Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/2709ORr0mOHrd9Gzylg3g6PDI3I.roa
File: 2709ORr0mOHrd9Gzylg3g6PDI3I.roa (raw, json)
Hash identifier: blo/yo9EJKE8/FR5cCensLeTbic0BbQsbPPwG98pHFg=
Subject key identifier: DB:BD:3D:39:1A:F4:98:E1:EB:77:D1:B3:CA:58:37:83:A3:C3:23:72
Certificate issuer: /CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Certificate serial: 0185710C0C7F522EC36C47BF4DA2C0915C7A
Authority key identifier: DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/2709ORr0mOHrd9Gzylg3g6PDI3I.roa
Signing time: Mon 02 Jan 2023 05:54:53 +0000
ROA not before: Mon 02 Jan 2023 05:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62290
IP address blocks: 185.24.116.0/23 maxlen: 23
185.24.116.0/22 maxlen: 23
212.102.109.0/24 maxlen: 24
2a00:72a0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:0c:7f:52:2e:c3:6c:47:bf:4d:a2:c0:91:5c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Validity
Not Before: Jan 2 05:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbbd3d391af498e1eb77d1b3ca583783a3c32372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c0:f1:78:da:94:59:8c:70:d7:de:c5:48:d3:
f4:29:62:48:3c:14:3a:eb:45:ee:db:39:20:1a:64:
73:bf:64:3a:d6:75:60:f4:ef:8e:c8:2b:a4:01:3d:
a9:ab:62:ee:e1:19:c2:64:fc:69:c2:cc:34:65:e4:
10:65:a1:d2:88:4c:58:7b:cd:6b:51:e1:0a:82:86:
b4:2e:1b:3e:18:07:09:ea:04:09:77:0e:3e:99:cf:
76:fd:78:02:11:01:56:50:3d:6a:b3:11:cd:20:42:
b8:b4:06:ca:52:c5:c0:06:68:89:86:2d:10:b5:bc:
75:10:50:a2:c6:7f:60:fe:bb:8e:88:ea:b6:0d:70:
d1:56:f1:64:8e:56:79:db:e5:a6:42:c8:ea:9f:b8:
e7:eb:ed:1f:6c:66:d3:1f:11:c0:31:b0:55:32:a6:
50:7f:95:8a:0e:70:a8:53:ca:2d:aa:13:63:51:db:
49:e6:eb:cf:83:67:fc:f8:8b:6c:10:a4:63:44:5c:
b9:31:a0:b6:b3:00:54:a1:0a:47:a7:c3:98:f1:66:
b1:d2:4b:06:19:3c:76:14:da:6e:0d:86:f7:02:87:
74:6a:e6:b3:29:2c:78:39:3a:2d:4a:2b:16:b1:b1:
bc:84:04:51:73:35:67:f4:c0:df:30:be:5e:b3:56:
9d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BD:3D:39:1A:F4:98:E1:EB:77:D1:B3:CA:58:37:83:A3:C3:23:72
X509v3 Authority Key Identifier:
keyid:DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/2709ORr0mOHrd9Gzylg3g6PDI3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.116.0/22
212.102.109.0/24
IPv6:
2a00:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
ab:2c:c5:2c:70:e2:61:4e:7d:fc:bd:b0:07:18:04:2c:5b:76:
3d:fd:3b:71:f0:f0:81:43:b7:35:1f:a6:b1:e6:e4:a8:4d:5a:
d8:fe:f5:be:3a:e7:7c:a1:82:21:85:e6:47:16:51:7e:6b:fb:
fb:81:dc:12:5b:c2:0c:5d:d4:a9:1f:07:4a:73:35:22:d5:15:
d8:ce:fb:99:1e:d2:a5:c9:b4:58:3b:dd:52:a2:11:f0:1c:cb:
45:bf:88:a3:2a:dc:9d:73:da:a7:3a:ed:61:1f:92:3f:91:d2:
fa:8f:04:f5:32:6f:7f:b4:07:dc:72:52:1d:26:3b:55:a1:6c:
66:1c:89:a0:74:62:87:7f:ea:e3:b9:16:36:6a:d1:96:b9:d1:
65:7c:0c:2a:de:5c:e0:1f:f9:22:c7:55:29:9a:42:30:5b:cc:
db:65:da:70:f8:c0:4b:c4:f8:e3:67:df:fc:c3:05:50:27:6b:
2d:07:1c:9a:ba:d1:51:ae:e1:fa:19:93:fe:87:c1:65:e1:c6:
90:de:05:f1:47:61:a8:66:3d:30:c6:b5:53:4f:66:f6:ff:f9:
08:65:0a:b0:20:d1:c2:3d:ca:e9:3e:6d:f6:63:e8:b0:1a:85:
56:43:8d:81:a2:22:91:74:7c:78:d9:2f:77:cd:14:3a:f6:e4:
fc:1d:d0:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxDAx/Ui7DbEe/TaLAkVx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYzBiMWRmMGU3YmQwMDA0NWViZTEwMzAyYzMyMGZmYmRi
YTA3MTYwHhcNMjMwMTAyMDU1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmJkM2QzOTFhZjQ5OGUxZWI3N2QxYjNjYTU4Mzc4M2EzYzMyMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcDxeNqUWYxw197FSNP0KWJIPBQ6
60Xu2zkgGmRzv2Q61nVg9O+OyCukAT2pq2Lu4RnCZPxpwsw0ZeQQZaHSiExYe81r
UeEKgoa0Lhs+GAcJ6gQJdw4+mc92/XgCEQFWUD1qsxHNIEK4tAbKUsXABmiJhi0Q
tbx1EFCixn9g/ruOiOq2DXDRVvFkjlZ52+WmQsjqn7jn6+0fbGbTHxHAMbBVMqZQ
f5WKDnCoU8otqhNjUdtJ5uvPg2f8+ItsEKRjRFy5MaC2swBUoQpHp8OY8Wax0ksG
GTx2FNpuDYb3Aod0auazKSx4OTotSisWsbG8hARRczVn9MDfML5es1adFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNu9PTka9Jjh63fRs8pYN4OjwyNyMB8GA1UdIwQY
MBaAFN/Asd8Oe9AARevhAwLDIP+9ugcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2Ut
ZDkyOWUyYjc2ZDY4LzEvMjcwOU9ScjBtT0hyZDlHenlsZzNnNlBESTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2UtZDkyOWUyYjc2ZDY4
LzEvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRh0AwQA
1GZtMA0EAgACMAcDBQAqAHKgMA0GCSqGSIb3DQEBCwUAA4IBAQCrLMUscOJhTn38
vbAHGAQsW3Y9/Ttx8PCBQ7c1H6ax5uSoTVrY/vW+Oud8oYIhheZHFlF+a/v7gdwS
W8IMXdSpHwdKczUi1RXYzvuZHtKlybRYO91SohHwHMtFv4ijKtydc9qnOu1hH5I/
kdL6jwT1Mm9/tAfcclIdJjtVoWxmHImgdGKHf+rjuRY2atGWudFlfAwq3lzgH/ki
x1UpmkIwW8zbZdpw+MBLxPjjZ9/8wwVQJ2stBxyautFRruH6GZP+h8Fl4caQ3gXx
R2GoZj0wxrVTT2b2//kIZQqwINHCPcrpPm32Y+iwGoVWQ42BoiKRdHx42S93zRQ6
9uT8HdAJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:28 2024 by rpki-client on console-fra.rpki-client.org