Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/3dRgea9HdDtfh4j-nJBmW0MfRQY.roa
File: 3dRgea9HdDtfh4j-nJBmW0MfRQY.roa (raw, json)
Hash identifier: CpWUTVr1MRRle0rYj0gsCRcSrTxJEssx+WvqcudzqPY=
Subject key identifier: DD:D4:60:79:AF:47:74:3B:5F:87:88:FE:9C:90:66:5B:43:1F:45:06
Certificate issuer: /CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Certificate serial: 018D0D471CA2204413ECEA4F7CC0E460E057
Authority key identifier: B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/3dRgea9HdDtfh4j-nJBmW0MfRQY.roa
Signing time: Mon 15 Jan 2024 13:19:40 +0000
ROA not before: Mon 15 Jan 2024 13:19:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393559
IP address blocks: 185.230.180.0/22 maxlen: 24
185.230.181.0/24 maxlen: 24
2a13:d00:cf00::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 11:20:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:47:1c:a2:20:44:13:ec:ea:4f:7c:c0:e4:60:e0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Validity
Not Before: Jan 15 13:19:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddd46079af47743b5f8788fe9c90665b431f4506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b9:56:0c:76:22:8e:0c:0f:ae:cc:0e:dc:09:
a4:ac:60:d7:9a:a5:e9:f6:d9:c9:15:bf:68:a9:0d:
18:80:99:19:67:61:18:9c:6e:74:41:c1:0c:d0:11:
87:4a:8c:e5:83:3e:a9:10:e9:f3:f3:18:ef:18:e3:
87:05:88:59:a3:79:3a:74:c1:33:82:c2:27:70:95:
ee:64:11:3c:01:02:5d:cb:b4:bd:3a:e7:b5:1a:1e:
9f:64:e7:d5:8b:e6:57:db:a5:fa:3b:3c:70:5a:af:
b9:27:7d:25:17:8d:7c:d3:cd:12:ab:d6:0c:cd:f9:
dd:9b:ae:e1:bb:6f:82:bc:43:21:90:29:a7:f2:ba:
25:ea:7c:f4:85:35:b7:b1:79:0c:ab:e6:9c:d3:eb:
76:66:33:2d:05:33:76:3d:9a:69:84:b6:b6:ce:fd:
07:f6:61:04:77:38:c7:01:6d:73:2c:bd:05:cd:51:
af:4e:96:45:db:9f:a1:de:ee:ca:4c:c6:6d:3d:ee:
13:ba:dd:f7:d1:2d:c0:71:43:a6:fe:c6:00:54:5b:
33:37:37:54:c0:3c:7e:e9:db:51:b8:80:3e:56:e9:
a7:84:80:ae:de:39:1e:24:67:d3:46:b0:12:b2:bc:
e7:4b:e1:8b:48:21:d7:18:d1:83:9a:59:ad:dc:e2:
83:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D4:60:79:AF:47:74:3B:5F:87:88:FE:9C:90:66:5B:43:1F:45:06
X509v3 Authority Key Identifier:
keyid:B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/3dRgea9HdDtfh4j-nJBmW0MfRQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.180.0/22
IPv6:
2a13:d00:cf00::/40
Signature Algorithm: sha256WithRSAEncryption
98:1c:f3:70:e7:82:75:42:5f:cd:cd:a3:cb:82:84:eb:1d:41:
fd:d0:3e:56:3e:21:29:29:b7:b5:c1:e7:ae:0e:ed:10:c9:f5:
fd:65:6a:fc:df:d5:4c:fb:cc:23:af:1e:ab:83:8a:2c:31:be:
85:01:c8:4e:ab:31:f8:f1:ad:ac:b3:d0:66:96:bf:2c:6d:49:
04:22:5f:53:e5:78:ef:18:57:da:c6:da:a7:8c:ee:df:e0:b3:
9b:8f:a2:da:76:9a:c4:8e:56:2a:30:ba:cd:0d:23:0e:19:b9:
cb:b6:b2:2e:9c:f4:c6:ca:9b:77:15:69:14:e0:b8:4d:61:b4:
a4:9e:7d:fd:20:db:91:c4:60:ee:3a:b7:f3:d5:40:ac:5e:f2:
b5:77:fa:b0:ba:65:cb:ac:ea:a5:ce:a4:cd:9e:37:0a:1e:c8:
7e:3e:af:52:3e:16:1c:0e:f9:69:f6:b1:25:78:4e:d7:b2:ae:
61:94:21:2a:eb:80:ea:c6:7b:de:7b:1c:8b:41:a9:86:a1:8a:
1c:98:56:63:b7:22:cc:d1:73:d6:15:5b:3b:ee:70:b5:81:58:
34:86:a8:80:37:01:d6:52:51:ed:18:89:9a:8b:50:22:1c:1e:
e1:f7:f7:f6:da:51:25:c5:3c:9d:73:82:24:0f:2a:e4:d9:93:
2f:07:9f:8c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY0NRxyiIEQT7OpPfMDkYOBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWJkODRkYTE3OTk3Y2JiMjg2YWY5MDIyYWIyZTA1YmEw
OGI0NDIwHhcNMjQwMTE1MTMxOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ0NjA3OWFmNDc3NDNiNWY4Nzg4ZmU5YzkwNjY1YjQzMWY0NTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0blWDHYijgwPrswO3AmkrGDXmqXp
9tnJFb9oqQ0YgJkZZ2EYnG50QcEM0BGHSozlgz6pEOnz8xjvGOOHBYhZo3k6dMEz
gsIncJXuZBE8AQJdy7S9Oue1Gh6fZOfVi+ZX26X6OzxwWq+5J30lF418080Sq9YM
zfndm67hu2+CvEMhkCmn8rol6nz0hTW3sXkMq+ac0+t2ZjMtBTN2PZpphLa2zv0H
9mEEdzjHAW1zLL0FzVGvTpZF25+h3u7KTMZtPe4Tut330S3AcUOm/sYAVFszNzdU
wDx+6dtRuIA+VumnhICu3jkeJGfTRrASsrznS+GLSCHXGNGDmlmt3OKDiwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN3UYHmvR3Q7X4eI/pyQZltDH0UGMB8GA1UdIwQY
MBaAFLSb2E2heZfLsoavkCKrLgW6CLRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2It
MGM5MDliZjViZTRkLzEvM2RSZ2VhOUhkRHRmaDRqLW5KQm1XME1mUlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2ItMGM5MDliZjViZTRk
LzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuea0MA4E
AgACMAgDBgAqEw0AzzANBgkqhkiG9w0BAQsFAAOCAQEAmBzzcOeCdUJfzc2jy4KE
6x1B/dA+Vj4hKSm3tcHnrg7tEMn1/WVq/N/VTPvMI68eq4OKLDG+hQHITqsx+PGt
rLPQZpa/LG1JBCJfU+V47xhX2sbap4zu3+Czm4+i2naaxI5WKjC6zQ0jDhm5y7ay
Lpz0xsqbdxVpFOC4TWG0pJ59/SDbkcRg7jq389VArF7ytXf6sLply6zqpc6kzZ43
Ch7Ifj6vUj4WHA75afaxJXhO17KuYZQhKuuA6sZ73nsci0GphqGKHJhWY7cizNFz
1hVbO+5wtYFYNIaogDcB1lJR7RiJmotQIhwe4ff39tpRJcU8nXOCJA8q5NmTLwef
jA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:53 2024 by rpki-client on console-ams.rpki-client.org