Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/joZThV5s3pMZhlO67LKIu1TgKts.roa
File: joZThV5s3pMZhlO67LKIu1TgKts.roa (raw, json)
Hash identifier: hyEsuOgGxQEAl95CEbG79TzLLqIUvWLrdSJq2B8aH5I=
Subject key identifier: 8E:86:53:85:5E:6C:DE:93:19:86:53:BA:EC:B2:88:BB:54:E0:2A:DB
Certificate issuer: /CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
Certificate serial: 01856F26EC241D0C3F32645417FB4DB8DD07
Authority key identifier: 2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/joZThV5s3pMZhlO67LKIu1TgKts.roa
Signing time: Sun 01 Jan 2023 21:04:59 +0000
ROA not before: Sun 01 Jan 2023 21:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41720
IP address blocks: 185.242.183.0/24 maxlen: 24
185.242.180.0/22 maxlen: 22
185.242.182.0/24 maxlen: 24
2a0d:b280::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 21 Feb 2023 11:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:ec:24:1d:0c:3f:32:64:54:17:fb:4d:b8:dd:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
Validity
Not Before: Jan 1 21:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e8653855e6cde93198653baecb288bb54e02adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:26:17:45:a3:ca:15:dd:13:72:5e:0d:4f:31:
fc:53:af:4e:31:1a:1a:74:91:ca:0f:9d:cf:21:eb:
83:62:5f:23:94:dd:38:e3:eb:e1:c9:73:b6:fc:44:
f5:91:73:78:ba:7b:5e:f3:8b:ad:07:2b:2a:91:0f:
7c:7c:c2:58:ae:94:33:1f:7b:6d:45:af:4d:9d:3f:
58:a6:11:58:02:1b:e4:8a:40:d3:fa:8b:de:cb:98:
98:cd:0e:ee:71:32:89:75:4e:3b:79:a8:80:05:17:
be:cf:62:ab:c8:9b:af:8b:80:67:52:73:70:6e:29:
ed:01:20:05:b5:41:1b:76:7e:ac:e2:4f:d1:6a:a1:
cd:2e:4c:9a:9f:92:e6:64:12:83:7c:e1:0f:df:e9:
fc:4f:c3:46:92:8d:ca:cd:7a:43:3d:78:2f:3c:06:
a8:4a:eb:19:99:4b:15:99:9b:1e:fa:e9:d7:c3:e0:
b5:26:ec:78:40:07:19:07:c7:bc:27:bd:67:0c:84:
68:fc:ba:10:86:18:3d:d9:d1:4c:71:f4:c6:5c:75:
a9:75:22:bb:6d:1b:e3:0c:80:53:7b:5e:52:6c:9e:
22:ca:e7:07:b2:ab:75:1c:38:82:24:0a:c8:0e:d0:
eb:f0:cd:2e:b4:88:34:de:39:64:a7:fa:ba:ed:6f:
d3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:86:53:85:5E:6C:DE:93:19:86:53:BA:EC:B2:88:BB:54:E0:2A:DB
X509v3 Authority Key Identifier:
keyid:2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/joZThV5s3pMZhlO67LKIu1TgKts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/L8sw_X1uRJST7Hyw2feGAEWL4hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.180.0/22
IPv6:
2a0d:b280::/29
Signature Algorithm: sha256WithRSAEncryption
96:0e:81:ed:8f:7a:7a:9e:90:5d:e4:60:bb:98:e8:7f:45:e5:
71:8c:ff:8e:61:51:3e:36:8c:a2:8b:4a:03:b8:bb:e4:a6:36:
df:15:17:bf:02:01:de:52:99:4e:17:f3:99:c2:f3:1c:47:07:
43:72:36:e2:5f:71:16:e6:1a:39:6f:ef:93:81:c3:20:93:d5:
02:c5:4d:e2:f7:9a:71:91:28:bc:9d:0e:76:14:6b:65:4a:c9:
ca:27:38:b9:85:de:eb:af:3c:af:3f:be:50:a0:66:1f:69:d4:
be:d7:c4:0e:63:6b:5a:04:29:72:3e:14:49:6a:f1:a8:88:08:
ff:94:65:e6:33:da:4c:0b:30:51:de:b5:fc:ea:5e:ad:f7:dd:
eb:3f:b5:d8:fa:be:b0:a9:88:9d:81:39:32:8a:ab:a7:bf:b3:
91:68:2c:1e:4f:2a:e7:06:79:5c:41:31:fd:e6:3d:39:9f:8b:
3d:9a:c9:e7:24:7f:55:d4:9c:86:eb:b4:84:11:72:01:54:79:
44:38:82:8f:11:61:ce:b0:7a:7e:a7:79:da:c5:a2:ca:bf:a2:
74:44:b3:ba:73:09:23:fe:b7:31:9b:4c:f8:82:85:c2:a1:85:
f9:36:9e:e6:e6:e8:65:99:cd:15:ab:03:4c:9b:b9:a3:71:fb:
36:b2:0c:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvJuwkHQw/MmRUF/tNuN0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2IzMGZkN2Q2ZTQ0OTQ5M2VjN2NiMGQ5Zjc4NjAwNDU4
YmUyMWIwHhcNMjMwMTAxMjEwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTg2NTM4NTVlNmNkZTkzMTk4NjUzYmFlY2IyODhiYjU0ZTAyYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyYXRaPKFd0Tcl4NTzH8U69OMRoa
dJHKD53PIeuDYl8jlN044+vhyXO2/ET1kXN4unte84utBysqkQ98fMJYrpQzH3tt
Ra9NnT9YphFYAhvkikDT+ovey5iYzQ7ucTKJdU47eaiABRe+z2KryJuvi4BnUnNw
bintASAFtUEbdn6s4k/RaqHNLkyan5LmZBKDfOEP3+n8T8NGko3KzXpDPXgvPAao
SusZmUsVmZse+unXw+C1Jux4QAcZB8e8J71nDIRo/LoQhhg92dFMcfTGXHWpdSK7
bRvjDIBTe15SbJ4iyucHsqt1HDiCJArIDtDr8M0utIg03jlkp/q67W/TtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI6GU4VebN6TGYZTuuyyiLtU4CrbMB8GA1UdIwQY
MBaAFC/LMP19bkSUk+x8sNn3hgBFi+IbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzkt
NGRkNGRjMzM5MWFjLzEvam9aVGhWNXMzcE1aaGxPNjdMS0l1MVRnS3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOTEwYmYtZTQ5Yi00Y2RjLWJlNzktNGRkNGRjMzM5MWFj
LzEvTDhzd19YMXVSSlNUN0h5dzJmZUdBRVdMNGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufK0MA0E
AgACMAcDBQMqDbKAMA0GCSqGSIb3DQEBCwUAA4IBAQCWDoHtj3p6npBd5GC7mOh/
ReVxjP+OYVE+Noyii0oDuLvkpjbfFRe/AgHeUplOF/OZwvMcRwdDcjbiX3EW5ho5
b++TgcMgk9UCxU3i95pxkSi8nQ52FGtlSsnKJzi5hd7rrzyvP75QoGYfadS+18QO
Y2taBClyPhRJavGoiAj/lGXmM9pMCzBR3rX86l6t993rP7XY+r6wqYidgTkyiqun
v7ORaCweTyrnBnlcQTH95j05n4s9msnnJH9V1JyG67SEEXIBVHlEOIKPEWHOsHp+
p3naxaLKv6J0RLO6cwkj/rcxm0z4goXCoYX5Np7m5uhlmc0VqwNMm7mjcfs2sgzy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:07 2024 by rpki-client on console-ams.rpki-client.org