Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/3hJwJjfJH76N7sCKbHYeB4_57M0.roa
File: 3hJwJjfJH76N7sCKbHYeB4_57M0.roa (raw, json)
Hash identifier: r8ynVK9Nl8YjS5xP+y4UiqCelPPDoheu7JRDfJY1u8Q=
Subject key identifier: DE:12:70:26:37:C9:1F:BE:8D:EE:C0:8A:6C:76:1E:07:8F:F9:EC:CD
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018C67C13C0453923D5291D5D5F0A59F8340
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/3hJwJjfJH76N7sCKbHYeB4_57M0.roa
Signing time: Thu 14 Dec 2023 09:56:06 +0000
ROA not before: Thu 14 Dec 2023 09:56:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 217.144.176.0/22 maxlen: 32
185.136.32.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 19 Dec 2023 13:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:c1:3c:04:53:92:3d:52:91:d5:d5:f0:a5:9f:83:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Dec 14 09:56:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de12702637c91fbe8deec08a6c761e078ff9eccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:44:c1:40:43:ca:60:55:36:41:c9:1a:3f:4f:
61:1b:d4:5e:09:20:a8:69:45:c0:54:18:d2:de:a0:
b4:1a:02:97:3c:a2:65:55:2c:3d:ef:a2:c9:0b:18:
a7:0a:f3:3f:fe:7e:7a:c9:a1:92:33:81:40:60:8e:
36:7d:2b:6f:cb:50:99:49:9d:99:c0:dd:31:fb:7e:
4a:62:8b:27:23:a0:14:50:20:84:ce:ec:fc:c2:be:
bd:ce:e6:c9:df:5c:d7:f7:ec:ec:b5:05:4a:35:2f:
09:e6:08:4d:e1:d3:05:9d:60:b4:f6:15:4b:a1:1c:
56:ef:33:59:ff:b8:25:ff:ff:ae:cf:07:bf:25:74:
bd:7b:9e:c5:ab:7b:9e:46:15:f9:ca:aa:eb:29:83:
e6:dd:7e:1a:62:f9:ab:8a:5a:43:c8:72:01:65:4b:
38:ca:60:d8:f3:17:cd:3c:64:3f:09:ac:c4:61:3a:
85:2e:7e:f3:01:87:dc:4e:65:65:a2:bd:b4:20:ac:
f9:f0:9c:1f:31:44:f5:f0:40:c4:e3:ae:4d:ba:7a:
a2:3d:1b:2c:a4:1a:fa:e1:a5:35:62:08:81:56:0a:
62:20:45:96:dd:00:35:88:43:33:58:bb:11:a1:5d:
33:26:5e:a8:d5:dd:41:ea:3f:cf:2d:fc:bf:57:d8:
8e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:70:26:37:C9:1F:BE:8D:EE:C0:8A:6C:76:1E:07:8F:F9:EC:CD
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/3hJwJjfJH76N7sCKbHYeB4_57M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.32.0/22
217.144.176.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:50:de:60:0b:99:3c:7b:39:e5:64:ef:ff:d6:2d:cf:89:98:
eb:d0:36:64:f9:1b:2b:76:8b:e7:2b:25:11:82:c1:14:45:00:
93:2e:4e:ee:5b:f7:3b:a8:38:7b:22:3b:48:31:2b:93:2c:35:
a0:d3:9d:38:58:68:c2:85:0c:a1:e1:1f:79:06:c0:8a:21:5c:
3e:c1:62:e3:02:c4:54:76:c1:d0:0e:40:bc:56:81:22:5a:fc:
02:48:97:99:dc:4f:6f:92:67:58:a2:a1:0a:e8:e8:93:1b:76:
9d:b1:c5:ba:b7:96:5b:9e:dc:9a:ae:61:7d:8b:6f:82:71:de:
c3:9a:e0:8f:0b:38:5a:c9:8a:62:74:03:79:47:b8:4f:93:29:
13:a2:a2:6a:bb:a5:79:59:53:00:56:f0:6d:af:b8:7d:0b:2c:
cb:67:40:f1:32:fa:69:78:3b:68:09:cd:7a:00:69:86:98:47:
7e:65:38:11:54:22:5f:5e:75:0f:c6:79:67:86:39:e1:37:95:
24:e0:72:73:5f:58:29:e4:23:2d:7c:6e:a3:87:40:33:38:61:
85:a5:99:ee:a4:2b:fc:61:4a:09:66:0d:e5:c7:d7:71:30:f8:
be:2c:59:51:8d:32:53:58:27:27:c6:54:34:21:2b:59:b2:ba:
5f:b8:47:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxnwTwEU5I9UpHV1fCln4NAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMxMjE0MDk1NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyNzAyNjM3YzkxZmJlOGRlZWMwOGE2Yzc2MWUwNzhmZjllY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUTBQEPKYFU2QckaP09hG9ReCSCo
aUXAVBjS3qC0GgKXPKJlVSw976LJCxinCvM//n56yaGSM4FAYI42fStvy1CZSZ2Z
wN0x+35KYosnI6AUUCCEzuz8wr69zubJ31zX9+zstQVKNS8J5ghN4dMFnWC09hVL
oRxW7zNZ/7gl//+uzwe/JXS9e57Fq3ueRhX5yqrrKYPm3X4aYvmrilpDyHIBZUs4
ymDY8xfNPGQ/CazEYTqFLn7zAYfcTmVlor20IKz58JwfMUT18EDE465NunqiPRss
pBr64aU1YgiBVgpiIEWW3QA1iEMzWLsRoV0zJl6o1d1B6j/PLfy/V9iOvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4ScCY3yR++je7Aimx2HgeP+ezNMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvM2hKd0pqZkpINzZON3NDS2JIWWVCNF81N00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYggAwQC
2ZCwMA0GCSqGSIb3DQEBCwUAA4IBAQAvUN5gC5k8eznlZO//1i3PiZjr0DZk+Rsr
dovnKyURgsEURQCTLk7uW/c7qDh7IjtIMSuTLDWg0504WGjChQyh4R95BsCKIVw+
wWLjAsRUdsHQDkC8VoEiWvwCSJeZ3E9vkmdYoqEK6OiTG3adscW6t5ZbntyarmF9
i2+Ccd7DmuCPCzhayYpidAN5R7hPkykToqJqu6V5WVMAVvBtr7h9CyzLZ0DxMvpp
eDtoCc16AGmGmEd+ZTgRVCJfXnUPxnlnhjnhN5Uk4HJzX1gp5CMtfG6jh0AzOGGF
pZnupCv8YUoJZg3lx9dxMPi+LFlRjTJTWCcnxlQ0IStZsrpfuEdq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:08 2024 by rpki-client on console-ams.rpki-client.org