Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/3R5BREszr5NH4DbZGJrTDFw02BE.roa
File: 3R5BREszr5NH4DbZGJrTDFw02BE.roa (raw, json)
Hash identifier: in0hQiJlxUT1l/A0U2iJh0+Y2HUmMxyPhgbIo8r4xcg=
Subject key identifier: DD:1E:41:44:4B:33:AF:93:47:E0:36:D9:18:9A:D3:0C:5C:34:D8:11
Certificate issuer: /CN=a9ac1f8595bad558240d74068000a1cf708ba1a5
Certificate serial: 01856F14A5B85602706D7A629C78666EDD22
Authority key identifier: A9:AC:1F:85:95:BA:D5:58:24:0D:74:06:80:00:A1:CF:70:8B:A1:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qawfhZW61VgkDXQGgAChz3CLoaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/3R5BREszr5NH4DbZGJrTDFw02BE.roa
Signing time: Sun 01 Jan 2023 20:45:02 +0000
ROA not before: Sun 01 Jan 2023 20:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212181
IP address blocks: 193.47.149.0/24 maxlen: 24
2a10:1180::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a5:b8:56:02:70:6d:7a:62:9c:78:66:6e:dd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ac1f8595bad558240d74068000a1cf708ba1a5
Validity
Not Before: Jan 1 20:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1e41444b33af9347e036d9189ad30c5c34d811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:32:1a:0d:27:a3:f5:ee:e6:d6:f2:fd:78:43:
0c:fa:93:45:25:6d:d2:f1:3a:ad:6f:d3:1b:36:94:
78:53:19:c9:da:fb:66:7e:80:7d:33:0d:38:0f:65:
57:ff:d8:7a:d4:65:d1:81:e9:6e:ed:38:69:f2:a1:
05:9b:fb:27:38:56:00:a3:1a:83:cc:28:c5:ed:59:
41:8a:e4:79:33:4f:33:54:83:ec:f4:4e:df:6a:3a:
5c:19:8b:0e:a0:bb:e7:ad:71:1a:00:94:f0:6f:53:
5f:21:c5:6b:81:29:98:e3:29:56:c1:62:63:c0:88:
19:41:02:32:03:8b:a2:c6:72:a0:72:0a:f0:a2:f4:
5e:de:84:b8:ea:56:33:60:d0:f8:5f:93:b7:70:70:
23:4a:13:67:19:32:c7:bb:eb:91:93:eb:c6:2e:5b:
fd:7f:e6:60:a6:28:c9:8e:77:cd:33:fd:29:00:2a:
22:53:32:32:cc:5e:23:33:f5:fa:11:e0:7b:43:da:
e4:55:23:b9:07:f6:26:e6:e6:47:70:65:eb:de:4a:
3c:e3:5c:7f:15:e9:16:30:ff:fb:d3:9e:90:cd:51:
03:75:82:74:f2:25:4d:34:44:37:42:72:ae:0c:7c:
aa:5a:5d:82:e3:ce:5f:f6:86:0a:ff:6a:27:09:7b:
d4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1E:41:44:4B:33:AF:93:47:E0:36:D9:18:9A:D3:0C:5C:34:D8:11
X509v3 Authority Key Identifier:
keyid:A9:AC:1F:85:95:BA:D5:58:24:0D:74:06:80:00:A1:CF:70:8B:A1:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qawfhZW61VgkDXQGgAChz3CLoaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/3R5BREszr5NH4DbZGJrTDFw02BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/qawfhZW61VgkDXQGgAChz3CLoaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.149.0/24
IPv6:
2a10:1180::/31
Signature Algorithm: sha256WithRSAEncryption
1a:32:43:9c:70:5d:d2:3f:59:c7:66:dc:74:f2:6e:32:9d:1e:
4f:4e:3b:b5:08:50:5d:8b:cf:31:00:f1:58:9f:26:0c:e6:aa:
83:a3:d1:a9:0d:57:b7:44:e9:ef:40:2e:4f:8b:5e:6e:65:6f:
dc:f9:53:df:69:20:16:3e:1e:41:87:55:11:0a:f8:64:be:eb:
51:4a:12:7a:4b:92:d5:96:b8:10:50:6c:97:11:e1:a7:93:54:
da:71:c7:f1:79:31:ff:c3:71:f4:d9:a9:32:fc:1c:de:a6:7a:
7e:cc:32:e1:1c:8e:c8:40:2b:b3:69:4c:66:d4:9a:c5:38:46:
d9:18:72:55:37:06:0c:27:98:89:f7:29:e3:83:d8:05:bc:53:
23:ce:2e:22:fd:e9:b1:bd:e6:7c:15:e3:d6:4e:18:44:87:e4:
b0:8c:74:34:f0:a8:ea:df:8a:b0:03:2f:be:c1:f6:a8:34:18:
13:dd:e2:30:fd:cc:c1:e2:2f:d0:17:6f:b2:9e:58:f2:b6:a7:
04:97:e1:0d:cf:28:f2:2b:e2:40:17:7f:6c:e5:4b:58:90:c1:
90:e3:05:fb:44:f0:d7:bf:43:91:56:2a:b2:93:1f:a9:ac:11:
a5:ea:b4:e9:2c:2a:f6:c7:14:f4:f8:d7:52:ea:98:6e:21:00:
0b:53:c8:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFKW4VgJwbXpinHhmbt0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YWMxZjg1OTViYWQ1NTgyNDBkNzQwNjgwMDBhMWNmNzA4
YmExYTUwHhcNMjMwMTAxMjA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFlNDE0NDRiMzNhZjkzNDdlMDM2ZDkxODlhZDMwYzVjMzRkODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzIaDSej9e7m1vL9eEMM+pNFJW3S
8Tqtb9MbNpR4UxnJ2vtmfoB9Mw04D2VX/9h61GXRgelu7Thp8qEFm/snOFYAoxqD
zCjF7VlBiuR5M08zVIPs9E7fajpcGYsOoLvnrXEaAJTwb1NfIcVrgSmY4ylWwWJj
wIgZQQIyA4uixnKgcgrwovRe3oS46lYzYND4X5O3cHAjShNnGTLHu+uRk+vGLlv9
f+ZgpijJjnfNM/0pACoiUzIyzF4jM/X6EeB7Q9rkVSO5B/Ym5uZHcGXr3ko841x/
FekWMP/7056QzVEDdYJ08iVNNEQ3QnKuDHyqWl2C485f9oYK/2onCXvUOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN0eQURLM6+TR+A22Ria0wxcNNgRMB8GA1UdIwQY
MBaAFKmsH4WVutVYJA10BoAAoc9wi6GlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWF3ZmhaVzYxVmdrRFhRR2dBQ2h6M0NMb2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80ZWRjMzYtNGQ1My00N2NmLWE2ZmMt
YjUxMTU0NjI4ZmIzLzEvM1I1QlJFc3pyNU5INERiWkdKclRERncwMkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni80ZWRjMzYtNGQ1My00N2NmLWE2ZmMtYjUxMTU0NjI4ZmIz
LzEvcWF3ZmhaVzYxVmdrRFhRR2dBQ2h6M0NMb2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwS+VMA0E
AgACMAcDBQEqEBGAMA0GCSqGSIb3DQEBCwUAA4IBAQAaMkOccF3SP1nHZtx08m4y
nR5PTju1CFBdi88xAPFYnyYM5qqDo9GpDVe3ROnvQC5Pi15uZW/c+VPfaSAWPh5B
h1URCvhkvutRShJ6S5LVlrgQUGyXEeGnk1TaccfxeTH/w3H02aky/Bzepnp+zDLh
HI7IQCuzaUxm1JrFOEbZGHJVNwYMJ5iJ9ynjg9gFvFMjzi4i/emxveZ8FePWThhE
h+SwjHQ08Kjq34qwAy++wfaoNBgT3eIw/czB4i/QF2+ynljytqcEl+ENzyjyK+JA
F39s5UtYkMGQ4wX7RPDXv0ORViqykx+prBGl6rTpLCr2xxT0+NdS6phuIQALU8gX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:38 2024 by rpki-client on console-fra.rpki-client.org