Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/d5ed8c-f1e5-44ec-aca7-8fecb16a648a/1/2g2roTiSCsfyGFyoZcVMdimg0Mk.roa
File: 2g2roTiSCsfyGFyoZcVMdimg0Mk.roa (raw, json)
Hash identifier: 1thhr50gC57FHrUgU5d3yWSen2qPvcwAhLIT0qpmwu0=
Subject key identifier: DA:0D:AB:A1:38:92:0A:C7:F2:18:5C:A8:65:C5:4C:76:29:A0:D0:C9
Certificate issuer: /CN=80cdceaf17410ab9c22ddb71ad01cfc2ad0cbcf3
Certificate serial: 0189446F983E3113EC6C4059939497BEB4E9
Authority key identifier: 80:CD:CE:AF:17:41:0A:B9:C2:2D:DB:71:AD:01:CF:C2:AD:0C:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gM3OrxdBCrnCLdtxrQHPwq0MvPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/d5ed8c-f1e5-44ec-aca7-8fecb16a648a/1/2g2roTiSCsfyGFyoZcVMdimg0Mk.roa
Signing time: Tue 11 Jul 2023 10:11:51 +0000
ROA not before: Tue 11 Jul 2023 10:11:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212374
IP address blocks: 185.231.240.0/24 maxlen: 24
185.231.242.0/24 maxlen: 24
185.231.241.0/24 maxlen: 24
185.231.243.0/24 maxlen: 24
2a0c:9900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:6f:98:3e:31:13:ec:6c:40:59:93:94:97:be:b4:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80cdceaf17410ab9c22ddb71ad01cfc2ad0cbcf3
Validity
Not Before: Jul 11 10:11:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da0daba138920ac7f2185ca865c54c7629a0d0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0b:15:f3:e4:41:1e:b9:6f:27:75:14:71:ac:
4c:55:2e:6c:6b:98:2e:fa:6d:bc:b3:83:c3:e4:58:
dd:3e:5c:66:54:c5:6d:42:41:c7:ff:91:7c:c7:11:
18:5f:de:ea:ba:ca:0d:0f:d9:7f:36:82:13:ee:7d:
30:03:5d:1d:c7:a3:94:aa:f4:1b:16:86:ad:e9:6a:
78:96:22:06:b9:58:49:23:b4:37:e9:bd:d4:c1:ba:
f4:e9:1d:66:72:60:8b:7a:52:b3:bb:7b:96:9f:a5:
59:c4:e1:40:ec:1d:30:c2:c7:ef:a9:c5:eb:29:1d:
37:2c:fe:0c:81:67:de:27:d3:57:57:b3:6d:72:4c:
07:28:af:0a:22:1b:03:b9:5c:93:0e:78:a3:3d:c1:
18:ea:64:d2:6a:a3:6e:69:e7:02:b6:66:83:ee:88:
e3:a5:62:e0:8a:58:9d:97:9f:e3:bb:d2:b1:ea:85:
10:1c:fe:c7:0c:d8:af:bf:11:fb:01:b5:b4:11:b3:
66:46:8e:5b:f6:6f:bb:a7:0b:a6:1f:2c:87:2a:8c:
22:4b:7d:1e:29:a0:b4:63:3b:2a:02:44:c7:f8:f1:
06:24:77:16:ed:fd:0d:34:68:2b:e8:c2:9d:e3:33:
67:ca:4b:91:31:2d:f7:b6:b2:5b:7a:8c:2a:57:2d:
7c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0D:AB:A1:38:92:0A:C7:F2:18:5C:A8:65:C5:4C:76:29:A0:D0:C9
X509v3 Authority Key Identifier:
keyid:80:CD:CE:AF:17:41:0A:B9:C2:2D:DB:71:AD:01:CF:C2:AD:0C:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gM3OrxdBCrnCLdtxrQHPwq0MvPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d5ed8c-f1e5-44ec-aca7-8fecb16a648a/1/2g2roTiSCsfyGFyoZcVMdimg0Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d5ed8c-f1e5-44ec-aca7-8fecb16a648a/1/gM3OrxdBCrnCLdtxrQHPwq0MvPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.240.0/22
IPv6:
2a0c:9900::/32
Signature Algorithm: sha256WithRSAEncryption
06:65:d7:e4:dd:14:99:fc:20:79:6e:bc:7f:e2:17:fa:87:6e:
e9:ac:6c:d4:bb:fb:5a:ab:12:19:35:6e:4c:4d:3d:be:50:9c:
17:6f:4c:c0:58:99:c6:14:62:36:66:03:c0:08:46:a0:bb:4c:
76:04:b8:2d:d0:1a:c7:03:ec:d1:0e:50:8d:8a:46:60:1f:5f:
25:f0:b0:5e:f9:23:40:b1:04:8d:6e:36:e7:5f:b2:98:70:39:
0f:13:61:e5:74:3a:c3:79:ce:1d:08:35:d0:fd:b9:62:f7:4c:
a3:bf:7e:c7:3d:1f:da:a6:d4:d5:59:38:23:b8:5e:de:fd:f7:
49:52:71:65:1f:28:b0:6b:f1:c1:72:fb:79:8d:90:47:bb:ef:
e6:40:2d:60:7e:f1:21:96:34:79:12:f0:f0:c6:48:28:91:32:
67:c1:9d:94:0a:9b:1b:a2:30:65:75:b6:f4:02:17:ee:00:47:
b9:39:89:6f:0f:bc:91:3e:57:a6:78:fe:b7:8f:f7:66:64:88:
a2:ef:1c:4e:31:08:a6:bd:5a:de:6c:d1:fe:8c:71:13:1f:6a:
5f:27:fd:95:19:25:ec:41:8a:bd:d7:2b:44:f0:d8:53:1f:b6:
84:eb:46:c5:1b:26:9b:2e:17:0e:3b:00:c9:49:89:9f:27:57:
9a:a6:65:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlEb5g+MRPsbEBZk5SXvrTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwY2RjZWFmMTc0MTBhYjljMjJkZGI3MWFkMDFjZmMyYWQw
Y2JjZjMwHhcNMjMwNzExMTAxMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTBkYWJhMTM4OTIwYWM3ZjIxODVjYTg2NWM1NGM3NjI5YTBkMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwsV8+RBHrlvJ3UUcaxMVS5sa5gu
+m28s4PD5FjdPlxmVMVtQkHH/5F8xxEYX97qusoND9l/NoIT7n0wA10dx6OUqvQb
Foat6Wp4liIGuVhJI7Q36b3Uwbr06R1mcmCLelKzu3uWn6VZxOFA7B0wwsfvqcXr
KR03LP4MgWfeJ9NXV7NtckwHKK8KIhsDuVyTDnijPcEY6mTSaqNuaecCtmaD7ojj
pWLgilidl5/ju9Kx6oUQHP7HDNivvxH7AbW0EbNmRo5b9m+7pwumHyyHKowiS30e
KaC0YzsqAkTH+PEGJHcW7f0NNGgr6MKd4zNnykuRMS33trJbeowqVy187wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNoNq6E4kgrH8hhcqGXFTHYpoNDJMB8GA1UdIwQY
MBaAFIDNzq8XQQq5wi3bca0Bz8KtDLzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ00zT3J4ZEJDcm5DTGR0eHJRSFB3cTBNdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9kNWVkOGMtZjFlNS00NGVjLWFjYTct
OGZlY2IxNmE2NDhhLzEvMmcycm9UaVNDc2Z5R0Z5b1pjVk1kaW1nME1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9kNWVkOGMtZjFlNS00NGVjLWFjYTctOGZlY2IxNmE2NDhh
LzEvZ00zT3J4ZEJDcm5DTGR0eHJRSFB3cTBNdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuefwMA0E
AgACMAcDBQAqDJkAMA0GCSqGSIb3DQEBCwUAA4IBAQAGZdfk3RSZ/CB5brx/4hf6
h27prGzUu/taqxIZNW5MTT2+UJwXb0zAWJnGFGI2ZgPACEagu0x2BLgt0BrHA+zR
DlCNikZgH18l8LBe+SNAsQSNbjbnX7KYcDkPE2HldDrDec4dCDXQ/bli90yjv37H
PR/aptTVWTgjuF7e/fdJUnFlHyiwa/HBcvt5jZBHu+/mQC1gfvEhljR5EvDwxkgo
kTJnwZ2UCpsbojBldbb0AhfuAEe5OYlvD7yRPlemeP63j/dmZIii7xxOMQimvVre
bNH+jHETH2pfJ/2VGSXsQYq91ytE8NhTH7aE60bFGyabLhcOOwDJSYmfJ1eapmVK
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:20 2024 by rpki-client on console.sobornost.net