Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/3WfHzNobtNBApifTvbwS_cKWK68.roa
File: 3WfHzNobtNBApifTvbwS_cKWK68.roa (raw, json)
Hash identifier: yL7N6ia00tEVYB3xg3gCU9E79K00Zx2MAYvacnfxFFU=
Subject key identifier: DD:67:C7:CC:DA:1B:B4:D0:40:A6:27:D3:BD:BC:12:FD:C2:96:2B:AF
Certificate issuer: /CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Certificate serial: 018C43948153AE173E63A4C04FD10FA6B405
Authority key identifier: 15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/3WfHzNobtNBApifTvbwS_cKWK68.roa
Signing time: Thu 07 Dec 2023 09:20:55 +0000
ROA not before: Thu 07 Dec 2023 09:20:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61221
IP address blocks: 185.14.244.0/24 maxlen: 24
185.14.244.0/23 maxlen: 23
185.14.246.0/24 maxlen: 24
185.14.245.0/24 maxlen: 24
185.14.246.0/23 maxlen: 23
185.14.247.0/24 maxlen: 24
5.252.144.0/24 maxlen: 24
5.252.146.0/24 maxlen: 24
2a03:b840:12::/48 maxlen: 48
2a03:b840:2::/48 maxlen: 48
2a03:b840:100::/48 maxlen: 48
2a03:b840:3::/48 maxlen: 64
2a03:b840:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:94:81:53:ae:17:3e:63:a4:c0:4f:d1:0f:a6:b4:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Validity
Not Before: Dec 7 09:20:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd67c7ccda1bb4d040a627d3bdbc12fdc2962baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:16:04:b3:19:0b:9d:d2:b4:8f:f7:5b:b0:b5:
22:5d:5f:45:e2:aa:11:a0:03:f0:fd:8f:5d:82:ce:
27:50:e7:d6:1a:d5:01:ef:3b:4e:6d:de:87:7a:b7:
2d:9e:f3:79:41:32:b2:82:98:a0:1e:31:e3:21:80:
1c:76:7e:a2:67:07:05:0a:dd:d2:91:8e:2f:c1:68:
72:05:ab:8b:2c:8f:b5:55:58:c8:51:41:85:5e:23:
e7:b5:a9:68:cc:4a:d1:93:bc:22:3f:00:d0:d4:d9:
d9:a0:de:cb:92:46:a8:5d:5a:6d:a0:13:97:54:c2:
fa:73:6d:9c:a6:ca:3c:f8:ad:08:67:40:ec:c6:97:
3b:62:bc:83:80:51:47:0e:e1:8c:27:d5:63:5a:4c:
26:34:f8:60:c7:9c:5c:2b:5b:74:ad:1a:b2:fc:aa:
48:1e:ca:29:b8:8b:4e:18:2a:82:7d:55:62:ee:d4:
08:59:60:26:1d:52:af:49:58:ea:ab:3e:bb:da:c4:
68:fb:02:33:25:11:58:70:1b:e0:d8:47:82:4d:7a:
99:09:3b:39:3e:b0:92:d0:2c:ee:79:44:88:97:01:
39:fd:60:57:96:0b:53:f8:5b:9c:6e:df:3c:3e:9e:
56:cd:aa:4d:e9:b5:99:e1:6c:46:7f:89:d1:5f:75:
b5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:67:C7:CC:DA:1B:B4:D0:40:A6:27:D3:BD:BC:12:FD:C2:96:2B:AF
X509v3 Authority Key Identifier:
keyid:15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/3WfHzNobtNBApifTvbwS_cKWK68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/FVCvriuu-2uI-XUbsyGOs5uUtXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.144.0/24
5.252.146.0/24
185.14.244.0/22
IPv6:
2a03:b840:2::/47
2a03:b840:12::/47
2a03:b840:100::/48
Signature Algorithm: sha256WithRSAEncryption
7c:0f:d0:c0:dc:c6:d3:78:36:97:8d:a9:17:71:bd:a5:07:53:
e4:b2:16:58:0b:15:24:e8:ae:40:3c:99:69:38:c8:ba:83:73:
63:a7:b3:9d:1e:24:41:e7:96:8d:e9:69:2a:02:c4:f4:c9:24:
92:2c:2b:7e:d4:42:84:56:cc:db:57:e5:47:ee:e2:10:3a:9f:
91:4c:ae:b7:3c:5a:a2:71:21:59:7e:1f:d8:f9:a0:26:cd:bc:
69:43:14:19:19:67:15:f0:9f:84:d8:40:27:78:b6:9f:70:c5:
37:83:25:07:90:e5:0d:23:45:ad:26:36:ad:49:d6:d0:53:7d:
43:b4:ff:3a:48:92:7c:c9:c1:a6:eb:12:88:ee:5b:f6:a2:65:
1e:6a:fb:2e:bf:0b:62:34:12:5e:a2:f6:6c:30:8a:0b:87:35:
8f:30:8a:66:5b:f5:99:a6:a8:51:a2:92:6c:85:b7:6e:46:41:
04:1a:cb:fa:a7:a1:7e:f5:f8:d0:82:92:b1:99:05:ea:20:33:
33:24:49:5b:ca:9f:fa:fe:84:26:f9:c0:89:ff:d7:a8:d0:8e:
71:df:60:fc:cc:e9:d9:be:e5:f8:69:72:20:84:ea:64:47:40:
e9:86:96:ec:de:63:77:cc:90:92:a7:55:f2:28:1b:52:ae:a8:
be:7b:ba:79
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYxDlIFTrhc+Y6TAT9EPprQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NTBhZmFlMmJhZWZiNmI4OGY5NzUxYmIzMjE4ZWIzOWI5
NGI1NzYwHhcNMjMxMjA3MDkyMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY3YzdjY2RhMWJiNGQwNDBhNjI3ZDNiZGJjMTJmZGMyOTYyYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hYEsxkLndK0j/dbsLUiXV9F4qoR
oAPw/Y9dgs4nUOfWGtUB7ztObd6HerctnvN5QTKygpigHjHjIYAcdn6iZwcFCt3S
kY4vwWhyBauLLI+1VVjIUUGFXiPntalozErRk7wiPwDQ1NnZoN7LkkaoXVptoBOX
VML6c22cpso8+K0IZ0Dsxpc7YryDgFFHDuGMJ9VjWkwmNPhgx5xcK1t0rRqy/KpI
HsopuItOGCqCfVVi7tQIWWAmHVKvSVjqqz672sRo+wIzJRFYcBvg2EeCTXqZCTs5
PrCS0CzueUSIlwE5/WBXlgtT+Fucbt88Pp5WzapN6bWZ4WxGf4nRX3W1hwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFN1nx8zaG7TQQKYn0728Ev3CliuvMB8GA1UdIwQY
MBaAFBVQr64rrvtriPl1G7MhjrOblLV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlZDdnJpdXUtMnVJLVhVYnN5R09zNXVVdFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82Mjc4YzYtYzIwMS00NzQwLWE1ZjEt
NjZkNjcxZjg0MmIzLzEvM1dmSHpOb2J0TkJBcGlmVHZid1NfY0tXSzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82Mjc4YzYtYzIwMS00NzQwLWE1ZjEtNjZkNjcxZjg0MmIz
LzEvRlZDdnJpdXUtMnVJLVhVYnN5R09zNXVVdFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQABfyQAwQA
BfySAwQCuQ70MCEEAgACMBsDBwEqA7hAAAIDBwEqA7hAABIDBwAqA7hAAQAwDQYJ
KoZIhvcNAQELBQADggEBAHwP0MDcxtN4NpeNqRdxvaUHU+SyFlgLFSTorkA8mWk4
yLqDc2Ons50eJEHnlo3paSoCxPTJJJIsK37UQoRWzNtX5Ufu4hA6n5FMrrc8WqJx
IVl+H9j5oCbNvGlDFBkZZxXwn4TYQCd4tp9wxTeDJQeQ5Q0jRa0mNq1J1tBTfUO0
/zpIknzJwabrEojuW/aiZR5q+y6/C2I0El6i9mwwiguHNY8wimZb9ZmmqFGikmyF
t25GQQQay/qnoX71+NCCkrGZBeogMzMkSVvKn/r+hCb5wIn/16jQjnHfYPzM6dm+
5fhpciCE6mRHQOmGluzeY3fMkJKnVfIoG1KuqL57unk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:57 2024 by rpki-client on console-ams.rpki-client.org