Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/3hgz-PajpLdKhe2-7NLGcvNpFPQ.roa
File: 3hgz-PajpLdKhe2-7NLGcvNpFPQ.roa (raw, json)
Hash identifier: g9cWG8+MEA90fzm+Eu27aNXSRH0I9FCQSSY/WIHhNTs=
Subject key identifier: DE:18:33:F8:F6:A3:A4:B7:4A:85:ED:BE:EC:D2:C6:72:F3:69:14:F4
Certificate issuer: /CN=d2a4452602c9df977c9d5dd8dc13b6661df40136
Certificate serial: 01856F3917B08BDAFF7DB2E4910406888525
Authority key identifier: D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/3hgz-PajpLdKhe2-7NLGcvNpFPQ.roa
Signing time: Sun 01 Jan 2023 21:24:50 +0000
ROA not before: Sun 01 Jan 2023 21:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21448
IP address blocks: 194.28.136.0/22 maxlen: 24
195.69.92.0/22 maxlen: 24
193.110.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:17:b0:8b:da:ff:7d:b2:e4:91:04:06:88:85:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2a4452602c9df977c9d5dd8dc13b6661df40136
Validity
Not Before: Jan 1 21:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de1833f8f6a3a4b74a85edbeecd2c672f36914f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:cd:1c:77:9e:75:ac:17:11:ad:7a:d0:a6:
13:5b:ed:ed:38:92:fc:67:12:5e:56:e9:bb:7a:c2:
e9:5f:0d:a8:26:3a:65:3a:6c:ce:a9:a3:f9:e3:8b:
9d:14:8f:65:01:b2:0a:9d:1b:73:5e:30:38:d1:3c:
8e:01:66:8d:a8:84:7f:74:37:7c:ac:aa:6e:85:37:
ae:76:ac:62:0e:15:2c:1c:98:eb:3e:42:1f:e5:4c:
15:ea:f7:9e:18:6b:66:72:9f:2d:fb:cb:ea:50:94:
14:ce:a5:ed:62:ce:b1:17:1c:82:6d:3a:38:ef:51:
2c:0b:80:0b:cd:f7:93:12:21:c3:a9:32:10:55:31:
dd:77:ff:07:d2:d0:6c:2e:2c:5c:8c:63:07:a6:b3:
a2:dd:ef:a9:41:5f:ac:03:2b:a5:5c:8e:dd:01:03:
09:4e:91:b5:30:54:f5:c3:81:c1:fa:fe:68:b5:1b:
dd:b2:9d:8f:65:cd:8e:9d:34:24:c4:6d:75:ae:ca:
2f:73:a8:fc:98:c6:83:65:a6:47:b7:85:69:c2:c3:
11:8e:65:d5:83:ce:db:63:40:9e:79:33:c0:b8:81:
a1:61:75:61:33:35:62:f2:a9:06:f0:18:2e:3e:0f:
be:44:f8:6b:e7:a9:a8:f6:4b:da:3b:4e:3d:1c:78:
f3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:18:33:F8:F6:A3:A4:B7:4A:85:ED:BE:EC:D2:C6:72:F3:69:14:F4
X509v3 Authority Key Identifier:
keyid:D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/3hgz-PajpLdKhe2-7NLGcvNpFPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.88.0/24
194.28.136.0/22
195.69.92.0/22
Signature Algorithm: sha256WithRSAEncryption
66:94:f1:77:91:a5:4a:9a:15:3a:c1:5a:b1:8d:21:7e:ac:40:
99:91:fa:e4:d0:db:04:e4:27:3f:39:b9:3c:dd:05:eb:a7:83:
e0:d2:77:91:a6:e9:81:ad:6c:1c:40:7e:54:de:7d:6c:91:b5:
5b:d3:86:64:9b:5d:5a:28:ef:da:65:5e:52:c6:03:47:d9:69:
1d:53:cd:7d:cd:7c:1a:89:c8:3d:98:48:a0:7c:72:c7:6d:0b:
9e:9b:6f:b2:f5:ae:50:85:91:95:9d:bd:07:7f:b4:f0:8d:69:
22:f8:97:8a:d3:b5:ce:2f:45:30:5b:c3:74:c5:a6:1d:03:06:
28:85:7d:c0:4e:6b:23:54:b2:b7:77:5f:7f:d8:51:c8:15:f8:
8b:4a:f1:b6:0d:97:03:bf:e0:12:db:2d:c5:02:c5:72:f9:05:
94:ca:aa:a4:73:29:21:af:41:b7:96:b2:ae:a3:8d:91:ba:34:
44:5b:81:a2:cb:59:a7:c0:4b:25:9f:85:ef:b8:92:59:62:37:
82:0e:90:2e:87:f7:45:dc:7b:a8:0c:70:7a:da:bb:6b:95:16:
28:cb:27:ce:b8:53:04:09:e3:ba:e7:73:0b:f1:35:52:1c:c3:
91:ac:5c:54:59:b4:9e:57:0a:a4:b9:5e:f8:96:a7:50:58:29:
dc:11:cb:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvORewi9r/fbLkkQQGiIUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTQ0NTI2MDJjOWRmOTc3YzlkNWRkOGRjMTNiNjY2MWRm
NDAxMzYwHhcNMjMwMTAxMjEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE4MzNmOGY2YTNhNGI3NGE4NWVkYmVlY2QyYzY3MmYzNjkxNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQTNHHeedawXEa160KYTW+3tOJL8
ZxJeVum7esLpXw2oJjplOmzOqaP544udFI9lAbIKnRtzXjA40TyOAWaNqIR/dDd8
rKpuhTeudqxiDhUsHJjrPkIf5UwV6veeGGtmcp8t+8vqUJQUzqXtYs6xFxyCbTo4
71EsC4ALzfeTEiHDqTIQVTHdd/8H0tBsLixcjGMHprOi3e+pQV+sAyulXI7dAQMJ
TpG1MFT1w4HB+v5otRvdsp2PZc2OnTQkxG11rsovc6j8mMaDZaZHt4VpwsMRjmXV
g87bY0CeeTPAuIGhYXVhMzVi8qkG8BguPg++RPhr56mo9kvaO049HHjzVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN4YM/j2o6S3SoXtvuzSxnLzaRT0MB8GA1UdIwQY
MBaAFNKkRSYCyd+XfJ1d2NwTtmYd9AE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQt
ZmU3NGVmN2FhYzk1LzEvM2hnei1QYWpwTGRLaGUyLTdOTEdjdk5wRlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQtZmU3NGVmN2FhYzk1
LzEvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwW5YAwQC
whyIAwQCw0VcMA0GCSqGSIb3DQEBCwUAA4IBAQBmlPF3kaVKmhU6wVqxjSF+rECZ
kfrk0NsE5Cc/Obk83QXrp4Pg0neRpumBrWwcQH5U3n1skbVb04Zkm11aKO/aZV5S
xgNH2WkdU819zXwaicg9mEigfHLHbQuem2+y9a5QhZGVnb0Hf7TwjWki+JeK07XO
L0UwW8N0xaYdAwYohX3ATmsjVLK3d19/2FHIFfiLSvG2DZcDv+AS2y3FAsVy+QWU
yqqkcykhr0G3lrKuo42RujREW4Giy1mnwEsln4XvuJJZYjeCDpAuh/dF3HuoDHB6
2rtrlRYoyyfOuFMECeO653ML8TVSHMORrFxUWbSeVwqkuV74lqdQWCncEcsj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:16 2024 by rpki-client on console-ams.rpki-client.org