Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/3oN39gjmUMdbffU3Q97Bp82FsmQ.roa
File: 3oN39gjmUMdbffU3Q97Bp82FsmQ.roa (raw, json)
Hash identifier: tPpoR9cpELv0m92loHYml1Rs2JQ10w3yCUTXEnEQFBI=
Subject key identifier: DE:83:77:F6:08:E6:50:C7:5B:7D:F5:37:43:DE:C1:A7:CD:85:B2:64
Certificate issuer: /CN=c20e65caddbecd48d2f87787993113842bdfce5d
Certificate serial: 01856DB87EDE44A8762A1F8884E187968038
Authority key identifier: C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/3oN39gjmUMdbffU3Q97Bp82FsmQ.roa
Signing time: Sun 01 Jan 2023 14:24:45 +0000
ROA not before: Sun 01 Jan 2023 14:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197726
IP address blocks: 195.88.242.0/23 maxlen: 23
91.231.84.0/23 maxlen: 23
91.231.86.0/23 maxlen: 23
195.64.154.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:7e:de:44:a8:76:2a:1f:88:84:e1:87:96:80:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c20e65caddbecd48d2f87787993113842bdfce5d
Validity
Not Before: Jan 1 14:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de8377f608e650c75b7df53743dec1a7cd85b264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:e0:c1:7f:7f:92:00:1f:04:60:30:44:9d:
0e:9a:9c:54:3d:16:22:07:83:ab:98:e2:af:c9:16:
52:ae:ed:b1:47:9c:c7:33:b0:b1:6f:7b:c7:02:81:
a6:e9:3d:5d:1c:6f:5a:b5:5c:27:28:52:f9:56:76:
40:aa:c3:c5:3d:a2:67:5b:b3:ba:13:1d:2f:df:fb:
be:0f:8b:92:7f:94:50:86:f2:73:28:42:ea:67:09:
ea:6d:63:dd:06:37:3a:ad:8b:45:d8:b2:c6:28:2f:
56:b3:61:58:d5:33:96:4c:ef:97:8d:2e:c3:15:aa:
2e:54:36:e4:2c:d1:13:12:5d:d4:3e:ce:dc:71:43:
26:98:86:b5:5d:21:b9:e7:d6:0a:7a:59:9e:ed:5f:
ea:ad:76:35:1c:50:78:b4:2f:c5:f6:57:28:2c:50:
de:af:9c:11:bd:40:60:fc:51:a1:1b:24:1a:d9:48:
6f:c6:61:e2:ba:30:4c:fb:3d:1f:3a:03:4c:46:66:
9d:03:0d:43:41:7b:a2:58:4b:5d:22:f0:ad:ad:5b:
d2:40:bf:5e:62:d4:3e:f8:e9:c0:c6:f1:9b:7b:f4:
f6:1d:69:16:f2:fc:bb:ef:27:44:16:94:40:4f:a0:
da:bc:40:3c:83:eb:a8:c9:cf:2e:48:7f:ca:74:35:
3e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:83:77:F6:08:E6:50:C7:5B:7D:F5:37:43:DE:C1:A7:CD:85:B2:64
X509v3 Authority Key Identifier:
keyid:C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/3oN39gjmUMdbffU3Q97Bp82FsmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.84.0/22
195.64.154.0/23
195.88.242.0/23
Signature Algorithm: sha256WithRSAEncryption
96:32:be:4d:d3:3a:2a:50:c0:c5:09:d9:89:0e:1d:a0:0c:73:
82:e6:fa:b6:65:0a:ec:a3:7b:77:cf:f2:ea:f5:bd:29:3c:b8:
90:df:ca:34:34:dd:de:85:d6:30:cd:64:e4:58:fb:3c:6d:28:
65:d9:f2:2a:d9:72:0e:5d:9c:ff:c9:b5:e4:a8:d9:d2:1d:39:
3a:bd:59:20:95:c6:3d:ff:57:f0:a3:bb:56:df:4b:d0:95:34:
a9:b6:ef:90:5b:92:cc:a8:64:c3:85:2a:3f:bb:f7:ba:41:bc:
44:4c:1b:96:c9:57:ea:8e:0c:ac:e6:74:05:2f:59:2b:d1:39:
d8:fc:04:54:83:2c:73:6e:e6:1d:f7:a1:27:91:85:45:48:7a:
61:97:94:86:57:c1:49:eb:28:9e:9e:ba:64:10:a8:93:d3:f5:
9e:d2:ea:b4:c2:83:a9:22:23:e2:7d:74:81:0e:42:37:bc:15:
06:ea:c4:7e:97:a7:5c:4d:8e:99:06:ae:be:fa:c8:00:41:39:
78:c3:01:d4:6c:c7:b8:73:82:09:75:1d:4f:be:dd:c8:e3:80:
79:03:26:ee:2e:7c:80:ed:31:73:b3:71:16:4b:ed:33:ab:b4:
23:26:53:b4:fe:a9:c4:cc:bc:48:08:cd:88:00:18:e3:fd:30:
42:15:72:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtuH7eRKh2Kh+IhOGHloA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMGU2NWNhZGRiZWNkNDhkMmY4Nzc4Nzk5MzExMzg0MmJk
ZmNlNWQwHhcNMjMwMTAxMTQyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTgzNzdmNjA4ZTY1MGM3NWI3ZGY1Mzc0M2RlYzFhN2NkODViMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEDgwX9/kgAfBGAwRJ0OmpxUPRYi
B4OrmOKvyRZSru2xR5zHM7Cxb3vHAoGm6T1dHG9atVwnKFL5VnZAqsPFPaJnW7O6
Ex0v3/u+D4uSf5RQhvJzKELqZwnqbWPdBjc6rYtF2LLGKC9Ws2FY1TOWTO+XjS7D
FaouVDbkLNETEl3UPs7ccUMmmIa1XSG559YKelme7V/qrXY1HFB4tC/F9lcoLFDe
r5wRvUBg/FGhGyQa2UhvxmHiujBM+z0fOgNMRmadAw1DQXuiWEtdIvCtrVvSQL9e
YtQ++OnAxvGbe/T2HWkW8vy77ydEFpRAT6DavEA8g+uoyc8uSH/KdDU+yQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN6Dd/YI5lDHW331N0PewafNhbJkMB8GA1UdIwQY
MBaAFMIOZcrdvs1I0vh3h5kxE4Qr385dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2It
N2VmYWE0YTc0Zjk3LzEvM29OMzlnam1VTWRiZmZVM1E5N0JwODJGc21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2ItN2VmYWE0YTc0Zjk3
LzEvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+dUAwQB
w0CaAwQBw1jyMA0GCSqGSIb3DQEBCwUAA4IBAQCWMr5N0zoqUMDFCdmJDh2gDHOC
5vq2ZQrso3t3z/Lq9b0pPLiQ38o0NN3ehdYwzWTkWPs8bShl2fIq2XIOXZz/ybXk
qNnSHTk6vVkglcY9/1fwo7tW30vQlTSptu+QW5LMqGTDhSo/u/e6QbxETBuWyVfq
jgys5nQFL1kr0TnY/ARUgyxzbuYd96EnkYVFSHphl5SGV8FJ6yienrpkEKiT0/We
0uq0woOpIiPifXSBDkI3vBUG6sR+l6dcTY6ZBq6++sgAQTl4wwHUbMe4c4IJdR1P
vt3I44B5AybuLnyA7TFzs3EWS+0zq7QjJlO0/qnEzLxICM2IABjj/TBCFXLw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:11 2024 by rpki-client on console-ams.rpki-client.org