Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/2-HY3knw0dcjxKWFTLcaSqPINzc.roa
File: 2-HY3knw0dcjxKWFTLcaSqPINzc.roa (raw, json)
Hash identifier: rof30ovq1dvb8InBVvSf85iRSJK+VJYQYnTfFzsmFX0=
Subject key identifier: DB:E1:D8:DE:49:F0:D1:D7:23:C4:A5:85:4C:B7:1A:4A:A3:C8:37:37
Certificate issuer: /CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
Certificate serial: 0185704293DAD710A6FD4A1853D6893AB9C2
Authority key identifier: 88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/2-HY3knw0dcjxKWFTLcaSqPINzc.roa
Signing time: Mon 02 Jan 2023 02:14:49 +0000
ROA not before: Mon 02 Jan 2023 02:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25536
IP address blocks: 195.245.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:93:da:d7:10:a6:fd:4a:18:53:d6:89:3a:b9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
Validity
Not Before: Jan 2 02:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe1d8de49f0d1d723c4a5854cb71a4aa3c83737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:54:b3:14:05:5a:52:af:24:23:b8:10:49:99:
6e:8e:81:58:5f:40:4c:ca:b0:c7:d4:1d:dc:65:47:
ba:e1:a3:e9:b5:34:2a:0b:03:13:7e:d8:03:60:2a:
31:dd:72:cf:25:a6:b0:4d:23:80:a3:bd:0c:97:99:
80:dc:7e:0c:c2:8c:22:45:4c:2a:cb:32:db:49:d6:
cf:41:2f:a9:f8:88:b4:ff:20:f8:1d:b3:8e:64:ae:
40:77:da:c1:4e:a6:b9:77:66:bf:24:35:d3:aa:61:
51:93:c1:43:28:20:91:36:15:52:99:92:69:5d:f0:
0f:3c:9a:3d:11:0f:03:58:a6:a3:9a:75:f6:6d:83:
5e:79:00:c4:0c:de:0c:1c:88:1e:15:1d:26:e6:be:
0f:5d:00:dd:fd:0d:fa:b0:9f:51:62:ef:3f:ac:a7:
e2:1d:47:87:c0:cb:ee:ce:58:eb:eb:0b:5f:d0:e8:
e1:fa:23:01:be:4e:c3:5a:bd:d6:7c:d0:fa:1d:15:
1f:7f:c9:ba:6a:91:f3:bf:23:0b:6f:c9:8e:12:9d:
ec:cb:a4:2b:34:6e:2b:c5:cb:43:3b:ca:40:14:97:
6b:6c:ac:61:da:c3:dd:49:48:65:d2:02:87:92:f5:
0e:32:9f:ea:af:6e:ed:51:69:c0:91:29:b5:b4:54:
38:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E1:D8:DE:49:F0:D1:D7:23:C4:A5:85:4C:B7:1A:4A:A3:C8:37:37
X509v3 Authority Key Identifier:
keyid:88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/2-HY3knw0dcjxKWFTLcaSqPINzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/iKWrZp-r5y3sLoN4R2p-kVwk7c8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.220.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f8:81:bb:90:ce:00:65:ce:da:40:b5:0e:5a:2c:78:c9:c8:
f4:70:ba:d6:ed:5a:11:d3:44:de:73:df:37:84:49:2c:e6:b3:
61:60:74:6b:e8:b8:d2:c9:9c:cf:9e:3a:51:e4:52:85:e6:b3:
20:fd:c5:ea:f7:4e:3c:3b:fd:a7:4e:51:cc:6e:8e:ee:14:fb:
ee:38:d3:de:85:c0:a1:df:5c:51:60:22:b4:3f:29:a4:a3:fb:
b4:27:e4:45:64:0b:08:0d:95:3f:d4:16:3e:84:76:d2:91:51:
4f:db:bb:7a:5b:98:67:ab:c4:e6:fd:4e:e8:6f:a5:94:ce:5a:
ae:b0:d2:fb:fc:be:b0:f6:ee:00:f7:1f:f9:cd:ab:b8:d5:fe:
92:09:50:50:5d:a2:c8:50:00:c0:a9:93:43:59:7d:86:5b:a2:
46:73:2e:ff:b4:4f:d5:37:cc:66:b6:b3:d0:77:b8:af:4e:25:
68:09:80:b2:0a:b0:3c:27:76:f1:51:46:aa:75:06:b2:02:d5:
15:a7:92:38:a0:ac:24:a6:91:a8:0b:fd:dd:d0:a0:f8:49:61:
97:2e:12:9e:45:ab:61:29:be:1d:ce:32:5c:45:db:51:88:2f:
ed:9f:9b:e5:d4:ba:80:43:2e:8a:6c:bb:0d:21:a2:ad:1d:a2:
96:0d:0f:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQpPa1xCm/UoYU9aJOrnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTVhYjY2OWZhYmU3MmRlYzJlODM3ODQ3NmE3ZTkxNWMy
NGVkY2YwHhcNMjMwMTAyMDIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmUxZDhkZTQ5ZjBkMWQ3MjNjNGE1ODU0Y2I3MWE0YWEzYzgzNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1SzFAVaUq8kI7gQSZlujoFYX0BM
yrDH1B3cZUe64aPptTQqCwMTftgDYCox3XLPJaawTSOAo70Ml5mA3H4MwowiRUwq
yzLbSdbPQS+p+Ii0/yD4HbOOZK5Ad9rBTqa5d2a/JDXTqmFRk8FDKCCRNhVSmZJp
XfAPPJo9EQ8DWKajmnX2bYNeeQDEDN4MHIgeFR0m5r4PXQDd/Q36sJ9RYu8/rKfi
HUeHwMvuzljr6wtf0Ojh+iMBvk7DWr3WfND6HRUff8m6apHzvyMLb8mOEp3sy6Qr
NG4rxctDO8pAFJdrbKxh2sPdSUhl0gKHkvUOMp/qr27tUWnAkSm1tFQ4nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvh2N5J8NHXI8SlhUy3GkqjyDc3MB8GA1UdIwQY
MBaAFIilq2afq+ct7C6DeEdqfpFcJO3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtXclpwLXI1eTNzTG9ONFIycC1rVndrN2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82OGNkMTAtZTVjYy00ZjQ3LTg0YTkt
MTVhMDIwN2Q0NjA5LzEvMi1IWTNrbncwZGNqeEtXRlRMY2FTcVBJTnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82OGNkMTAtZTVjYy00ZjQ3LTg0YTktMTVhMDIwN2Q0NjA5
LzEvaUtXclpwLXI1eTNzTG9ONFIycC1rVndrN2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/XcMA0G
CSqGSIb3DQEBCwUAA4IBAQBs+IG7kM4AZc7aQLUOWix4ycj0cLrW7VoR00Tec983
hEks5rNhYHRr6LjSyZzPnjpR5FKF5rMg/cXq9048O/2nTlHMbo7uFPvuONPehcCh
31xRYCK0Pymko/u0J+RFZAsIDZU/1BY+hHbSkVFP27t6W5hnq8Tm/U7ob6WUzlqu
sNL7/L6w9u4A9x/5zau41f6SCVBQXaLIUADAqZNDWX2GW6JGcy7/tE/VN8xmtrPQ
d7ivTiVoCYCyCrA8J3bxUUaqdQayAtUVp5I4oKwkppGoC/3d0KD4SWGXLhKeRath
Kb4dzjJcRdtRiC/tn5vl1LqAQy6KbLsNIaKtHaKWDQ/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:12 2024 by rpki-client on console-ams.rpki-client.org