Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3DN7TJGYpFD2Xpwgz7DCBQ7fXXI.roa
File: 3DN7TJGYpFD2Xpwgz7DCBQ7fXXI.roa (raw, json)
Hash identifier: dHaA1PtOsCRi6cFhOBd52fJYkIi2NiaFRL6YO0n2EUg=
Subject key identifier: DC:33:7B:4C:91:98:A4:50:F6:5E:9C:20:CF:B0:C2:05:0E:DF:5D:72
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA31C50131A09CF8274C6D50AEF2452FB
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3DN7TJGYpFD2Xpwgz7DCBQ7fXXI.roa
Signing time: Wed 03 Apr 2024 08:38:45 +0000
ROA not before: Wed 03 Apr 2024 08:38:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12332
IP address blocks: 5.143.112.0/20 maxlen: 20
77.34.0.0/15 maxlen: 24
81.2.0.0/19 maxlen: 24
82.162.0.0/16 maxlen: 18
86.102.0.0/16 maxlen: 18
212.91.192.0/19 maxlen: 24
212.107.192.0/19 maxlen: 24
212.107.192.0/20 maxlen: 24
212.107.208.0/20 maxlen: 24
212.122.0.0/19 maxlen: 24
212.122.0.0/20 maxlen: 24
212.122.16.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 04:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:1c:50:13:1a:09:cf:82:74:c6:d5:0a:ef:24:52:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 3 08:38:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc337b4c9198a450f65e9c20cfb0c2050edf5d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:37:d2:25:50:fb:95:66:19:4d:33:0a:cf:eb:
0b:a5:31:0e:c5:1a:d4:3e:8d:49:75:e6:05:75:ca:
8f:96:1e:04:46:26:05:0e:45:da:db:f0:25:64:a2:
8d:64:47:c2:4b:df:89:a9:5b:45:6e:bd:67:62:3f:
f9:a7:5c:4d:51:8b:5e:20:7e:5a:29:41:7b:0a:63:
a5:42:13:28:25:39:40:1f:fb:d4:5b:87:9e:72:dd:
e9:89:a5:18:cf:23:61:b3:76:6a:af:e6:37:f5:67:
d9:f7:cc:06:43:4d:57:05:4d:38:95:3f:e9:d3:1c:
8e:e6:b0:e8:81:84:a1:ad:d5:ee:dc:9d:be:4a:f3:
b8:f7:e5:30:4d:4b:45:dc:74:cf:8a:5f:2f:20:b9:
b4:ed:42:44:64:52:af:6a:b7:43:78:a7:4c:c3:41:
57:a1:60:56:2e:f1:c3:b8:d6:6e:53:3c:e8:b6:17:
80:00:95:b1:a6:cb:fb:47:95:5b:b1:ba:f8:f2:a1:
5f:44:7a:94:ec:ef:a3:67:51:a6:cf:a9:8b:04:9c:
ef:43:05:9c:27:10:4a:f3:39:e5:47:06:40:46:0d:
48:8b:49:b3:77:9d:cf:6b:aa:82:7e:88:85:68:f2:
3b:9f:31:06:c5:f7:55:47:19:e3:cd:20:a8:94:9d:
b1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:33:7B:4C:91:98:A4:50:F6:5E:9C:20:CF:B0:C2:05:0E:DF:5D:72
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3DN7TJGYpFD2Xpwgz7DCBQ7fXXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.112.0/20
77.34.0.0/15
81.2.0.0/19
82.162.0.0/16
86.102.0.0/16
212.91.192.0/19
212.107.192.0/19
212.122.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:70:e1:53:c0:5b:5c:39:ee:02:19:4d:ee:73:51:26:20:0c:
33:53:f2:4d:15:ee:8f:75:02:bd:71:64:d6:c9:ff:a4:d2:b7:
8e:fe:90:38:03:cf:45:e6:1f:b1:68:22:1a:8d:0d:48:b7:f5:
5a:98:a1:51:05:f5:d0:4a:02:93:35:cf:f3:49:75:9d:18:a4:
20:76:a1:a4:66:73:12:e8:54:7e:9d:c8:dd:a2:e8:02:34:39:
90:2b:1f:91:34:5d:bf:cb:97:11:bd:81:a3:c3:7b:83:e5:1c:
87:a2:96:f4:93:0c:58:3b:f0:da:ae:3c:73:c9:99:a2:8b:61:
7f:ca:fe:ec:da:55:f1:27:30:04:20:69:d2:01:49:c0:61:95:
c8:73:0d:ed:5c:2b:1a:3f:9d:51:09:05:8f:c1:ec:f4:fe:c2:
eb:25:1b:d1:00:52:59:ad:41:08:22:69:4b:4c:cd:e9:56:af:
df:ff:96:6c:c4:16:6d:01:9a:27:14:71:71:c6:16:36:40:56:
d4:36:b5:6d:2f:7a:98:5b:36:55:c6:2e:f3:8c:6c:c0:3d:b4:
dd:d1:a7:f3:99:f6:0d:af:1f:48:b2:25:c1:d5:84:d1:11:db:
ae:52:97:57:a7:69:f4:78:c3:b0:a1:5b:2a:f9:be:bb:d2:c3:
6f:6c:f3:0c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY6jHFATGgnPgnTG1QrvJFL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAzMDgzODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzMzN2I0YzkxOThhNDUwZjY1ZTljMjBjZmIwYzIwNTBlZGY1ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTfSJVD7lWYZTTMKz+sLpTEOxRrU
Po1JdeYFdcqPlh4ERiYFDkXa2/AlZKKNZEfCS9+JqVtFbr1nYj/5p1xNUYteIH5a
KUF7CmOlQhMoJTlAH/vUW4eect3piaUYzyNhs3Zqr+Y39WfZ98wGQ01XBU04lT/p
0xyO5rDogYShrdXu3J2+SvO49+UwTUtF3HTPil8vILm07UJEZFKvardDeKdMw0FX
oWBWLvHDuNZuUzzotheAAJWxpsv7R5Vbsbr48qFfRHqU7O+jZ1Gmz6mLBJzvQwWc
JxBK8znlRwZARg1Ii0mzd53Pa6qCfoiFaPI7nzEGxfdVRxnjzSColJ2xbQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNwze0yRmKRQ9l6cIM+wwgUO311yMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvM0RON1RKR1lwRkQyWHB3Z3o3RENCUTdmWFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQEBY9wAwMB
TSIDBAVRAgADAwBSogMDAFZmAwQF1FvAAwQF1GvAAwQF1HoAMA0GCSqGSIb3DQEB
CwUAA4IBAQCKcOFTwFtcOe4CGU3uc1EmIAwzU/JNFe6PdQK9cWTWyf+k0reO/pA4
A89F5h+xaCIajQ1It/VamKFRBfXQSgKTNc/zSXWdGKQgdqGkZnMS6FR+ncjdougC
NDmQKx+RNF2/y5cRvYGjw3uD5RyHopb0kwxYO/DarjxzyZmii2F/yv7s2lXxJzAE
IGnSAUnAYZXIcw3tXCsaP51RCQWPwez0/sLrJRvRAFJZrUEIImlLTM3pVq/f/5Zs
xBZtAZonFHFxxhY2QFbUNrVtL3qYWzZVxi7zjGzAPbTd0afzmfYNrx9IsiXB1YTR
EduuUpdXp2n0eMOwoVsq+b670sNvbPMM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org