Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/3DGQlBsJ9od6maj7lW9t8jBRaRo.roa
File: 3DGQlBsJ9od6maj7lW9t8jBRaRo.roa (raw, json)
Hash identifier: mYaXkzh0ED8OTSxk+62DPPr4Bda/o43CsCcrKAUoAeQ=
Subject key identifier: DC:31:90:94:1B:09:F6:87:7A:99:A8:FB:95:6F:6D:F2:30:51:69:1A
Certificate issuer: /CN=0e0b0dcb6ad0ca816d2bd204e13f1eaf1104274c
Certificate serial: 0185706764E1D0E2C7B8C84DD66F7E7D4BC8
Authority key identifier: 0E:0B:0D:CB:6A:D0:CA:81:6D:2B:D2:04:E1:3F:1E:AF:11:04:27:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DgsNy2rQyoFtK9IE4T8erxEEJ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/3DGQlBsJ9od6maj7lW9t8jBRaRo.roa
Signing time: Mon 02 Jan 2023 02:55:02 +0000
ROA not before: Mon 02 Jan 2023 02:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25291
IP address blocks: 185.245.103.0/24 maxlen: 24
185.245.101.0/24 maxlen: 24
185.245.102.0/23 maxlen: 23
185.245.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:64:e1:d0:e2:c7:b8:c8:4d:d6:6f:7e:7d:4b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0b0dcb6ad0ca816d2bd204e13f1eaf1104274c
Validity
Not Before: Jan 2 02:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc3190941b09f6877a99a8fb956f6df23051691a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d8:ef:02:63:cf:eb:be:fd:b6:12:19:f3:a9:
79:94:95:49:ed:28:f3:eb:29:c7:1e:59:9a:d9:2d:
37:d9:7c:6c:c6:1e:7e:d0:a3:28:5c:1c:20:ae:c4:
2c:68:92:16:06:64:2b:07:94:6e:14:a5:22:4b:51:
d7:72:e6:42:a0:f0:16:94:c7:4e:61:3f:7e:4b:f4:
f6:e7:f5:f5:e6:0d:d8:63:fb:dc:dd:48:6d:d2:f2:
9f:94:76:bb:9d:a1:c2:e3:21:a4:c5:ea:c0:30:c5:
eb:2e:be:6d:f9:6c:f0:d2:4d:2e:e9:65:04:5a:01:
e8:d4:68:ed:8b:d0:56:2b:39:a7:3e:32:c8:d4:e4:
f8:e8:7d:12:4c:6c:83:71:97:0d:5b:62:72:33:7a:
e6:98:35:f4:45:46:8a:09:79:32:b6:54:29:23:3b:
2a:c3:b2:b3:40:d2:9d:fc:ed:79:4c:73:75:5e:d5:
79:3c:99:e3:17:10:01:d5:3f:60:6e:a7:80:20:30:
cb:3a:e6:a1:1b:23:3c:2c:08:87:80:0c:ee:05:d8:
ae:88:cd:77:9d:a0:60:b5:a4:27:a6:8e:3e:eb:08:
de:a8:af:a1:76:38:9b:55:3e:64:a9:ce:c6:0d:b6:
64:3b:57:ce:21:fe:8b:43:c8:8b:e0:08:27:a6:cc:
87:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:31:90:94:1B:09:F6:87:7A:99:A8:FB:95:6F:6D:F2:30:51:69:1A
X509v3 Authority Key Identifier:
keyid:0E:0B:0D:CB:6A:D0:CA:81:6D:2B:D2:04:E1:3F:1E:AF:11:04:27:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DgsNy2rQyoFtK9IE4T8erxEEJ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/3DGQlBsJ9od6maj7lW9t8jBRaRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/DgsNy2rQyoFtK9IE4T8erxEEJ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.101.0-185.245.103.255
Signature Algorithm: sha256WithRSAEncryption
87:fe:5a:77:1f:ca:d4:c6:53:13:8d:7b:cd:14:e9:c0:89:c0:
01:ea:93:06:55:26:f1:38:91:2b:48:14:7d:58:62:b0:09:c4:
7e:46:42:c7:53:f8:f6:6d:56:6f:d2:88:fb:07:90:a5:25:cc:
b2:7e:94:b2:74:51:c8:e7:67:ca:72:6a:e3:f3:3b:64:cc:1d:
d2:08:6a:6f:35:5b:c7:5f:32:17:a5:40:31:93:a2:6c:10:7e:
0b:0a:f9:18:36:05:49:d5:a3:56:32:8c:6f:9a:1c:f9:5a:bc:
88:a0:ae:f0:8e:89:3c:36:86:3d:f9:24:08:56:a2:f5:92:cf:
72:81:1c:83:5c:8a:46:aa:d5:99:38:5d:3e:d8:3d:92:f3:e1:
4c:e7:3a:d1:51:ae:ff:03:8f:20:6c:3b:67:f2:e5:ca:f8:94:
6a:0e:42:ce:9d:80:08:3a:f5:59:50:4d:e5:44:c5:9d:31:cc:
02:5d:c3:75:c8:08:23:84:16:c4:1d:b1:fe:ff:e5:67:7d:f7:
5d:2f:40:dc:c5:7b:1d:16:34:03:8e:c9:b4:db:f6:db:63:45:
42:5b:ed:83:ca:74:4d:5f:15:15:6a:87:f2:bc:c6:64:21:11:
31:22:e6:fb:d0:14:b7:35:67:4b:9d:b1:c3:03:ff:81:a3:68:
26:1a:66:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwZ2Th0OLHuMhN1m9+fUvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGIwZGNiNmFkMGNhODE2ZDJiZDIwNGUxM2YxZWFmMTEw
NDI3NGMwHhcNMjMwMTAyMDI1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzMxOTA5NDFiMDlmNjg3N2E5OWE4ZmI5NTZmNmRmMjMwNTE2OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNjvAmPP6779thIZ86l5lJVJ7Sjz
6ynHHlma2S032Xxsxh5+0KMoXBwgrsQsaJIWBmQrB5RuFKUiS1HXcuZCoPAWlMdO
YT9+S/T25/X15g3YY/vc3Uht0vKflHa7naHC4yGkxerAMMXrLr5t+Wzw0k0u6WUE
WgHo1Gjti9BWKzmnPjLI1OT46H0STGyDcZcNW2JyM3rmmDX0RUaKCXkytlQpIzsq
w7KzQNKd/O15THN1XtV5PJnjFxAB1T9gbqeAIDDLOuahGyM8LAiHgAzuBdiuiM13
naBgtaQnpo4+6wjeqK+hdjibVT5kqc7GDbZkO1fOIf6LQ8iL4AgnpsyHSwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNwxkJQbCfaHepmo+5VvbfIwUWkaMB8GA1UdIwQY
MBaAFA4LDctq0MqBbSvSBOE/Hq8RBCdMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGdzTnkyclF5b0Z0SzlJRTRUOGVyeEVFSjB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMTlkMDYtYzdmYS00MGU1LWI4MTMt
N2ZlMzk1MWE3MzViLzEvM0RHUWxCc0o5b2Q2bWFqN2xXOXQ4akJSYVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMTlkMDYtYzdmYS00MGU1LWI4MTMtN2ZlMzk1MWE3MzVi
LzEvRGdzTnkyclF5b0Z0SzlJRTRUOGVyeEVFSjB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC59WUD
BAO59WAwDQYJKoZIhvcNAQELBQADggEBAIf+WncfytTGUxONe80U6cCJwAHqkwZV
JvE4kStIFH1YYrAJxH5GQsdT+PZtVm/SiPsHkKUlzLJ+lLJ0UcjnZ8pyauPzO2TM
HdIIam81W8dfMhelQDGTomwQfgsK+Rg2BUnVo1YyjG+aHPlavIigrvCOiTw2hj35
JAhWovWSz3KBHINcikaq1Zk4XT7YPZLz4UznOtFRrv8DjyBsO2fy5cr4lGoOQs6d
gAg69VlQTeVExZ0xzAJdw3XICCOEFsQdsf7/5Wd9910vQNzFex0WNAOOybTb9ttj
RUJb7YPKdE1fFRVqh/K8xmQhETEi5vvQFLc1Z0udscMD/4GjaCYaZpA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:31 2024 by rpki-client on console-fra.rpki-client.org