYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.244.0/22
IPv6:
2a02:4440::/32
Signature Algorithm: sha256WithRSAEncryption
64:59:13:5d:09:68:c9:53:ee:da:ea:df:19:d1:d0:45:bc:a7:
6c:10:6f:fc:3f:5f:b2:26:80:ff:df:7b:9a:35:20:f2:59:bc:
73:28:e6:bd:f5:45:7b:f0:2f:2e:3a:40:a4:ed:f3:5a:c4:ad:
16:58:2b:e9:f5:8b:db:aa:a8:d3:5f:68:20:20:69:31:65:8a:
4d:f7:4d:08:5c:4d:b9:0d:36:ed:da:07:9d:6f:97:1c:44:34:
ec:75:f2:15:c3:a1:50:50:e6:20:69:99:a1:85:e5:e7:e6:21:
fa:65:70:6c:a3:80:6e:ac:c5:e3:f3:fe:e3:58:34:d5:25:f8:
05:fd:24:9e:ae:ff:1a:b3:bc:e0:9e:01:df:4f:19:38:8a:5e:
4b:1e:1c:d3:ec:4e:29:70:87:ab:df:c1:f6:c1:f2:32:94:b5:
31:fd:39:9c:33:67:0e:cf:be:6b:cb:7d:c8:81:c3:fb:8a:01:
fc:86:f5:16:6a:1e:f2:f8:22:70:c0:e2:84:6a:6b:87:ad:a9:
d9:9c:eb:65:69:26:27:5e:a8:06:7d:5c:87:e6:c8:0a:c2:39:
97:12:0e:e7:82:60:af:ea:b3:02:1b:e1:bd:c4:7c:ce:0c:31:
6c:90:c6:70:46:e8:6d:6f:58:5e:42:1b:a0:01:f5:5d:7d:9b:
2d:0d:16:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQpGhAXhjcABprc17MUGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWYyZTk4N2QyYjYzYWRkYWE1YWRjMTc4ZjMxZTkwZDg3
NmFhYTcwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTA0NDM0NDM5MjIzMzRmMDg3MGEwNThhZjg5OThjZjcxYTY5OTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmItb/P523sFuao9Nw3l27yEyajYU
hJGehyalX1BND3Fv5Cgs6cvP5QJC6p7Bzvch0+lj1mMAaCwGY8PZvthguRnVwzBi
aN8WFDtTVu3+Pg4aw6JkPIAWQBGDl5+QRWTyIVuWA1PtHKUTIzdLuYsKUyhgv9Hm
ifi6Bs6AeUHO9RPB/Pno7+l44kebNJIRpB5RG0zqmllJNTcP/C1S7A1otj/6jcjc
O9VGG0nNCPREK1ncIji4li0cSL5GuunH76CbOh4q5hAuoWd9fXRNw8P2EQsvHGoo
IFmZby5NCPIXyATNo0Q3hFrp9d6tXsVxoUUzp/hrQUckOhZdpfBG3tqdcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGUEQ0Q5IjNPCHCgWK+JmM9xppmIMB8GA1UdIwQY
MBaAFEOvLph9K2Ot2qWtwXjzHpDYdqqnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3Yzgt
Y2M3NzQ2NzE5NDA2LzEvWlFSRFJEa2lNMDhJY0tCWXI0bVl6M0dtbVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3YzgtY2M3NzQ2NzE5NDA2
LzEvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQL0MA0E
AgACMAcDBQAqAkRAMA0GCSqGSIb3DQEBCwUAA4IBAQBkWRNdCWjJU+7a6t8Z0dBF
vKdsEG/8P1+yJoD/33uaNSDyWbxzKOa99UV78C8uOkCk7fNaxK0WWCvp9YvbqqjT
X2ggIGkxZYpN900IXE25DTbt2gedb5ccRDTsdfIVw6FQUOYgaZmhheXn5iH6ZXBs
o4BurMXj8/7jWDTVJfgF/SServ8as7zgngHfTxk4il5LHhzT7E4pcIer38H2wfIy
lLUx/TmcM2cOz75ry33IgcP7igH8hvUWah7y+CJwwOKEamuHranZnOtlaSYnXqgG
fVyH5sgKwjmXEg7ngmCv6rMCG+G9xHzODDFskMZwRuhtb1heQhugAfVdfZstDRaD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:07 2024 by rpki-client on console-ams.rpki-client.org