Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/3LXqYj8wfCuZM-GsgzzXEXZjVxs.roa
File: 3LXqYj8wfCuZM-GsgzzXEXZjVxs.roa (raw, json)
Hash identifier: MotyEbCOfKHQmDocbODySceF/ETao0EbkCzQJTPW64Q=
Subject key identifier: DC:B5:EA:62:3F:30:7C:2B:99:33:E1:AC:83:3C:D7:11:76:63:57:1B
Certificate issuer: /CN=64b59ae521952da55e03f779b885031c0c809cf9
Certificate serial: 0185724C582D6B44C8FF49E00C89D1E08033
Authority key identifier: 64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/3LXqYj8wfCuZM-GsgzzXEXZjVxs.roa
Signing time: Mon 02 Jan 2023 11:44:43 +0000
ROA not before: Mon 02 Jan 2023 11:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210897
IP address blocks: 103.56.172.0/24 maxlen: 24
194.8.135.0/24 maxlen: 24
2a11:2b80::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Jun 2023 12:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:58:2d:6b:44:c8:ff:49:e0:0c:89:d1:e0:80:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b59ae521952da55e03f779b885031c0c809cf9
Validity
Not Before: Jan 2 11:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcb5ea623f307c2b9933e1ac833cd7117663571b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:08:df:db:cf:1f:69:89:24:e8:a3:65:1d:b4:
cb:88:f4:e5:c3:32:c2:dc:18:72:68:52:e4:f4:73:
fa:c5:62:53:e1:f6:4c:15:b8:9f:f0:19:61:57:90:
95:68:19:3b:15:1d:e0:dc:8f:63:ed:93:8a:32:d9:
2c:fa:1e:59:b8:bb:b0:f9:40:9a:74:fd:1a:8a:5e:
88:ae:41:93:24:0b:1f:bb:9e:00:6d:a8:37:48:9a:
20:2c:26:a2:96:44:10:30:4d:46:48:b4:50:68:a4:
20:97:da:b6:dd:70:98:31:1f:78:ee:ef:7b:8b:f8:
0d:e6:a9:d6:39:41:17:e1:b1:2b:74:b8:74:58:fc:
db:a2:96:78:a8:60:fa:6d:90:d0:b0:d8:02:18:21:
ae:0f:ee:be:7a:f5:e8:75:0c:ac:da:4a:4c:78:55:
d8:d2:ba:1b:e0:86:da:fd:ba:98:39:df:fd:8e:33:
71:bc:df:05:e4:1f:da:6f:e7:4f:d6:6b:08:aa:23:
5d:0a:1a:27:fd:03:52:ba:b3:ae:79:05:1d:cb:e9:
f5:18:e9:bb:9d:7a:75:76:26:38:b5:de:da:79:96:
7c:6b:6c:31:73:2f:f4:23:48:31:73:ce:e7:65:86:
b9:13:6f:72:8e:12:bc:3a:73:28:ec:9b:7f:fb:a9:
ee:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B5:EA:62:3F:30:7C:2B:99:33:E1:AC:83:3C:D7:11:76:63:57:1B
X509v3 Authority Key Identifier:
keyid:64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/3LXqYj8wfCuZM-GsgzzXEXZjVxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.56.172.0/24
194.8.135.0/24
IPv6:
2a11:2b80::/32
Signature Algorithm: sha256WithRSAEncryption
33:b6:3d:b6:85:1c:71:29:fa:00:bb:1b:96:9f:d8:71:a8:b3:
30:ff:0e:74:49:c3:2f:ce:b6:1e:de:96:73:b1:5e:24:a1:6e:
b9:d7:77:27:a5:36:c6:d7:a6:0b:10:9a:81:c7:95:73:4a:6b:
b9:0d:e2:c4:9e:ea:58:d3:e1:6d:09:84:99:0c:4b:51:c0:d7:
88:43:36:f4:53:76:25:f5:61:8a:60:46:b6:7a:b8:8d:eb:1c:
af:29:d2:10:8c:8e:47:8b:dc:5b:06:36:9b:f7:1d:cf:df:f0:
98:c2:9b:a2:b9:fb:30:b0:f0:82:74:54:99:d7:f6:5c:cc:60:
31:c3:6a:ad:a3:2f:55:9f:af:66:be:6f:4a:dc:4d:2f:a2:1c:
62:de:3f:bb:a9:2c:51:c2:1b:a7:37:b7:8b:f5:9d:1b:1f:e7:
42:ac:dd:90:68:bd:43:37:d1:20:ce:2d:8e:6e:82:9a:c5:b7:
05:ee:d1:42:ba:f0:71:ae:67:a0:b6:cc:5d:7a:f8:7c:4c:2b:
5a:f7:f1:d0:b3:34:37:da:5f:86:f7:49:1b:8c:c6:86:e1:38:
91:1d:8b:4b:03:56:6a:7d:e6:ec:b0:af:5e:54:c3:fb:26:f3:
de:9f:91:b5:0b:b8:b0:b6:97:05:aa:15:85:70:e9:16:c6:f8:
6b:ab:ff:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyTFgta0TI/0ngDInR4IAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjU5YWU1MjE5NTJkYTU1ZTAzZjc3OWI4ODUwMzFjMGM4
MDljZjkwHhcNMjMwMTAyMTE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2I1ZWE2MjNmMzA3YzJiOTkzM2UxYWM4MzNjZDcxMTc2NjM1NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngjf288faYkk6KNlHbTLiPTlwzLC
3BhyaFLk9HP6xWJT4fZMFbif8BlhV5CVaBk7FR3g3I9j7ZOKMtks+h5ZuLuw+UCa
dP0ail6IrkGTJAsfu54Abag3SJogLCailkQQME1GSLRQaKQgl9q23XCYMR947u97
i/gN5qnWOUEX4bErdLh0WPzbopZ4qGD6bZDQsNgCGCGuD+6+evXodQys2kpMeFXY
0rob4Iba/bqYOd/9jjNxvN8F5B/ab+dP1msIqiNdChon/QNSurOueQUdy+n1GOm7
nXp1diY4td7aeZZ8a2wxcy/0I0gxc87nZYa5E29yjhK8OnMo7Jt/+6nu2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNy16mI/MHwrmTPhrIM81xF2Y1cbMB8GA1UdIwQY
MBaAFGS1muUhlS2lXgP3ebiFAxwMgJz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQt
NTFhZDAwZTU0MzMyLzEvM0xYcVlqOHdmQ3VaTS1Hc2d6elhFWFpqVnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQtNTFhZDAwZTU0MzMy
LzEvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAZzisAwQA
wgiHMA0EAgACMAcDBQAqESuAMA0GCSqGSIb3DQEBCwUAA4IBAQAztj22hRxxKfoA
uxuWn9hxqLMw/w50ScMvzrYe3pZzsV4koW6513cnpTbG16YLEJqBx5VzSmu5DeLE
nupY0+FtCYSZDEtRwNeIQzb0U3Yl9WGKYEa2eriN6xyvKdIQjI5Hi9xbBjab9x3P
3/CYwpuiufswsPCCdFSZ1/ZczGAxw2qtoy9Vn69mvm9K3E0vohxi3j+7qSxRwhun
N7eL9Z0bH+dCrN2QaL1DN9Egzi2OboKaxbcF7tFCuvBxrmegtsxdevh8TCta9/HQ
szQ32l+G90kbjMaG4TiRHYtLA1ZqfebssK9eVMP7JvPen5G1C7iwtpcFqhWFcOkW
xvhrq/94
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:44 2024 by rpki-client on console-fra.rpki-client.org