Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3n-q2CTm5GGuJ2QQJ9X_HZ_lJyk.roa
File: 3n-q2CTm5GGuJ2QQJ9X_HZ_lJyk.roa (raw, json)
Hash identifier: 6bXw7rsGIJ1HOcKtWtyqg7GZxC1pE5xBjNYKLpXdeVU=
Subject key identifier: DE:7F:AA:D8:24:E6:E4:61:AE:27:64:10:27:D5:FF:1D:9F:E5:27:29
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018C5C37BFB64925D8A29F08DEBC1C9F9B55
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3n-q2CTm5GGuJ2QQJ9X_HZ_lJyk.roa
Signing time: Tue 12 Dec 2023 04:10:06 +0000
ROA not before: Tue 12 Dec 2023 04:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38136
IP address blocks: 185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
178.236.36.0/22 maxlen: 24
188.253.4.0/22 maxlen: 24
45.137.180.0/22 maxlen: 24
5.226.48.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5c:37:bf:b6:49:25:d8:a2:9f:08:de:bc:1c:9f:9b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 12 04:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de7faad824e6e461ae27641027d5ff1d9fe52729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:dd:d4:07:b0:51:18:09:04:27:4e:cf:29:43:
2d:3a:d7:3b:69:04:fc:25:ea:cc:c2:1e:60:5e:49:
dc:05:f9:71:d6:3d:dd:20:60:05:52:66:a4:80:b8:
ce:18:0c:fb:54:25:fa:4c:87:5f:96:8a:89:d4:61:
93:20:28:9c:d2:9e:ed:13:a6:27:89:bf:ec:f1:80:
7f:83:46:5c:7d:ff:a3:e8:4a:94:c3:0a:cf:29:17:
26:36:0b:a3:81:ad:cb:dd:90:8c:0a:18:7f:63:fa:
c1:b5:d8:eb:83:e4:1e:2d:09:a4:f5:27:69:89:86:
17:36:e1:ee:ec:c9:73:34:1d:1a:13:d0:8a:df:ba:
14:a3:76:1a:42:02:48:9a:3b:8d:b7:b3:9e:f0:a1:
97:33:1c:de:e4:69:4e:cd:78:a7:f4:d1:b3:2c:5b:
bf:28:77:c5:89:68:83:af:84:19:ae:9c:3e:de:da:
21:93:16:08:35:ca:59:14:aa:6e:62:cd:cb:a8:09:
07:33:49:60:61:21:6d:9a:2c:ca:0e:ee:63:a9:32:
c3:e3:08:39:6d:a0:e9:02:7b:25:e1:79:96:2f:6b:
da:e8:21:40:98:4b:24:f5:45:b5:eb:4e:0e:3f:cd:
1c:8f:d5:ac:46:f2:86:67:e2:98:51:6a:2f:a7:09:
b8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7F:AA:D8:24:E6:E4:61:AE:27:64:10:27:D5:FF:1D:9F:E5:27:29
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3n-q2CTm5GGuJ2QQJ9X_HZ_lJyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.48.0/22
45.137.180.0/22
178.236.36.0/22
185.36.192.0/22
185.220.236.0/22
185.248.184.0/22
188.253.4.0/22
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
99:d5:82:cc:82:8c:77:91:11:a5:f1:31:89:1e:92:41:ca:f7:
1a:23:c4:11:77:f0:8a:4b:4e:2f:62:e4:e7:b3:46:6a:40:99:
b4:b5:ad:60:ba:71:77:58:e9:c7:6f:da:f3:f3:57:4c:f8:09:
0d:a8:22:31:cb:48:8b:f5:0c:73:d8:04:c3:7c:e0:2d:0b:cb:
e6:e2:15:29:57:80:90:8a:9a:fa:cc:9b:f6:a5:61:44:6c:2c:
9e:5b:7c:e7:47:ce:86:62:a5:a1:33:44:57:16:a0:73:b5:63:
54:6d:db:95:e8:1d:46:e1:27:eb:b4:ae:0b:e8:67:30:b9:3e:
27:dd:4b:cc:66:66:48:06:a2:c8:fa:84:42:b1:ae:cb:69:45:
02:0e:06:31:a4:0c:92:c0:9e:fc:a1:cd:f2:b3:df:43:81:97:
58:d5:03:57:de:2b:2f:82:11:06:30:8b:b5:0a:77:7c:25:f5:
ce:41:66:e7:36:84:03:4e:6c:7e:70:3d:24:96:ae:93:ae:2c:
78:e3:b4:a9:65:17:f7:c5:c1:ef:1f:3e:4c:c7:a2:17:40:e3:
7e:3a:29:0d:2d:5a:af:2b:e1:b0:88:43:3a:31:bf:6f:6e:21:
9c:e2:bd:92:81:e1:84:f1:97:52:9c:4d:1e:68:c2:6f:3c:bd:
ba:75:65:b5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYxcN7+2SSXYop8I3rwcn5tVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMjEyMDQxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdmYWFkODI0ZTZlNDYxYWUyNzY0MTAyN2Q1ZmYxZDlmZTUyNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg93UB7BRGAkEJ07PKUMtOtc7aQT8
JerMwh5gXkncBflx1j3dIGAFUmakgLjOGAz7VCX6TIdfloqJ1GGTICic0p7tE6Yn
ib/s8YB/g0Zcff+j6EqUwwrPKRcmNgujga3L3ZCMChh/Y/rBtdjrg+QeLQmk9Sdp
iYYXNuHu7MlzNB0aE9CK37oUo3YaQgJImjuNt7Oe8KGXMxze5GlOzXin9NGzLFu/
KHfFiWiDr4QZrpw+3tohkxYINcpZFKpuYs3LqAkHM0lgYSFtmizKDu5jqTLD4wg5
baDpAnsl4XmWL2va6CFAmEsk9UW1604OP80cj9WsRvKGZ+KYUWovpwm46wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN5/qtgk5uRhridkECfV/x2f5ScpMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvM24tcTJDVG01R0d1SjJRUUo5WF9IWl9sSnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCBeIwAwQC
LYm0AwQCsuwkAwQCuSTAAwQCudzsAwQCufi4AwQCvP0EAwQC1FfAMA0GCSqGSIb3
DQEBCwUAA4IBAQCZ1YLMgox3kRGl8TGJHpJByvcaI8QRd/CKS04vYuTns0ZqQJm0
ta1gunF3WOnHb9rz81dM+AkNqCIxy0iL9Qxz2ATDfOAtC8vm4hUpV4CQipr6zJv2
pWFEbCyeW3znR86GYqWhM0RXFqBztWNUbduV6B1G4SfrtK4L6GcwuT4n3UvMZmZI
BqLI+oRCsa7LaUUCDgYxpAySwJ78oc3ys99DgZdY1QNX3isvghEGMIu1Cnd8JfXO
QWbnNoQDTmx+cD0klq6Trix447SpZRf3xcHvHz5Mx6IXQON+OikNLVqvK+GwiEM6
Mb9vbiGc4r2SgeGE8ZdSnE0eaMJvPL26dWW1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org