Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/zmetGPbue5SzBZvI0hV--wY8UuI.roa
File: zmetGPbue5SzBZvI0hV--wY8UuI.roa (raw, json)
Hash identifier: jTZzvH8d+RpVAkRl23/3pA2bRILl+TM6HuNyeNjoTnc=
Subject key identifier: CE:67:AD:18:F6:EE:7B:94:B3:05:9B:C8:D2:15:7E:FB:06:3C:52:E2
Certificate issuer: /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial: 0192425264A878A2639F169477604D304B70
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/zmetGPbue5SzBZvI0hV--wY8UuI.roa
Signing time: Mon 30 Sep 2024 09:45:48 +0000
ROA not before: Mon 30 Sep 2024 09:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2872
IP address blocks: 2.58.40.0/24 maxlen: 24
2.58.41.0/24 maxlen: 24
2.58.42.0/24 maxlen: 24
45.115.92.0/22 maxlen: 22
45.115.92.0/24 maxlen: 24
45.115.93.0/24 maxlen: 24
45.115.94.0/24 maxlen: 24
45.115.95.0/24 maxlen: 24
89.43.206.0/24 maxlen: 24
89.43.207.0/24 maxlen: 24
185.123.0.0/22 maxlen: 22
185.123.0.0/24 maxlen: 24
185.123.1.0/24 maxlen: 24
185.123.2.0/24 maxlen: 24
185.123.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 09:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:52:64:a8:78:a2:63:9f:16:94:77:60:4d:30:4b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Validity
Not Before: Sep 30 09:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce67ad18f6ee7b94b3059bc8d2157efb063c52e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:34:5b:bb:33:72:a5:4b:c3:20:50:4f:e2:
0b:6c:ea:cc:a3:4e:c3:9b:54:79:c2:d5:04:43:4d:
55:85:e3:31:16:5b:cc:06:2f:d7:b4:f5:94:40:9e:
f7:89:86:e2:6b:1f:d9:f5:4d:d0:52:11:52:3b:56:
b6:ba:37:e8:89:e4:72:06:c8:62:35:80:30:d1:e5:
b0:ab:4e:ca:7a:ac:45:fb:22:91:f8:cd:49:49:1e:
70:ba:e1:d9:fc:10:3a:83:1b:af:2b:7f:29:36:38:
6c:91:c7:41:01:98:d1:d4:15:b3:7c:2a:24:3d:b4:
16:97:47:a2:65:98:70:76:14:6f:bb:a9:a9:e9:b3:
39:24:e4:b0:95:12:a0:88:66:10:3b:a9:ef:b1:24:
7d:13:c0:5e:80:70:7a:45:52:54:00:e0:14:b8:4e:
b8:8f:0f:4d:33:33:c6:4e:1d:52:bd:c2:d1:b2:8f:
d8:07:c5:86:5e:6d:0c:8d:a7:2a:32:8a:df:0f:b4:
88:0b:b3:14:51:16:3d:54:4e:6a:3a:3f:9a:d7:21:
d7:0f:2a:0c:80:c0:4a:d4:e9:18:70:1b:f2:06:88:
40:15:1a:57:b6:22:b9:63:a2:00:1e:21:85:59:23:
e8:ca:21:d3:1d:43:a1:3c:f0:08:4b:94:43:c9:8d:
ef:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:67:AD:18:F6:EE:7B:94:B3:05:9B:C8:D2:15:7E:FB:06:3C:52:E2
X509v3 Authority Key Identifier:
keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/zmetGPbue5SzBZvI0hV--wY8UuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.40.0-2.58.42.255
45.115.92.0/22
89.43.206.0/23
185.123.0.0/22
Signature Algorithm: sha256WithRSAEncryption
13:a8:c6:cb:e5:5f:86:c3:51:d9:9b:f2:ca:c9:3e:d8:71:63:
0a:4d:d2:cd:3a:d4:1e:22:a6:9c:84:e2:0a:2a:fe:28:68:58:
c2:1b:08:a5:0e:10:30:b3:d1:e8:62:2d:0e:0c:e5:d6:dc:d8:
2d:1f:41:fc:59:09:f6:dd:70:b9:49:23:ba:36:7d:5b:f2:c5:
94:49:9b:22:e0:6c:c2:34:95:14:b5:4a:22:26:76:8c:99:6f:
9d:df:11:88:5f:d5:e6:b0:88:ea:83:d3:38:0a:52:25:25:32:
86:28:1c:9c:22:b0:9e:5d:1e:83:6f:83:c9:79:4e:39:52:7b:
3e:9d:a2:20:92:db:09:0f:9f:b1:0e:c0:4b:d4:bf:53:67:ee:
99:f7:df:d4:e6:56:14:3d:73:0f:74:bc:46:fb:5f:df:9a:6c:
32:ea:e8:92:7e:5f:a5:60:6e:19:0d:e2:13:35:51:c8:fa:d5:
0b:e8:83:71:c2:4a:8d:65:da:d5:0a:78:49:dd:b8:e8:a5:6d:
1a:b3:79:50:76:5e:e9:08:3c:a8:86:8b:1f:97:cf:76:ac:71:
6a:4c:fa:ce:ed:81:ae:de:8b:54:62:5f:6d:76:c2:7d:f2:ff:
e0:da:60:04:76:49:36:13:52:8a:43:43:d0:d8:b4:d6:a1:cf:
71:d2:a9:e1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJCUmSoeKJjnxaUd2BNMEtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2
Yjc3NGMwHhcNMjQwOTMwMDk0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTY3YWQxOGY2ZWU3Yjk0YjMwNTliYzhkMjE1N2VmYjA2M2M1MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx40W7szcqVLwyBQT+ILbOrMo07D
m1R5wtUEQ01VheMxFlvMBi/XtPWUQJ73iYbiax/Z9U3QUhFSO1a2ujfoieRyBshi
NYAw0eWwq07KeqxF+yKR+M1JSR5wuuHZ/BA6gxuvK38pNjhskcdBAZjR1BWzfCok
PbQWl0eiZZhwdhRvu6mp6bM5JOSwlRKgiGYQO6nvsSR9E8BegHB6RVJUAOAUuE64
jw9NMzPGTh1SvcLRso/YB8WGXm0MjacqMorfD7SIC7MUURY9VE5qOj+a1yHXDyoM
gMBK1OkYcBvyBohAFRpXtiK5Y6IAHiGFWSPoyiHTHUOhPPAIS5RDyY3vmwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM5nrRj27nuUswWbyNIVfvsGPFLiMB8GA1UdIwQY
MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt
MTc3OGJhMjVkOGI5LzEvem1ldEdQYnVlNVN6Qlp2STBoVi0td1k4VXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5
LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAMCOigD
BAACOioDBAItc1wDBAFZK84DBAK5ewAwDQYJKoZIhvcNAQELBQADggEBABOoxsvl
X4bDUdmb8srJPthxYwpN0s061B4ippyE4goq/ihoWMIbCKUOEDCz0ehiLQ4M5dbc
2C0fQfxZCfbdcLlJI7o2fVvyxZRJmyLgbMI0lRS1SiImdoyZb53fEYhf1eawiOqD
0zgKUiUlMoYoHJwisJ5dHoNvg8l5TjlSez6doiCS2wkPn7EOwEvUv1Nn7pn339Tm
VhQ9cw90vEb7X9+abDLq6JJ+X6VgbhkN4hM1Ucj61Qvog3HCSo1l2tUKeEnduOil
bRqzeVB2XukIPKiGix+Xz3ascWpM+s7tga7ei1RiX212wn3y/+DaYAR2STYTUopD
Q9DYtNahz3HSqeE=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:18:31 2025 by rpki-client