Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3-L3BJaSGH7tP_j8_6cs6btDzHA.roa
File: 3-L3BJaSGH7tP_j8_6cs6btDzHA.roa (raw, json)
Hash identifier: xjTpVvPYFyCsPbefEJXuSI2+EYGp4T+RMzSXyvUvjyQ=
Subject key identifier: DF:E2:F7:04:96:92:18:7E:ED:3F:F8:FC:FF:A7:2C:E9:BB:43:CC:70
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0186399DCC59D90A94DC7E8D97C36E19C0A4
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3-L3BJaSGH7tP_j8_6cs6btDzHA.roa
Signing time: Fri 10 Feb 2023 04:38:08 +0000
ROA not before: Fri 10 Feb 2023 04:38:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212552
IP address blocks: 212.90.102.0/23 maxlen: 24
185.215.244.0/23 maxlen: 24
103.75.196.0/22 maxlen: 24
45.146.241.0/24 maxlen: 24
82.115.16.0/24 maxlen: 24
193.36.84.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
82.115.20.0/23 maxlen: 24
46.249.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jul 2023 23:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:39:9d:cc:59:d9:0a:94:dc:7e:8d:97:c3:6e:19:c0:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 10 04:38:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe2f7049692187eed3ff8fcffa72ce9bb43cc70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d5:a0:75:00:82:32:82:06:30:1b:26:d2:f9:
3e:39:78:ce:d0:56:90:62:32:5b:cc:0e:e0:45:47:
15:c9:b7:c9:12:7f:e4:e3:05:8e:d2:7a:9e:ce:67:
4b:62:88:ef:56:6d:4b:b5:a3:27:54:6e:48:15:4e:
31:a8:99:5a:94:76:a7:0c:54:ce:1f:2a:67:c3:03:
69:ac:b1:67:3e:c1:20:bd:fc:17:94:dd:1a:90:6a:
d6:3a:72:4b:45:0c:ba:a6:a8:3e:ce:01:2f:e1:f9:
0c:a4:34:e8:5d:27:fa:12:e4:77:ad:78:69:bb:7e:
47:fe:3c:79:ab:46:98:83:67:d0:d1:58:fa:c8:1f:
cc:66:8d:ce:80:84:d1:ea:3a:e8:d1:71:6a:ba:13:
12:24:b6:e3:42:ed:96:6b:bb:a1:dd:b3:83:e0:02:
06:3b:79:ec:2d:17:71:a6:d9:7b:02:68:72:69:18:
19:00:ef:ef:ac:7a:71:92:b7:30:53:d5:63:bd:8c:
74:5b:46:b4:22:7c:de:75:1d:a2:9b:a3:0f:b5:4e:
6c:9a:0b:55:e1:24:50:fe:41:fb:98:7e:1c:94:a6:
f4:be:9c:ac:66:5d:c6:dc:82:4e:28:de:1b:c4:b7:
f4:ba:0f:92:ae:7d:6e:6a:6e:0b:fd:da:0a:58:49:
55:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E2:F7:04:96:92:18:7E:ED:3F:F8:FC:FF:A7:2C:E9:BB:43:CC:70
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3-L3BJaSGH7tP_j8_6cs6btDzHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.241.0/24
46.249.100.0/22
82.115.16.0/24
82.115.20.0/23
82.115.24.0/22
103.75.196.0/22
185.215.244.0/23
193.36.84.0/23
212.90.102.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:47:45:f2:1d:c1:33:01:bd:d1:65:37:f3:0c:10:dd:53:74:
20:62:63:4a:09:f3:a7:6e:53:34:8f:47:3d:d8:62:cb:dc:e3:
62:6e:ac:cf:73:e3:e8:40:da:4b:06:4e:24:a1:70:20:b9:84:
35:04:e7:ea:7e:64:5f:2b:72:f5:40:51:3d:46:fa:71:71:18:
b8:c7:66:6a:8e:a9:af:ac:99:0e:0c:c2:f0:7e:28:0b:14:ca:
d0:9c:5d:0a:d3:ca:bd:84:b0:2a:8a:7f:89:99:94:ad:ce:51:
6a:6e:ca:d3:c8:ae:2b:3b:38:31:58:1e:91:0c:7f:32:8d:6b:
da:e5:e8:d4:cb:7d:7c:23:45:b2:6c:d4:6b:85:5f:09:25:44:
b1:47:09:dc:5f:37:b2:d6:01:9e:c6:69:34:3e:b1:1e:55:1c:
7d:31:27:c4:7d:ab:ec:fb:f0:25:50:d9:9b:fe:bd:84:42:de:
96:03:a9:50:16:b1:04:2d:e7:80:27:d6:ea:36:59:d1:29:ee:
cb:a8:5c:d7:68:03:c0:ee:93:1c:90:f2:68:6b:e1:31:5c:74:
6b:50:b0:5d:70:a3:49:8a:1b:c0:09:7f:df:c0:ac:dd:cb:5f:
52:aa:d7:c8:25:3b:61:e1:0e:81:a6:8a:56:36:9e:0c:dd:28:
d4:92:61:35
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYY5ncxZ2QqU3H6Nl8NuGcCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjEwMDQzODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUyZjcwNDk2OTIxODdlZWQzZmY4ZmNmZmE3MmNlOWJiNDNjYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNWgdQCCMoIGMBsm0vk+OXjO0FaQ
YjJbzA7gRUcVybfJEn/k4wWO0nqezmdLYojvVm1LtaMnVG5IFU4xqJlalHanDFTO
HypnwwNprLFnPsEgvfwXlN0akGrWOnJLRQy6pqg+zgEv4fkMpDToXSf6EuR3rXhp
u35H/jx5q0aYg2fQ0Vj6yB/MZo3OgITR6jro0XFquhMSJLbjQu2Wa7uh3bOD4AIG
O3nsLRdxptl7AmhyaRgZAO/vrHpxkrcwU9VjvYx0W0a0InzedR2im6MPtU5smgtV
4SRQ/kH7mH4clKb0vpysZl3G3IJOKN4bxLf0ug+Srn1uam4L/doKWElVmwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN/i9wSWkhh+7T/4/P+nLOm7Q8xwMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMy1MM0JKYVNHSDd0UF9qOF82Y3M2YnREekhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZLxAwQC
LvlkAwQAUnMQAwQBUnMUAwQCUnMYAwQCZ0vEAwQBudf0AwQBwSRUAwQB1FpmMA0G
CSqGSIb3DQEBCwUAA4IBAQCKR0XyHcEzAb3RZTfzDBDdU3QgYmNKCfOnblM0j0c9
2GLL3ONibqzPc+PoQNpLBk4koXAguYQ1BOfqfmRfK3L1QFE9RvpxcRi4x2Zqjqmv
rJkODMLwfigLFMrQnF0K08q9hLAqin+JmZStzlFqbsrTyK4rOzgxWB6RDH8yjWva
5ejUy318I0WybNRrhV8JJUSxRwncXzey1gGexmk0PrEeVRx9MSfEfavs+/AlUNmb
/r2EQt6WA6lQFrEELeeAJ9bqNlnRKe7LqFzXaAPA7pMckPJoa+ExXHRrULBdcKNJ
ihvACX/fwKzdy19SqtfIJTth4Q6BpopWNp4M3SjUkmE1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org