Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/2Etn1W6jwHtvKHQ7NwzHjA8FpZI.roa
File: 2Etn1W6jwHtvKHQ7NwzHjA8FpZI.roa (raw, json)
Hash identifier: 0yWLTcUukWJy8JeaJkUqUmPkG/eTn1Lgef9107BJHxE=
Subject key identifier: D8:4B:67:D5:6E:A3:C0:7B:6F:28:74:3B:37:0C:C7:8C:0F:05:A5:92
Certificate issuer: /CN=3e09a54cc224ad7b3ca0c575317b8184e2ace216
Certificate serial: 01856FF039EBDEFCC20525A24AACAA94C6D0
Authority key identifier: 3E:09:A5:4C:C2:24:AD:7B:3C:A0:C5:75:31:7B:81:84:E2:AC:E2:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PgmlTMIkrXs8oMV1MXuBhOKs4hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/2Etn1W6jwHtvKHQ7NwzHjA8FpZI.roa
Signing time: Mon 02 Jan 2023 00:44:52 +0000
ROA not before: Mon 02 Jan 2023 00:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202105
IP address blocks: 185.108.240.0/24 maxlen: 24
185.108.241.0/24 maxlen: 24
185.108.242.0/24 maxlen: 24
185.108.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:39:eb:de:fc:c2:05:25:a2:4a:ac:aa:94:c6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e09a54cc224ad7b3ca0c575317b8184e2ace216
Validity
Not Before: Jan 2 00:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d84b67d56ea3c07b6f28743b370cc78c0f05a592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:98:b6:fd:dd:54:e1:d6:f5:ee:ee:2c:66:c9:
c9:b1:11:d7:9c:e8:48:94:e0:39:b0:4c:37:0b:c7:
01:73:13:32:dc:37:0d:a9:ea:7c:6f:b4:a6:53:55:
68:e0:f1:cc:27:98:e5:0d:a3:d1:07:3b:d2:f3:34:
81:50:e7:df:ea:bd:4b:34:93:6b:83:f7:7a:42:c2:
6b:3d:4b:04:88:da:91:41:0a:6a:2e:1c:3e:9e:e6:
80:c2:fb:1d:58:0a:ff:c7:97:32:c7:b5:26:6d:09:
12:bb:71:89:24:ba:9c:ef:e9:0f:cb:e7:51:50:b6:
6f:f1:36:02:49:5e:29:41:d3:d7:d0:1c:53:29:c5:
3a:70:d8:e4:09:47:85:01:3f:a3:0d:e2:e9:9f:a3:
35:49:1c:43:43:9b:12:6f:af:77:86:24:f4:54:b6:
ab:a7:d3:37:7e:be:49:40:72:47:45:81:bf:22:3e:
f6:39:66:c6:df:11:5b:8f:31:24:5d:ef:e3:76:72:
30:e3:6e:41:2b:13:d6:85:d3:0c:96:78:80:d7:d0:
2f:c1:c5:07:5d:93:fa:eb:7d:06:12:c2:7c:ce:dc:
41:3d:e0:ac:3d:b0:3c:ab:5e:08:fd:14:53:01:e4:
ce:e2:fd:44:52:47:c9:78:dd:a4:c1:ef:7f:ed:15:
7b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4B:67:D5:6E:A3:C0:7B:6F:28:74:3B:37:0C:C7:8C:0F:05:A5:92
X509v3 Authority Key Identifier:
keyid:3E:09:A5:4C:C2:24:AD:7B:3C:A0:C5:75:31:7B:81:84:E2:AC:E2:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PgmlTMIkrXs8oMV1MXuBhOKs4hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/2Etn1W6jwHtvKHQ7NwzHjA8FpZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/PgmlTMIkrXs8oMV1MXuBhOKs4hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.240.0/22
Signature Algorithm: sha256WithRSAEncryption
49:9f:dc:4b:14:84:be:94:c5:f2:b2:80:cc:0c:aa:cb:88:2d:
80:f1:24:e4:88:9d:90:c6:15:30:5a:aa:e7:2b:d0:a0:b7:8c:
05:a6:c3:5f:1c:4e:71:cb:90:44:9e:4f:17:b0:6b:5d:79:41:
2a:b3:6a:33:74:b4:e1:08:fd:83:90:fb:3e:09:1e:a9:9e:39:
49:be:03:9a:5f:79:18:81:23:3a:0f:45:71:88:b2:bc:b3:ca:
3f:72:06:9c:ea:86:1c:08:c2:fe:fe:7d:a8:69:bb:0b:21:62:
89:2e:b6:32:fa:4a:57:d6:1c:d5:9f:b7:8c:42:8c:c6:d0:8a:
7e:36:3c:58:e9:57:fe:eb:20:f2:db:1d:e5:be:67:65:52:e9:
7b:6e:dd:f1:1e:47:29:87:88:ed:47:5c:07:59:d8:91:36:93:
48:69:e0:ec:a3:96:d8:78:97:92:4a:95:f0:76:d0:4e:c6:7f:
45:79:5e:09:17:50:59:2d:8d:84:7b:ca:1b:bf:68:97:48:99:
c5:f2:6d:a3:fe:8e:dc:57:3d:fa:d4:cc:8d:8b:13:10:e0:b9:
f3:35:ce:8a:c3:b1:a1:78:68:da:aa:d0:37:74:bd:d3:b9:b6:
17:d3:a7:60:ac:da:ce:24:42:5a:f9:84:a5:db:a0:29:f8:fb:
3a:a4:64:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8Dnr3vzCBSWiSqyqlMbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMDlhNTRjYzIyNGFkN2IzY2EwYzU3NTMxN2I4MTg0ZTJh
Y2UyMTYwHhcNMjMwMTAyMDA0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODRiNjdkNTZlYTNjMDdiNmYyODc0M2IzNzBjYzc4YzBmMDVhNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZi2/d1U4db17u4sZsnJsRHXnOhI
lOA5sEw3C8cBcxMy3DcNqep8b7SmU1Vo4PHMJ5jlDaPRBzvS8zSBUOff6r1LNJNr
g/d6QsJrPUsEiNqRQQpqLhw+nuaAwvsdWAr/x5cyx7UmbQkSu3GJJLqc7+kPy+dR
ULZv8TYCSV4pQdPX0BxTKcU6cNjkCUeFAT+jDeLpn6M1SRxDQ5sSb693hiT0VLar
p9M3fr5JQHJHRYG/Ij72OWbG3xFbjzEkXe/jdnIw425BKxPWhdMMlniA19AvwcUH
XZP6630GEsJ8ztxBPeCsPbA8q14I/RRTAeTO4v1EUkfJeN2kwe9/7RV77wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhLZ9Vuo8B7byh0OzcMx4wPBaWSMB8GA1UdIwQY
MBaAFD4JpUzCJK17PKDFdTF7gYTirOIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdtbFRNSWtyWHM4b01WMU1YdUJoT0tzNGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81ZWYzZTItMDYwMy00NmZkLWFkOWYt
OGQ4YjZlMTE2MjE5LzEvMkV0bjFXNmp3SHR2S0hRN053ekhqQThGcFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81ZWYzZTItMDYwMy00NmZkLWFkOWYtOGQ4YjZlMTE2MjE5
LzEvUGdtbFRNSWtyWHM4b01WMU1YdUJoT0tzNGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWzwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJn9xLFIS+lMXysoDMDKrLiC2A8STkiJ2QxhUwWqrn
K9Cgt4wFpsNfHE5xy5BEnk8XsGtdeUEqs2ozdLThCP2DkPs+CR6pnjlJvgOaX3kY
gSM6D0VxiLK8s8o/cgac6oYcCML+/n2oabsLIWKJLrYy+kpX1hzVn7eMQozG0Ip+
NjxY6Vf+6yDy2x3lvmdlUul7bt3xHkcph4jtR1wHWdiRNpNIaeDso5bYeJeSSpXw
dtBOxn9FeV4JF1BZLY2Ee8obv2iXSJnF8m2j/o7cVz361MyNixMQ4LnzNc6Kw7Gh
eGjaqtA3dL3TubYX06dgrNrOJEJa+YSl26Ap+Ps6pGRA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:07 2024 by rpki-client on console-ams.rpki-client.org