Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/2xuUfoSd8wVdYb-duLJ4106e4zg.roa
File: 2xuUfoSd8wVdYb-duLJ4106e4zg.roa (raw, json)
Hash identifier: 6g99JKNjBlWKrUpEBR5Y6gR4DHA+DfgFnZpJb3ymQOI=
Subject key identifier: DB:1B:94:7E:84:9D:F3:05:5D:61:BF:9D:B8:B2:78:D7:4E:9E:E3:38
Certificate issuer: /CN=3238786e9f70e6db74230d72675a483bd24ef256
Certificate serial: 01856E6FA5A1BF9CE3CE2A8975631810F739
Authority key identifier: 32:38:78:6E:9F:70:E6:DB:74:23:0D:72:67:5A:48:3B:D2:4E:F2:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/2xuUfoSd8wVdYb-duLJ4106e4zg.roa
Signing time: Sun 01 Jan 2023 17:44:48 +0000
ROA not before: Sun 01 Jan 2023 17:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204562
IP address blocks: 185.245.240.0/22 maxlen: 24
2a0d:6e80::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a5:a1:bf:9c:e3:ce:2a:89:75:63:18:10:f7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3238786e9f70e6db74230d72675a483bd24ef256
Validity
Not Before: Jan 1 17:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db1b947e849df3055d61bf9db8b278d74e9ee338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:40:19:1a:7e:f5:dc:ee:bd:49:22:7c:1e:ac:
cf:74:45:ce:d2:13:5a:61:cf:a6:fc:d1:0e:88:c1:
f7:40:d7:30:1e:e7:3b:07:3a:1e:0d:76:f1:c6:e4:
43:b7:ba:c3:48:af:34:24:33:95:4e:2a:2d:09:02:
84:0f:64:f4:12:c4:21:02:cc:c8:e0:80:e9:47:4d:
0a:2d:90:52:ff:b6:66:55:a7:d2:8c:da:b3:c3:fb:
ae:00:e6:ff:3f:b4:61:ca:82:ac:78:d7:39:b1:a9:
04:8b:26:bb:bb:d1:a8:25:9f:3b:06:09:ae:e3:8d:
b7:dc:39:86:54:4b:bf:6c:db:83:a9:8a:17:b6:08:
fd:01:9a:b5:0d:61:0b:47:61:96:8f:08:9b:41:98:
fa:e2:d1:b9:19:6f:49:72:ad:e6:ff:a1:41:46:fc:
0b:d1:56:0e:1a:82:9e:9a:91:61:40:9b:3f:ab:bf:
5f:bd:04:28:f2:a7:38:6c:b8:19:b0:a7:13:da:c9:
6e:ac:18:4b:d2:fe:4a:f9:2a:2c:0c:c6:84:e7:c6:
13:a7:89:8e:32:7f:55:dd:5d:3d:d3:a4:cb:08:a9:
b8:d3:68:e4:f8:40:c6:8b:38:38:b0:f3:1c:9b:dc:
75:6a:bc:78:1e:73:65:4a:03:fa:9d:34:cf:90:8f:
f9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1B:94:7E:84:9D:F3:05:5D:61:BF:9D:B8:B2:78:D7:4E:9E:E3:38
X509v3 Authority Key Identifier:
keyid:32:38:78:6E:9F:70:E6:DB:74:23:0D:72:67:5A:48:3B:D2:4E:F2:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/2xuUfoSd8wVdYb-duLJ4106e4zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.240.0/22
IPv6:
2a0d:6e80::/29
Signature Algorithm: sha256WithRSAEncryption
9a:ff:65:f7:3c:18:bb:51:17:ce:2b:88:17:14:9a:83:ae:c0:
64:bb:b1:da:f0:3a:ed:9d:14:d5:cf:9f:5e:1d:42:f2:dc:32:
05:9c:96:41:51:28:57:5e:cb:78:39:48:d2:76:2c:a1:2e:04:
a2:b1:8e:aa:24:c0:4d:0f:60:8c:d6:a9:1c:f5:1d:d9:59:95:
3a:11:fc:dc:d1:16:93:1d:5d:4c:9b:36:ef:7d:43:54:69:42:
b2:93:81:a8:e5:36:27:6f:55:eb:aa:e3:28:e6:30:2a:06:cd:
9a:ab:58:40:63:9f:f9:4d:29:1d:2b:79:d7:fe:89:00:85:92:
80:00:25:4f:9b:61:8c:28:fa:d3:42:5f:9c:fc:83:f1:c8:ff:
b8:04:0e:ea:cc:6d:01:07:22:92:f0:3e:79:91:06:49:31:9f:
b9:7a:55:8e:2c:f9:69:4d:78:86:13:73:08:22:00:cf:66:5f:
4b:f5:aa:2d:0c:f3:a8:bf:03:e3:ca:16:90:42:4f:37:d0:ea:
9f:a1:df:fa:ce:4b:f6:35:36:36:66:7d:d2:d0:60:a5:2a:46:
8a:38:1a:ed:f2:93:80:c2:ba:33:3b:b5:b8:ff:3a:2c:f2:68:
ca:60:d4:5b:d2:1c:bd:bd:65:d7:e3:be:d2:e8:a0:30:51:92:
1d:b1:de:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVub6Whv5zjziqJdWMYEPc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMzg3ODZlOWY3MGU2ZGI3NDIzMGQ3MjY3NWE0ODNiZDI0
ZWYyNTYwHhcNMjMwMTAxMTc0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFiOTQ3ZTg0OWRmMzA1NWQ2MWJmOWRiOGIyNzhkNzRlOWVlMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikAZGn713O69SSJ8HqzPdEXO0hNa
Yc+m/NEOiMH3QNcwHuc7BzoeDXbxxuRDt7rDSK80JDOVTiotCQKED2T0EsQhAszI
4IDpR00KLZBS/7ZmVafSjNqzw/uuAOb/P7RhyoKseNc5sakEiya7u9GoJZ87Bgmu
44233DmGVEu/bNuDqYoXtgj9AZq1DWELR2GWjwibQZj64tG5GW9Jcq3m/6FBRvwL
0VYOGoKempFhQJs/q79fvQQo8qc4bLgZsKcT2slurBhL0v5K+SosDMaE58YTp4mO
Mn9V3V0906TLCKm402jk+EDGizg4sPMcm9x1arx4HnNlSgP6nTTPkI/5DwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNsblH6EnfMFXWG/nbiyeNdOnuM4MB8GA1UdIwQY
MBaAFDI4eG6fcObbdCMNcmdaSDvSTvJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpoNGJwOXc1dHQwSXcxeVoxcElPOUpPOGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85YTk1MDYtMjBkNC00YWI3LWI1NjMt
ZTJkM2Q5NGNjMjM4LzEvMnh1VWZvU2Q4d1ZkWWItZHVMSjQxMDZlNHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85YTk1MDYtMjBkNC00YWI3LWI1NjMtZTJkM2Q5NGNjMjM4
LzEvTWpoNGJwOXc1dHQwSXcxeVoxcElPOUpPOGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufXwMA0E
AgACMAcDBQMqDW6AMA0GCSqGSIb3DQEBCwUAA4IBAQCa/2X3PBi7URfOK4gXFJqD
rsBku7Ha8DrtnRTVz59eHULy3DIFnJZBUShXXst4OUjSdiyhLgSisY6qJMBND2CM
1qkc9R3ZWZU6Efzc0RaTHV1MmzbvfUNUaUKyk4Go5TYnb1XrquMo5jAqBs2aq1hA
Y5/5TSkdK3nX/okAhZKAACVPm2GMKPrTQl+c/IPxyP+4BA7qzG0BByKS8D55kQZJ
MZ+5elWOLPlpTXiGE3MIIgDPZl9L9aotDPOovwPjyhaQQk830Oqfod/6zkv2NTY2
Zn3S0GClKkaKOBrt8pOAwrozO7W4/zos8mjKYNRb0hy9vWXX477S6KAwUZIdsd5L
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:39 2024 by rpki-client on console-ams.rpki-client.org