Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/l3L499JDZYlmXl5-ZiA4aSBUlaM.roa
File: l3L499JDZYlmXl5-ZiA4aSBUlaM.roa (raw, json)
Hash identifier: HWaCtoXq3lHC5qqZhUAXLcoEHoOmvOakCut323935Lk=
Subject key identifier: 97:72:F8:F7:D2:43:65:89:66:5E:5E:7E:66:20:38:69:20:54:95:A3
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB835137333870E09DBE30E63870C16
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/l3L499JDZYlmXl5-ZiA4aSBUlaM.roa
Signing time: Sun 01 Jan 2023 09:44:49 +0000
ROA not before: Sun 01 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4755
IP address blocks: 194.2.86.0/24 maxlen: 24
194.250.98.0/24 maxlen: 24
90.115.209.0/24 maxlen: 24
90.115.208.0/24 maxlen: 24
194.3.4.0/24 maxlen: 24
81.255.178.0/24 maxlen: 24
194.2.56.0/24 maxlen: 24
194.2.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:35:13:73:33:87:0e:09:db:e3:0e:63:87:0c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9772f8f7d2436589665e5e7e66203869205495a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ce:8e:d1:ad:4e:29:e9:29:32:77:fa:90:35:
fa:1b:fa:84:14:00:c4:98:aa:c7:e1:c8:05:28:79:
22:71:0d:d3:96:95:b5:6e:9b:39:aa:6c:9c:54:cc:
2b:4f:68:ca:70:c5:d6:ad:51:47:8b:22:e5:78:ea:
cc:d5:ad:4c:09:fc:c3:1b:32:5a:7a:f5:33:e0:17:
a8:23:5b:52:09:14:56:4c:1a:7e:b5:aa:f5:85:f2:
98:d9:86:7c:24:dd:ea:ac:7e:1f:44:78:9f:48:dd:
02:74:57:72:9a:bb:75:b5:5e:83:43:8f:47:53:e1:
b9:0e:78:79:f1:c3:f3:93:5a:d5:b0:0d:ed:53:62:
9a:36:b6:6b:d5:5a:43:53:d8:fa:01:88:15:ac:f6:
c0:19:d2:02:ac:7d:66:c5:23:4a:8d:f8:a9:78:2c:
1d:75:c6:d6:ca:f2:bd:ce:8d:7b:4b:e8:05:63:b6:
46:23:39:20:71:20:89:e8:10:19:46:2b:29:f9:33:
20:64:38:94:c2:08:fd:ce:13:1b:c7:67:47:85:61:
5c:ef:b6:a5:c3:0c:17:69:cc:db:77:98:36:55:05:
bf:14:ae:07:b1:d8:fb:6d:25:61:5f:54:e5:30:c9:
df:ce:62:91:20:5a:45:86:e7:41:52:b9:83:ad:ca:
3e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:72:F8:F7:D2:43:65:89:66:5E:5E:7E:66:20:38:69:20:54:95:A3
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/l3L499JDZYlmXl5-ZiA4aSBUlaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.178.0/24
90.115.208.0/23
194.2.56.0/23
194.2.86.0/24
194.3.4.0/24
194.250.98.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:f3:a2:3f:a3:20:cb:2a:92:7c:5f:21:af:ca:2f:2b:ee:e0:
72:5e:16:aa:04:9a:0e:08:aa:cf:63:dc:5d:da:bc:d5:e9:28:
c7:fe:01:e1:9a:d3:c9:2d:5c:45:c1:d5:4d:11:89:4b:ef:ab:
cc:48:48:3f:f3:92:d8:08:31:cc:f5:87:9d:95:43:09:bc:b8:
3b:cd:e6:ce:6a:2b:4e:43:42:9f:94:8f:61:ba:4a:3c:19:92:
32:ce:69:2d:e5:ce:e2:75:fe:b3:94:1a:fb:9b:e9:39:35:e1:
c0:9d:4b:c6:77:e1:78:24:dc:10:4a:9d:84:40:c0:ec:44:8d:
c1:b6:31:26:65:22:78:6a:58:d2:de:ab:91:3f:56:e3:06:dd:
27:ae:a9:6d:a2:a0:e0:6d:5a:3d:b4:ed:a7:ab:9a:08:49:e3:
56:0c:85:07:46:a3:bc:52:52:50:d2:ff:15:fa:1d:dd:c0:20:
08:ba:62:16:e0:9d:a3:0b:e0:93:a9:7f:28:8c:8f:5d:05:97:
04:be:dc:83:a7:86:39:64:82:80:df:fb:c6:5e:8f:f6:36:a7:
96:55:a4:2d:b1:26:3a:65:01:8f:ad:0d:d0:fb:24:64:bc:2b:
af:16:ec:b9:15:80:f8:7c:fc:f2:cd:d1:89:4b:a3:bd:3b:ff:
31:bc:b3:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVsuDUTczOHDgnb4w5jhwwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzcyZjhmN2QyNDM2NTg5NjY1ZTVlN2U2NjIwMzg2OTIwNTQ5NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc6O0a1OKekpMnf6kDX6G/qEFADE
mKrH4cgFKHkicQ3TlpW1bps5qmycVMwrT2jKcMXWrVFHiyLleOrM1a1MCfzDGzJa
evUz4BeoI1tSCRRWTBp+tar1hfKY2YZ8JN3qrH4fRHifSN0CdFdymrt1tV6DQ49H
U+G5Dnh58cPzk1rVsA3tU2KaNrZr1VpDU9j6AYgVrPbAGdICrH1mxSNKjfipeCwd
dcbWyvK9zo17S+gFY7ZGIzkgcSCJ6BAZRisp+TMgZDiUwgj9zhMbx2dHhWFc77al
wwwXaczbd5g2VQW/FK4Hsdj7bSVhX1TlMMnfzmKRIFpFhudBUrmDrco+HQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJdy+PfSQ2WJZl5efmYgOGkgVJWjMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvbDNMNDk5SkRaWWxtWGw1LVppQTRhU0JVbGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUf+yAwQB
WnPQAwQBwgI4AwQAwgJWAwQAwgMEAwQAwvpiMA0GCSqGSIb3DQEBCwUAA4IBAQCa
86I/oyDLKpJ8XyGvyi8r7uByXhaqBJoOCKrPY9xd2rzV6SjH/gHhmtPJLVxFwdVN
EYlL76vMSEg/85LYCDHM9YedlUMJvLg7zebOaitOQ0KflI9huko8GZIyzmkt5c7i
df6zlBr7m+k5NeHAnUvGd+F4JNwQSp2EQMDsRI3BtjEmZSJ4aljS3quRP1bjBt0n
rqltoqDgbVo9tO2nq5oISeNWDIUHRqO8UlJQ0v8V+h3dwCAIumIW4J2jC+CTqX8o
jI9dBZcEvtyDp4Y5ZIKA3/vGXo/2NqeWVaQtsSY6ZQGPrQ3Q+yRkvCuvFuy5FYD4
fPzyzdGJS6O9O/8xvLMc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org