Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/2R3Lr2ukyZ_wjQj_prfVCMcFn30.roa
File: 2R3Lr2ukyZ_wjQj_prfVCMcFn30.roa (raw, json)
Hash identifier: 1fSFqQUolwGGe0jxceADN/ObVeoK3EH3ck8TGzG5hsg=
Subject key identifier: D9:1D:CB:AF:6B:A4:C9:9F:F0:8D:08:FF:A6:B7:D5:08:C7:05:9F:7D
Certificate issuer: /CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Certificate serial: 0189A7E32392A22EBE759D0B5BA4CEF56AB8
Authority key identifier: FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/2R3Lr2ukyZ_wjQj_prfVCMcFn30.roa
Signing time: Sun 30 Jul 2023 17:40:28 +0000
ROA not before: Sun 30 Jul 2023 17:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207203
IP address blocks: 185.238.32.0/22 maxlen: 22
45.156.240.0/24 maxlen: 24
45.156.240.0/22 maxlen: 22
45.153.140.0/22 maxlen: 22
185.82.120.0/22 maxlen: 22
185.39.172.0/22 maxlen: 22
2a04:7700::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a7:e3:23:92:a2:2e:be:75:9d:0b:5b:a4:ce:f5:6a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Validity
Not Before: Jul 30 17:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d91dcbaf6ba4c99ff08d08ffa6b7d508c7059f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9e:a3:98:dd:22:54:d9:cb:a9:39:57:41:50:
27:6b:1d:6f:87:9a:ac:35:fe:03:ca:b9:f7:de:1b:
04:45:10:18:f0:f7:fc:88:6d:c9:64:fb:fe:be:6d:
7a:dc:2a:55:d7:f6:27:e9:e3:29:73:43:c0:92:07:
37:35:2b:9b:e6:c5:ad:c7:b7:20:04:6f:4c:85:be:
0c:0c:fb:f0:32:b2:6b:18:e1:f8:06:e5:40:81:c1:
8c:32:3d:99:1c:7a:d3:48:6b:93:ae:52:06:b4:fc:
d1:62:81:85:bc:22:11:0d:44:f0:1f:90:0f:79:96:
fa:93:e5:c7:e8:f5:0b:66:93:c1:d8:70:9d:0a:88:
8c:63:5a:e0:df:00:9a:2e:07:e8:cb:16:6d:04:21:
e4:21:67:54:96:b8:b9:92:b2:9b:dc:ef:89:f8:fe:
5c:5f:07:80:ff:1c:da:24:04:cb:ef:77:c5:0f:42:
a9:c9:16:65:75:af:74:cd:58:ca:22:e4:76:1a:0e:
35:40:84:c2:1c:10:16:2b:c5:a6:20:99:b8:dd:83:
8a:45:72:cb:84:f7:19:3b:76:28:f2:34:39:65:85:
49:b0:6d:f4:cd:38:17:01:cf:40:f0:8e:b1:41:b7:
b5:75:29:a1:66:14:63:b6:e4:a0:99:00:85:17:60:
fa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1D:CB:AF:6B:A4:C9:9F:F0:8D:08:FF:A6:B7:D5:08:C7:05:9F:7D
X509v3 Authority Key Identifier:
keyid:FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/2R3Lr2ukyZ_wjQj_prfVCMcFn30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.140.0/22
45.156.240.0/22
185.39.172.0/22
185.82.120.0/22
185.238.32.0/22
IPv6:
2a04:7700::/29
Signature Algorithm: sha256WithRSAEncryption
c2:9b:c5:07:22:01:1d:4b:cc:20:b4:2e:54:f9:bc:82:d5:74:
d2:c8:a0:e9:16:49:f3:aa:3f:d0:01:c8:49:60:d7:1f:30:90:
f2:27:33:23:25:8b:1f:b0:d9:72:f2:2a:d7:d0:7d:e4:cc:b8:
dc:e0:fa:c4:33:df:12:49:1d:fb:2c:40:07:4d:cf:11:a5:05:
2d:6a:99:7d:ce:b6:eb:96:d6:5b:4d:52:08:db:bb:d6:1f:dd:
ec:a7:2b:5b:2f:ed:99:f1:9f:5f:99:c2:41:d2:17:af:05:75:
99:7a:f7:75:dd:fc:52:43:7b:1d:69:71:88:b7:06:df:ae:76:
cc:37:75:41:2f:29:cf:15:c1:e1:76:14:c4:6b:02:ed:a6:93:
b0:30:f7:07:72:bf:96:29:13:a5:74:03:73:8c:8d:cd:61:df:
2e:cf:70:a2:b1:22:1a:fd:e5:bd:8d:1a:a2:bb:1f:f2:68:3a:
3a:ce:cd:e4:95:21:65:4e:31:8c:d7:33:0a:9c:d6:80:45:ca:
a0:b7:8b:fe:ac:0d:7f:3e:ff:9a:06:d9:6d:5d:64:68:82:25:
34:a4:58:df:ce:af:ba:27:38:1c:11:5e:b6:38:cd:1e:d8:08:
f6:2d:84:26:1d:ed:cf:22:d6:b8:4b:5f:66:63:e3:58:7e:c2:
dd:87:82:62
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYmn4yOSoi6+dZ0LW6TO9Wq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2QwMjMzODA4NTcwZTMxZmZiMmZjZGUxYjg3NzA3MWNi
YzY2MDMwHhcNMjMwNzMwMTc0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTFkY2JhZjZiYTRjOTlmZjA4ZDA4ZmZhNmI3ZDUwOGM3MDU5ZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ6jmN0iVNnLqTlXQVAnax1vh5qs
Nf4Dyrn33hsERRAY8Pf8iG3JZPv+vm163CpV1/Yn6eMpc0PAkgc3NSub5sWtx7cg
BG9Mhb4MDPvwMrJrGOH4BuVAgcGMMj2ZHHrTSGuTrlIGtPzRYoGFvCIRDUTwH5AP
eZb6k+XH6PULZpPB2HCdCoiMY1rg3wCaLgfoyxZtBCHkIWdUlri5krKb3O+J+P5c
XweA/xzaJATL73fFD0KpyRZlda90zVjKIuR2Gg41QITCHBAWK8WmIJm43YOKRXLL
hPcZO3Yo8jQ5ZYVJsG30zTgXAc9A8I6xQbe1dSmhZhRjtuSgmQCFF2D6cwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFNkdy69rpMmf8I0I/6a31QjHBZ99MB8GA1UdIwQY
MBaAFPvNAjOAhXDjH/svzeG4dwccvGYDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04MENNNENGY09NZi15X040YmgzQnh5OFpnTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3
LTYxZDczMzNmODU3MC8xLzJSM0xyMnVreVpfd2pRal9wcmZWQ01jRm4zMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3LTYxZDczMzNmODU3
MC8xLzEtODBDTTRDRmNPTWYteV9ONGJoM0J4eThaZ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAItmYwD
BAItnPADBAK5J6wDBAK5UngDBAK57iAwDQQCAAIwBwMFAyoEdwAwDQYJKoZIhvcN
AQELBQADggEBAMKbxQciAR1LzCC0LlT5vILVdNLIoOkWSfOqP9AByElg1x8wkPIn
MyMlix+w2XLyKtfQfeTMuNzg+sQz3xJJHfssQAdNzxGlBS1qmX3OtuuW1ltNUgjb
u9Yf3eynK1sv7Znxn1+ZwkHSF68FdZl693Xd/FJDex1pcYi3Bt+udsw3dUEvKc8V
weF2FMRrAu2mk7Aw9wdyv5YpE6V0A3OMjc1h3y7PcKKxIhr95b2NGqK7H/JoOjrO
zeSVIWVOMYzXMwqc1oBFyqC3i/6sDX8+/5oG2W1dZGiCJTSkWN/Or7onOBwRXrY4
zR7YCPYthCYd7c8i1rhLX2Zj41h+wt2HgmI=
Generated at Mon Jul 31 04:24:05 2023 by rpki-client on console-ams.rpki-client.org