Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/3PzCXFaN-HL8AdviOR7tfSeRb5Q.roa
File: 3PzCXFaN-HL8AdviOR7tfSeRb5Q.roa (raw, json)
Hash identifier: HKkmMceDD8ANYuWM38AkDdlrkAjRuyhBeFJ6J/dqEn0=
Subject key identifier: DC:FC:C2:5C:56:8D:F8:72:FC:01:DB:E2:39:1E:ED:7D:27:91:6F:94
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 018C49E8C60006CD18D0DD8EADC48BC8C577
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/3PzCXFaN-HL8AdviOR7tfSeRb5Q.roa
Signing time: Fri 08 Dec 2023 14:50:40 +0000
ROA not before: Fri 08 Dec 2023 14:50:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49788
IP address blocks: 91.223.100.0/24 maxlen: 24
151.252.8.0/21 maxlen: 24
91.90.104.0/21 maxlen: 21
193.202.115.0/24 maxlen: 24
91.225.60.0/22 maxlen: 22
91.189.120.0/21 maxlen: 21
93.184.112.0/21 maxlen: 21
91.221.130.0/23 maxlen: 23
45.153.104.0/22 maxlen: 22
91.209.212.0/24 maxlen: 24
185.7.192.0/22 maxlen: 22
91.193.0.0/22 maxlen: 24
176.111.206.0/23 maxlen: 23
185.55.104.0/22 maxlen: 22
185.80.180.0/22 maxlen: 24
79.141.96.0/20 maxlen: 20
91.218.184.0/22 maxlen: 22
2a04:d340::/29 maxlen: 29
2001:67c:206c::/48 maxlen: 48
2a02:d140::/29 maxlen: 29
2a0f:7900::/29 maxlen: 29
2a04:dc80::/29 maxlen: 29
2001:67c:230::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:49:e8:c6:00:06:cd:18:d0:dd:8e:ad:c4:8b:c8:c5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Dec 8 14:50:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcfcc25c568df872fc01dbe2391eed7d27916f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1f:05:64:1f:07:60:4d:4c:e2:67:b1:57:b9:
25:56:be:9d:5d:ed:9c:51:b1:fb:cc:81:7f:02:b6:
70:38:0a:38:39:5f:93:67:7d:41:f9:33:5d:6f:8d:
da:ea:5c:16:94:8a:33:a7:fc:e8:05:3b:0a:1a:4c:
03:79:bb:15:be:f0:5e:9b:a1:7f:f8:f2:b6:e6:a4:
0a:52:f6:6a:ea:83:99:8c:c0:25:0e:ff:82:06:f4:
b8:50:27:4e:1d:9a:30:8c:98:ac:0e:b0:54:d4:85:
cf:55:6e:90:71:90:fe:5d:7e:78:3c:fe:6e:5e:78:
a0:82:c9:4f:a5:35:c9:cf:41:21:4b:09:0c:58:39:
22:08:4c:c5:bd:f5:b6:5d:76:a7:8d:d4:01:47:e4:
2e:1e:82:7c:06:d0:92:ab:6a:24:7e:f7:56:54:b1:
b0:fd:32:f4:d4:8a:fe:83:65:bb:db:5c:81:99:24:
b8:2e:fc:56:e5:2a:0a:72:f7:57:c8:b5:9d:b2:72:
4b:6b:1d:31:61:9f:70:be:ed:38:c3:e4:69:ce:05:
b4:bd:c9:60:24:a4:6e:e4:46:e2:ed:ed:43:f4:e3:
b2:aa:18:83:ab:ef:28:40:a4:4a:7d:ba:12:75:25:
58:45:e7:0f:61:8a:d7:ee:46:00:2e:7f:bc:58:75:
67:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FC:C2:5C:56:8D:F8:72:FC:01:DB:E2:39:1E:ED:7D:27:91:6F:94
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/3PzCXFaN-HL8AdviOR7tfSeRb5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
79.141.96.0/20
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
93.184.112.0/21
151.252.8.0/21
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.80.180.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:206c::/48
2a02:d140::/29
2a04:d340::/29
2a04:dc80::/29
2a0f:7900::/29
Signature Algorithm: sha256WithRSAEncryption
91:32:a4:61:12:eb:e7:15:80:55:e2:b3:8d:ed:d9:ff:93:34:
df:c0:2b:68:20:db:f6:c4:38:d2:7f:f4:e5:e3:5f:c2:62:39:
82:6b:e1:fb:03:fc:ce:0e:28:26:75:e9:51:1b:b2:d3:1e:f6:
14:8f:6b:56:11:85:a3:9e:06:97:c9:7c:46:bc:60:8a:39:f4:
12:2d:c1:8e:45:e8:a4:75:2f:af:9a:09:06:93:d1:32:6b:1f:
3e:e2:35:07:b1:ef:fd:dd:54:41:17:d0:f3:68:7a:c8:50:06:
cc:fb:38:b5:1f:2b:62:36:3b:51:e6:73:65:2f:cd:78:30:94:
4d:7e:57:9a:ce:e3:72:42:55:da:1f:19:8d:18:31:1b:2a:ed:
0a:3c:d3:f2:e6:d7:81:a0:de:78:2e:be:44:21:27:fd:d8:9c:
d0:a6:96:d2:97:26:8e:d0:8a:48:6b:16:09:97:3f:b1:53:a7:
1b:a8:2b:1d:8a:5e:ef:46:5d:ef:81:98:5c:c5:4d:e2:af:c4:
ef:51:e9:11:39:77:d5:e6:44:a2:7c:fd:ab:92:c8:1d:93:bc:
eb:32:98:05:f2:2f:4f:d4:ed:1f:ae:57:55:7d:02:c8:8c:4a:
a3:21:80:d4:2b:c5:58:21:c6:cb:06:bf:bc:6c:f3:c0:3f:02:
f9:13:f9:12
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYxJ6MYABs0Y0N2OrcSLyMV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjMxMjA4MTQ1MDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ZjYzI1YzU2OGRmODcyZmMwMWRiZTIzOTFlZWQ3ZDI3OTE2Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7x8FZB8HYE1M4mexV7klVr6dXe2c
UbH7zIF/ArZwOAo4OV+TZ31B+TNdb43a6lwWlIozp/zoBTsKGkwDebsVvvBem6F/
+PK25qQKUvZq6oOZjMAlDv+CBvS4UCdOHZowjJisDrBU1IXPVW6QcZD+XX54PP5u
XniggslPpTXJz0EhSwkMWDkiCEzFvfW2XXanjdQBR+QuHoJ8BtCSq2okfvdWVLGw
/TL01Ir+g2W721yBmSS4LvxW5SoKcvdXyLWdsnJLax0xYZ9wvu04w+RpzgW0vclg
JKRu5Ebi7e1D9OOyqhiDq+8oQKRKfboSdSVYRecPYYrX7kYALn+8WHVn9wIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFNz8wlxWjfhy/AHb4jke7X0nkW+UMB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvM1B6Q1hGYU4tSEw4QWR2aU9SN3RmU2VSYjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDBsBAIAATBmAwQCLZlo
AwQET41gAwQDW1poAwQDW714AwQCW8EAAwQAW9HUAwQCW9q4AwQBW92CAwQAW99k
AwQCW+E8AwQDXbhwAwQDl/wIAwQBsG/OAwQCuQfAAwQCuTdoAwQCuVC0AwQAwcpz
MDQEAgACMC4DBwAgAQZ8AjADBwAgAQZ8IGwDBQMqAtFAAwUDKgTTQAMFAyoE3IAD
BQMqD3kAMA0GCSqGSIb3DQEBCwUAA4IBAQCRMqRhEuvnFYBV4rON7dn/kzTfwCto
INv2xDjSf/Tl41/CYjmCa+H7A/zODigmdelRG7LTHvYUj2tWEYWjngaXyXxGvGCK
OfQSLcGOReikdS+vmgkGk9Eyax8+4jUHse/93VRBF9DzaHrIUAbM+zi1HytiNjtR
5nNlL814MJRNfleazuNyQlXaHxmNGDEbKu0KPNPy5teBoN54Lr5EISf92JzQppbS
lyaO0IpIaxYJlz+xU6cbqCsdil7vRl3vgZhcxU3ir8TvUekROXfV5kSifP2rksgd
k7zrMpgF8i9P1O0frldVfQLIjEqjIYDUK8VYIcbLBr+8bPPAPwL5E/kS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org