Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/2gjBXQGgGkzv7IMtjQu3uQ7KbGw.roa
File: 2gjBXQGgGkzv7IMtjQu3uQ7KbGw.roa (raw, json)
Hash identifier: so9QBWemvhCKbh7xfvU6r8/H1InuWYMbcGTyVSVfmc8=
Subject key identifier: DA:08:C1:5D:01:A0:1A:4C:EF:EC:83:2D:8D:0B:B7:B9:0E:CA:6C:6C
Certificate issuer: /CN=9304eba2a97a09c9b3b08cff83dfb477141bc1cb
Certificate serial: 01856C6F0CA414FF85C525FDE65A899A3D1B
Authority key identifier: 93:04:EB:A2:A9:7A:09:C9:B3:B0:8C:FF:83:DF:B4:77:14:1B:C1:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/2gjBXQGgGkzv7IMtjQu3uQ7KbGw.roa
Signing time: Sun 01 Jan 2023 08:24:55 +0000
ROA not before: Sun 01 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198408
IP address blocks: 195.245.105.0/24 maxlen: 24
195.245.104.0/24 maxlen: 24
195.245.104.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:0c:a4:14:ff:85:c5:25:fd:e6:5a:89:9a:3d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9304eba2a97a09c9b3b08cff83dfb477141bc1cb
Validity
Not Before: Jan 1 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da08c15d01a01a4cefec832d8d0bb7b90eca6c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5b:aa:09:86:c5:37:61:50:63:a3:dc:bc:c9:
fa:ec:6c:be:e8:66:12:0c:70:2d:c9:d8:a0:79:cd:
23:36:85:33:15:65:07:08:6a:f6:d7:83:07:86:83:
ff:41:e0:2b:09:da:61:ad:d5:27:df:89:4c:80:58:
08:02:20:ab:c8:5f:75:c2:99:82:55:04:4c:dd:57:
64:9c:92:8b:72:17:e9:34:71:5e:13:bb:46:74:e0:
ee:7a:eb:ae:d4:d8:af:1f:ea:94:22:52:52:22:2b:
e2:a4:de:eb:34:3b:14:fb:41:f8:f0:80:82:3f:6c:
0b:21:23:8e:06:5b:d5:d1:c2:93:47:38:34:41:70:
4f:0a:c9:e9:b2:84:02:a3:1c:a9:eb:95:d0:5e:70:
c7:3d:de:69:f6:60:4e:23:8b:ca:68:1f:9f:e4:0a:
a7:d2:35:ea:3a:5a:de:53:26:5e:7c:74:95:a9:29:
10:92:4d:3d:00:af:d9:99:56:bc:ef:6c:1e:5b:9a:
98:9c:37:fb:79:bf:f1:5b:76:77:fc:6e:ae:2d:9e:
a9:98:11:33:47:c1:71:c1:f2:c7:97:37:ea:25:5b:
4b:8c:b1:d1:d5:50:06:2c:79:7e:8e:09:3d:fa:d8:
53:af:55:1d:34:07:45:7a:27:cd:89:ff:5f:3b:4e:
d6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:08:C1:5D:01:A0:1A:4C:EF:EC:83:2D:8D:0B:B7:B9:0E:CA:6C:6C
X509v3 Authority Key Identifier:
keyid:93:04:EB:A2:A9:7A:09:C9:B3:B0:8C:FF:83:DF:B4:77:14:1B:C1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/2gjBXQGgGkzv7IMtjQu3uQ7KbGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/kwTroql6CcmzsIz_g9-0dxQbwcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.104.0/23
Signature Algorithm: sha256WithRSAEncryption
36:0b:94:a9:f5:44:95:08:33:f5:51:77:89:49:3d:b1:a9:fb:
0b:0e:c5:4c:93:6c:da:4d:03:62:12:c2:55:6a:9b:b7:2d:df:
e6:92:25:8c:c1:01:19:82:ac:83:7e:7b:f3:7c:f4:cd:32:12:
bd:87:7a:6e:2d:b1:a7:9b:14:8c:b2:e4:03:de:39:1f:65:b9:
c8:0f:43:d7:d0:52:12:2a:a9:ed:c2:ae:50:8a:c1:80:1b:30:
66:76:34:35:2f:a6:b6:6c:29:df:43:07:c8:ca:ef:e2:7b:4a:
75:e7:c9:f5:b5:53:0e:54:5b:4a:b7:73:e4:0a:36:3a:42:ad:
16:db:f4:39:41:d2:8e:5c:4b:d5:d9:f5:93:64:f2:68:cf:a9:
5a:c2:4f:93:e2:a4:a4:d7:78:60:7e:3c:48:7e:d4:b7:fd:ea:
75:c9:a5:80:40:0d:26:2b:31:02:f5:30:9c:1d:2a:69:4a:78:
06:c1:64:e4:0a:82:50:54:39:07:e5:cd:8a:82:c5:99:27:79:
d0:4b:b1:92:44:af:3f:06:87:bc:04:ab:e8:b5:80:0b:b6:d4:
db:03:a3:f8:24:ae:19:ad:57:8b:a5:cc:15:86:ae:79:2e:08:
20:1d:37:cc:19:cf:53:4c:1f:0f:bc:08:c4:43:73:46:24:c7:
3f:24:fb:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbwykFP+FxSX95lqJmj0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDRlYmEyYTk3YTA5YzliM2IwOGNmZjgzZGZiNDc3MTQx
YmMxY2IwHhcNMjMwMTAxMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA4YzE1ZDAxYTAxYTRjZWZlYzgzMmQ4ZDBiYjdiOTBlY2E2YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFuqCYbFN2FQY6PcvMn67Gy+6GYS
DHAtydigec0jNoUzFWUHCGr214MHhoP/QeArCdphrdUn34lMgFgIAiCryF91wpmC
VQRM3VdknJKLchfpNHFeE7tGdODueuuu1NivH+qUIlJSIivipN7rNDsU+0H48ICC
P2wLISOOBlvV0cKTRzg0QXBPCsnpsoQCoxyp65XQXnDHPd5p9mBOI4vKaB+f5Aqn
0jXqOlreUyZefHSVqSkQkk09AK/ZmVa872weW5qYnDf7eb/xW3Z3/G6uLZ6pmBEz
R8FxwfLHlzfqJVtLjLHR1VAGLHl+jgk9+thTr1UdNAdFeifNif9fO07WFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNoIwV0BoBpM7+yDLY0Lt7kOymxsMB8GA1UdIwQY
MBaAFJME66KpegnJs7CM/4PftHcUG8HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3dUcm9xbDZDY216c0l6X2c5LTBkeFFid2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hYjIzZmYtZTUzYi00ZDA4LTgzOTIt
OWFmOTkzYjAzNDNlLzEvMmdqQlhRR2dHa3p2N0lNdGpRdTN1UTdLYkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hYjIzZmYtZTUzYi00ZDA4LTgzOTItOWFmOTkzYjAzNDNl
LzEva3dUcm9xbDZDY216c0l6X2c5LTBkeFFid2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/VoMA0G
CSqGSIb3DQEBCwUAA4IBAQA2C5Sp9USVCDP1UXeJST2xqfsLDsVMk2zaTQNiEsJV
apu3Ld/mkiWMwQEZgqyDfnvzfPTNMhK9h3puLbGnmxSMsuQD3jkfZbnID0PX0FIS
Kqntwq5QisGAGzBmdjQ1L6a2bCnfQwfIyu/ie0p158n1tVMOVFtKt3PkCjY6Qq0W
2/Q5QdKOXEvV2fWTZPJoz6lawk+T4qSk13hgfjxIftS3/ep1yaWAQA0mKzEC9TCc
HSppSngGwWTkCoJQVDkH5c2KgsWZJ3nQS7GSRK8/Boe8BKvotYALttTbA6P4JK4Z
rVeLpcwVhq55LgggHTfMGc9TTB8PvAjEQ3NGJMc/JPt/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:52 2024 by rpki-client on console-ams.rpki-client.org