Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3t8nROKmpfA6hxvB0ePGNPbuqwA.roa
File: 3t8nROKmpfA6hxvB0ePGNPbuqwA.roa (raw, json)
Hash identifier: P7hcKR2eSXdz87H8WyzgCcNFg6U8kvX0ye7Xvc59PQk=
Subject key identifier: DE:DF:27:44:E2:A6:A5:F0:3A:87:1B:C1:D1:E3:C6:34:F6:EE:AB:00
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0191E0388FB543C571A66714D0A098E1F7B9
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3t8nROKmpfA6hxvB0ePGNPbuqwA.roa
Signing time: Wed 11 Sep 2024 08:34:48 +0000
ROA not before: Wed 11 Sep 2024 08:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 217.180.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 08:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e0:38:8f:b5:43:c5:71:a6:67:14:d0:a0:98:e1:f7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Sep 11 08:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dedf2744e2a6a5f03a871bc1d1e3c634f6eeab00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:b0:13:99:d7:f6:2a:dc:f0:58:de:4f:df:
a1:13:99:13:fa:5c:1d:e9:24:b4:e6:f2:0b:92:6c:
13:cd:ac:c9:ac:f8:e4:35:6d:36:c1:27:d2:ab:62:
33:5a:2d:ae:ab:03:53:1a:41:ed:90:8c:6c:c8:bf:
a9:af:cc:e5:e2:44:9c:2e:ce:07:27:6f:84:5e:85:
5f:a0:3d:0e:dd:c1:a8:27:5a:24:dc:6e:9c:c2:bb:
cc:55:b0:b0:65:6a:be:ee:fa:05:a9:48:08:5b:38:
0a:60:59:7b:10:db:d6:f4:dd:18:05:2d:8a:4b:0b:
b1:52:04:55:45:2d:08:2f:f4:86:f9:5a:13:f0:c3:
97:b0:cd:b5:86:49:28:68:0f:26:59:03:40:15:26:
85:80:84:c9:e4:d5:74:7f:39:26:65:b5:65:af:a6:
71:a2:9c:30:e1:54:6b:67:c4:af:91:85:95:94:20:
be:97:a8:28:47:7c:82:8a:49:db:ad:c5:ce:2c:a2:
8f:6a:8e:02:d8:e9:84:b5:15:35:51:0e:98:41:d5:
c0:1c:17:ff:5b:5f:20:5d:7c:00:9c:ab:5d:a0:e3:
50:4c:82:11:e5:40:38:ef:7c:1b:5b:60:d0:37:90:
ac:6d:67:d4:f9:2e:23:78:f7:5f:d2:ca:20:be:34:
c6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:DF:27:44:E2:A6:A5:F0:3A:87:1B:C1:D1:E3:C6:34:F6:EE:AB:00
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3t8nROKmpfA6hxvB0ePGNPbuqwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.180.40.0/22
Signature Algorithm: sha256WithRSAEncryption
43:14:65:6a:52:93:22:33:30:fb:9c:a0:fd:6b:d8:89:9d:87:
c4:b0:85:69:a9:a8:2d:21:96:bc:28:43:ba:27:46:b6:85:28:
53:b4:c5:f2:a8:fd:40:97:14:a4:68:1d:7d:8b:03:12:9f:31:
da:b2:c3:72:e8:2a:a4:3c:1b:67:9c:bc:0f:5e:56:93:9a:da:
40:be:9a:d3:b8:1f:b8:cf:2f:5a:3c:cb:36:fe:f6:68:69:e6:
55:db:b9:4a:58:53:1f:e4:35:00:4d:30:d0:c4:ab:9a:9f:5a:
af:03:85:4e:f1:fe:31:29:a1:44:cc:7f:71:9a:c8:4d:79:57:
4a:b8:71:8a:36:c8:e3:8a:62:2b:3a:fe:b7:b6:dd:81:77:9a:
ca:0c:66:c5:8e:c3:0f:26:36:b7:d9:ce:ad:99:bf:28:28:ed:
a1:5d:e2:9f:40:f5:5c:4f:18:eb:d9:5b:4d:9b:1d:43:f0:c1:
86:9e:8f:c6:45:3a:d8:bb:f9:87:0e:2c:5c:53:5c:fd:a4:e6:
5a:35:45:8b:56:96:74:aa:cf:36:35:4c:a5:1e:68:7e:5d:ca:
f6:c5:c9:a0:07:6b:e8:48:a5:b1:f5:a5:a3:c1:0a:ad:91:0f:
e7:fd:42:96:32:00:7f:bf:ff:d6:d2:3b:25:a6:ae:80:f5:1a:
b1:94:57:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHgOI+1Q8VxpmcU0KCY4fe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwOTExMDgzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWRmMjc0NGUyYTZhNWYwM2E4NzFiYzFkMWUzYzYzNGY2ZWVhYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuiwE5nX9irc8FjeT9+hE5kT+lwd
6SS05vILkmwTzazJrPjkNW02wSfSq2IzWi2uqwNTGkHtkIxsyL+pr8zl4kScLs4H
J2+EXoVfoD0O3cGoJ1ok3G6cwrvMVbCwZWq+7voFqUgIWzgKYFl7ENvW9N0YBS2K
SwuxUgRVRS0IL/SG+VoT8MOXsM21hkkoaA8mWQNAFSaFgITJ5NV0fzkmZbVlr6Zx
opww4VRrZ8SvkYWVlCC+l6goR3yCiknbrcXOLKKPao4C2OmEtRU1UQ6YQdXAHBf/
W18gXXwAnKtdoONQTIIR5UA473wbW2DQN5CsbWfU+S4jePdf0sogvjTGcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7fJ0TipqXwOocbwdHjxjT27qsAMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvM3Q4blJPS21wZkE2aHh2QjBlUEdOUGJ1cXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2bQoMA0G
CSqGSIb3DQEBCwUAA4IBAQBDFGVqUpMiMzD7nKD9a9iJnYfEsIVpqagtIZa8KEO6
J0a2hShTtMXyqP1AlxSkaB19iwMSnzHassNy6CqkPBtnnLwPXlaTmtpAvprTuB+4
zy9aPMs2/vZoaeZV27lKWFMf5DUATTDQxKuan1qvA4VO8f4xKaFEzH9xmshNeVdK
uHGKNsjjimIrOv63tt2Bd5rKDGbFjsMPJja32c6tmb8oKO2hXeKfQPVcTxjr2VtN
mx1D8MGGno/GRTrYu/mHDixcU1z9pOZaNUWLVpZ0qs82NUylHmh+Xcr2xcmgB2vo
SKWx9aWjwQqtkQ/n/UKWMgB/v//W0jslpq6A9RqxlFeb
-----END CERTIFICATE-----
Generated at Thu Sep 12 10:55:23 2024 by rpki-client on console-fra.rpki-client.org