Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/d73ac9-3d65-4e2d-8bbf-e034f65e7f60/1/2T4o0fhKll4VMzny2OMIejkj1PY.roa
File: 2T4o0fhKll4VMzny2OMIejkj1PY.roa (raw, json)
Hash identifier: 6QAgCFMkwfEOew6NwI+Rnq7He4TlZaDEIX0ZK/CcoLE=
Subject key identifier: D9:3E:28:D1:F8:4A:96:5E:15:33:39:F2:D8:E3:08:7A:39:23:D4:F6
Certificate issuer: /CN=644cdbae84b26a8484b10c00ebfdfbcb4990c157
Certificate serial: 01856CA5DE0B22A17305E6F92D27D1515D5A
Authority key identifier: 64:4C:DB:AE:84:B2:6A:84:84:B1:0C:00:EB:FD:FB:CB:49:90:C1:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZEzbroSyaoSEsQwA6_37y0mQwVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/d73ac9-3d65-4e2d-8bbf-e034f65e7f60/1/2T4o0fhKll4VMzny2OMIejkj1PY.roa
Signing time: Sun 01 Jan 2023 09:24:47 +0000
ROA not before: Sun 01 Jan 2023 09:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31167
IP address blocks: 185.244.18.0/24 maxlen: 24
185.244.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:de:0b:22:a1:73:05:e6:f9:2d:27:d1:51:5d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=644cdbae84b26a8484b10c00ebfdfbcb4990c157
Validity
Not Before: Jan 1 09:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d93e28d1f84a965e153339f2d8e3087a3923d4f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c7:e4:07:5d:4b:c3:5b:e8:5a:bc:79:23:b2:
7b:4f:1c:74:4c:f5:ad:10:e7:4c:58:cb:40:37:c6:
a8:2d:c3:fb:f1:94:d0:45:52:66:18:da:40:ff:8d:
ad:cb:37:34:bb:d0:02:b5:26:00:70:33:bd:07:ec:
3a:96:dc:29:ca:3f:b9:57:3e:50:09:97:f5:bd:68:
c6:d6:b9:fa:71:a9:99:08:01:db:b4:c8:db:92:b8:
22:fc:a2:2d:09:c2:9b:26:5b:35:bf:4c:12:41:38:
ae:f7:56:c5:ca:94:65:a6:bd:f5:42:3f:12:5a:51:
d7:7f:87:b7:ec:4f:5e:c8:7e:ee:2c:fa:e8:a9:48:
5d:af:54:ce:24:d8:f1:63:04:53:4d:3e:81:bd:5a:
09:b5:60:59:1b:eb:26:5a:6b:d8:95:70:00:b9:16:
cf:16:21:bb:e3:16:43:2e:6d:03:02:e3:e1:1e:f6:
ca:57:30:8e:a8:74:4c:77:06:c2:43:8f:07:6a:b1:
3c:28:b3:ae:e1:bc:5f:8f:3d:d5:21:73:f5:52:ea:
53:8a:d9:0d:0a:23:e2:46:f1:ec:19:eb:c1:18:c9:
4b:7e:b5:e6:0a:2c:30:4f:89:a0:a4:04:cc:3b:88:
66:ec:4a:18:c8:7d:35:27:ca:69:5c:b2:1c:e5:53:
ba:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3E:28:D1:F8:4A:96:5E:15:33:39:F2:D8:E3:08:7A:39:23:D4:F6
X509v3 Authority Key Identifier:
keyid:64:4C:DB:AE:84:B2:6A:84:84:B1:0C:00:EB:FD:FB:CB:49:90:C1:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZEzbroSyaoSEsQwA6_37y0mQwVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/d73ac9-3d65-4e2d-8bbf-e034f65e7f60/1/2T4o0fhKll4VMzny2OMIejkj1PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/d73ac9-3d65-4e2d-8bbf-e034f65e7f60/1/ZEzbroSyaoSEsQwA6_37y0mQwVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.18.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:90:c8:be:b1:36:22:43:fd:55:72:eb:c7:41:c5:fd:a0:93:
a9:1f:c1:98:40:92:b4:28:a5:34:07:34:2a:e0:1c:e4:c6:a2:
5d:7a:99:99:23:09:37:da:c7:76:4d:c7:55:d7:04:98:c7:b4:
21:2a:c3:dd:0b:68:b1:0d:b6:90:25:d4:13:a6:89:c1:8f:cd:
24:f4:40:54:d4:9e:0a:ad:47:80:70:cc:f2:f4:18:d1:02:60:
e5:74:80:43:7d:95:0b:eb:fc:d9:2a:25:3d:06:a7:66:84:3f:
45:3a:88:e4:4e:8b:8f:e4:a5:6e:f9:bb:04:8f:b6:a1:b3:56:
69:bf:28:e0:0d:02:ef:a7:fb:46:c5:ef:10:9c:35:99:cc:cf:
fe:40:8f:ce:78:27:50:53:ee:ff:6a:e3:b6:bb:bb:87:ad:d8:
6d:5b:20:fe:07:4c:76:95:08:bb:01:5a:2c:fd:2e:be:1b:71:
4d:1a:63:b6:a9:18:20:fc:29:13:66:f5:14:3b:f7:08:96:d2:
cc:ca:3e:09:ad:5b:69:e1:03:4c:c2:f0:e3:f4:fe:e0:4a:91:
55:74:06:ab:86:c4:21:08:ba:58:23:75:4a:fe:b7:22:7f:0e:
29:c7:f7:24:51:67:26:78:59:2c:c3:01:c5:23:e3:20:de:3e:
73:c0:51:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVspd4LIqFzBeb5LSfRUV1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NGNkYmFlODRiMjZhODQ4NGIxMGMwMGViZmRmYmNiNDk5
MGMxNTcwHhcNMjMwMTAxMDkyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNlMjhkMWY4NGE5NjVlMTUzMzM5ZjJkOGUzMDg3YTM5MjNkNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsfkB11Lw1voWrx5I7J7Txx0TPWt
EOdMWMtAN8aoLcP78ZTQRVJmGNpA/42tyzc0u9ACtSYAcDO9B+w6ltwpyj+5Vz5Q
CZf1vWjG1rn6camZCAHbtMjbkrgi/KItCcKbJls1v0wSQTiu91bFypRlpr31Qj8S
WlHXf4e37E9eyH7uLProqUhdr1TOJNjxYwRTTT6BvVoJtWBZG+smWmvYlXAAuRbP
FiG74xZDLm0DAuPhHvbKVzCOqHRMdwbCQ48HarE8KLOu4bxfjz3VIXP1UupTitkN
CiPiRvHsGevBGMlLfrXmCiwwT4mgpATMO4hm7EoYyH01J8ppXLIc5VO6OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNk+KNH4SpZeFTM58tjjCHo5I9T2MB8GA1UdIwQY
MBaAFGRM266EsmqEhLEMAOv9+8tJkMFXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkV6YnJvU3lhb1NFc1F3QTZfMzd5MG1Rd1ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9kNzNhYzktM2Q2NS00ZTJkLThiYmYt
ZTAzNGY2NWU3ZjYwLzEvMlQ0bzBmaEtsbDRWTXpueTJPTUllamtqMVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9kNzNhYzktM2Q2NS00ZTJkLThiYmYtZTAzNGY2NWU3ZjYw
LzEvWkV6YnJvU3lhb1NFc1F3QTZfMzd5MG1Rd1ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufQSMA0G
CSqGSIb3DQEBCwUAA4IBAQC1kMi+sTYiQ/1VcuvHQcX9oJOpH8GYQJK0KKU0BzQq
4BzkxqJdepmZIwk32sd2TcdV1wSYx7QhKsPdC2ixDbaQJdQTponBj80k9EBU1J4K
rUeAcMzy9BjRAmDldIBDfZUL6/zZKiU9BqdmhD9FOojkTouP5KVu+bsEj7ahs1Zp
vyjgDQLvp/tGxe8QnDWZzM/+QI/OeCdQU+7/auO2u7uHrdhtWyD+B0x2lQi7AVos
/S6+G3FNGmO2qRgg/CkTZvUUO/cIltLMyj4JrVtp4QNMwvDj9P7gSpFVdAarhsQh
CLpYI3VK/rcifw4px/ckUWcmeFkswwHFI+Mg3j5zwFHs
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:14 2024 by rpki-client on console-ams.rpki-client.org