Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/d_SQRf6vp0htHbxHX4HnhRu-GCc.roa
File: d_SQRf6vp0htHbxHX4HnhRu-GCc.roa (raw, json)
Hash identifier: g9QASAdS+dB4fK4DeF28cocObZCT170fCO8+GNe0qCc=
Subject key identifier: 77:F4:90:45:FE:AF:A7:48:6D:1D:BC:47:5F:81:E7:85:1B:BE:18:27
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018CF34AE5F79A4701D9AF0F86872B142D4F
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/d_SQRf6vp0htHbxHX4HnhRu-GCc.roa
Signing time: Wed 10 Jan 2024 12:13:41 +0000
ROA not before: Wed 10 Jan 2024 12:13:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200296
IP address blocks: 185.3.200.0/24 maxlen: 24
188.212.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 07:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:4a:e5:f7:9a:47:01:d9:af:0f:86:87:2b:14:2d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 10 12:13:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77f49045feafa7486d1dbc475f81e7851bbe1827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:15:ca:16:c2:01:32:6e:7e:72:9c:a7:62:c2:
5a:08:60:78:fa:0e:9b:b2:1c:73:2c:81:49:06:f7:
87:4f:6d:6a:3f:a3:1c:5f:25:30:87:32:63:cb:32:
0c:c6:d4:a0:6f:14:6f:6e:10:22:be:92:2c:ec:e5:
d3:1f:7e:a1:d1:1d:a4:ef:a4:c8:06:48:45:b9:54:
44:57:27:2b:da:20:05:cf:d5:63:b0:ee:0c:2d:8f:
76:a3:95:b3:86:41:01:1f:10:56:6e:b9:60:2d:e2:
9f:ec:8f:8c:de:97:5a:b1:4d:82:ea:21:4f:96:e3:
ef:ad:4f:8e:91:3c:ba:50:36:49:bc:5a:0d:d6:05:
0a:c5:f4:84:7c:4a:d6:85:6d:de:70:92:79:3c:52:
75:af:48:04:7a:9b:cd:fd:92:01:97:c6:cf:9b:df:
5f:69:f8:a3:aa:97:3b:56:38:32:18:3c:09:8d:3a:
2d:ff:71:29:8a:27:d5:e1:35:15:cb:38:bb:da:97:
02:50:8e:4e:4f:65:51:ac:a6:36:05:c6:19:0a:34:
d6:c8:64:4e:ac:1a:6c:95:8e:0b:cc:68:17:1f:58:
06:ff:d5:06:a8:fc:21:33:9c:ac:bf:04:4f:83:6a:
41:8a:e1:fa:f2:13:f1:0a:05:b0:34:52:9c:db:ba:
ce:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F4:90:45:FE:AF:A7:48:6D:1D:BC:47:5F:81:E7:85:1B:BE:18:27
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/d_SQRf6vp0htHbxHX4HnhRu-GCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.200.0/24
188.212.97.0/24
Signature Algorithm: sha256WithRSAEncryption
67:b9:6d:73:5c:0e:53:e3:3f:35:f5:69:3f:ca:8e:9e:24:ca:
bd:3e:7b:80:a2:e1:15:ac:58:43:c7:c2:51:ec:e7:19:fb:59:
74:94:cf:71:57:de:bd:b8:73:34:96:e9:07:9e:4b:d7:34:6f:
d4:5e:e5:a6:55:79:8e:09:b2:c4:0d:d6:88:ac:d8:be:52:30:
6d:0e:83:a6:c0:c2:a8:c7:00:dd:bc:67:87:b6:94:dc:ef:a3:
92:0f:bf:3f:ea:75:a7:fa:6e:c5:5a:6d:3f:ba:c1:d4:82:1c:
5e:c0:09:24:fa:de:81:c0:1d:a9:b2:22:84:4f:12:91:d7:4f:
b0:10:56:6b:35:64:bc:a9:22:2f:11:06:cc:6c:8c:dc:03:26:
5d:3c:d4:54:69:6d:c3:39:ef:f2:1c:fb:84:0a:24:19:76:c5:
a7:ba:75:83:3b:63:a4:c2:73:c5:8e:ce:c4:77:98:d3:b6:8a:
f3:ad:08:98:4c:ad:29:bc:46:a4:c6:64:d1:70:18:81:82:6d:
da:a6:f8:bc:a8:6e:01:e9:50:0d:ad:ac:81:bd:66:5a:62:b6:
86:ed:a1:37:e8:49:8a:19:e8:df:a9:38:b7:b7:6e:5f:14:80:
1d:01:66:c8:d7:2a:ab:dd:49:6f:a0:09:01:de:18:e1:14:b2:
a1:17:b4:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzzSuX3mkcB2a8PhocrFC1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTEwMTIxMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Y0OTA0NWZlYWZhNzQ4NmQxZGJjNDc1ZjgxZTc4NTFiYmUxODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BXKFsIBMm5+cpynYsJaCGB4+g6b
shxzLIFJBveHT21qP6McXyUwhzJjyzIMxtSgbxRvbhAivpIs7OXTH36h0R2k76TI
BkhFuVREVycr2iAFz9VjsO4MLY92o5WzhkEBHxBWbrlgLeKf7I+M3pdasU2C6iFP
luPvrU+OkTy6UDZJvFoN1gUKxfSEfErWhW3ecJJ5PFJ1r0gEepvN/ZIBl8bPm99f
afijqpc7VjgyGDwJjTot/3EpiifV4TUVyzi72pcCUI5OT2VRrKY2BcYZCjTWyGRO
rBpslY4LzGgXH1gG/9UGqPwhM5ysvwRPg2pBiuH68hPxCgWwNFKc27rOBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHf0kEX+r6dIbR28R1+B54UbvhgnMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvZF9TUVJmNnZwMGh0SGJ4SFg0SG5oUnUtR0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQPIAwQA
vNRhMA0GCSqGSIb3DQEBCwUAA4IBAQBnuW1zXA5T4z819Wk/yo6eJMq9PnuAouEV
rFhDx8JR7OcZ+1l0lM9xV969uHM0lukHnkvXNG/UXuWmVXmOCbLEDdaIrNi+UjBt
DoOmwMKoxwDdvGeHtpTc76OSD78/6nWn+m7FWm0/usHUghxewAkk+t6BwB2psiKE
TxKR10+wEFZrNWS8qSIvEQbMbIzcAyZdPNRUaW3DOe/yHPuECiQZdsWnunWDO2Ok
wnPFjs7Ed5jTtorzrQiYTK0pvEakxmTRcBiBgm3apvi8qG4B6VANrayBvWZaYraG
7aE36EmKGejfqTi3t25fFIAdAWbI1yqr3UlvoAkB3hjhFLKhF7Tx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org