Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/3DmNKlQEFrc3RsZmJiF270D_PFk.roa
File: 3DmNKlQEFrc3RsZmJiF270D_PFk.roa (raw, json)
Hash identifier: HJyDjslZxFFGNxKyTXb6CYiywmjWmVck1TxHSWMO1K8=
Subject key identifier: DC:39:8D:2A:54:04:16:B7:37:46:C6:66:26:21:76:EF:40:FF:3C:59
Certificate issuer: /CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Certificate serial: 018BE73DBA27701ED13D4D7286C105A729E9
Authority key identifier: A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/3DmNKlQEFrc3RsZmJiF270D_PFk.roa
Signing time: Sun 19 Nov 2023 11:01:04 +0000
ROA not before: Sun 19 Nov 2023 11:01:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61025
IP address blocks: 185.17.236.0/23 maxlen: 24
2a03:dd40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e7:3d:ba:27:70:1e:d1:3d:4d:72:86:c1:05:a7:29:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Validity
Not Before: Nov 19 11:01:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc398d2a540416b73746c666262176ef40ff3c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:45:66:6a:f9:4d:f2:33:fa:47:91:b8:56:0c:
a5:84:ec:3a:4f:a3:bd:4e:0e:f0:06:78:4f:66:fd:
0a:44:97:f7:78:ac:90:d3:7a:11:af:72:cb:b1:05:
72:5f:50:b0:4c:2a:de:ba:6b:e5:b6:c0:ca:25:8a:
88:ad:cd:d6:03:df:91:46:74:34:96:a9:14:d2:c9:
40:cd:d8:7d:74:da:83:41:0d:77:33:e8:d8:e1:a6:
94:57:05:9f:14:29:2d:9f:01:53:95:34:bb:cc:0f:
a5:d3:03:6c:72:23:e6:7c:2f:30:d8:30:11:e2:1a:
1d:29:2f:e8:82:b0:f8:8b:79:48:a5:4b:49:dc:d8:
be:63:d8:e7:15:a8:f3:e0:c4:35:55:a8:46:f9:52:
5a:11:3d:a1:95:4f:b1:56:aa:85:33:05:41:41:42:
75:92:9e:aa:8d:20:aa:63:e3:6f:ad:6a:32:1c:33:
bd:90:90:37:89:79:f6:e7:4a:a7:ab:f0:c4:4a:f9:
83:bc:c6:7d:31:68:3a:0c:04:ba:9c:bb:25:4e:41:
48:0f:3a:6e:20:ad:85:ce:7c:c2:39:e1:57:0f:33:
8b:c8:cf:86:d6:cd:5b:22:5b:67:0f:3d:8c:a3:18:
3d:2e:88:82:0b:b1:80:52:6b:e6:d8:b7:17:4e:ed:
9c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:39:8D:2A:54:04:16:B7:37:46:C6:66:26:21:76:EF:40:FF:3C:59
X509v3 Authority Key Identifier:
keyid:A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/3DmNKlQEFrc3RsZmJiF270D_PFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.236.0/23
IPv6:
2a03:dd40::/32
Signature Algorithm: sha256WithRSAEncryption
a8:c3:9c:44:da:fb:54:7e:25:72:26:de:f3:1b:81:ce:34:cf:
4d:65:75:3f:3f:d8:c8:83:1e:00:2c:09:12:9e:9a:f9:42:0e:
ff:9b:30:8e:12:00:ee:e4:40:c1:7a:1f:bf:e0:40:61:79:92:
f9:2b:9c:cc:2f:7b:8c:44:41:75:73:3d:1a:ef:2f:ae:c5:90:
c2:21:20:b1:ef:ee:ed:22:02:52:38:f7:0c:10:50:a6:8a:6c:
d3:30:fd:45:bf:f8:bf:38:5e:d6:0a:72:1f:28:b4:e5:b6:d4:
4f:76:e2:bb:5d:ca:e3:b2:6b:12:5c:7c:88:76:11:90:55:cb:
cd:35:6d:3d:e3:ab:31:91:88:eb:98:ac:33:84:87:3c:e9:c5:
94:eb:43:ff:04:07:0e:1c:ca:fa:d4:be:aa:f8:e2:db:e4:c9:
39:88:04:d9:d4:48:f1:b8:b7:05:f4:19:a0:7f:1c:62:ba:68:
f2:22:f3:4d:03:30:ea:d6:9f:b4:95:7c:ab:d5:ad:34:7f:56:
de:fa:69:94:5b:f9:c9:a0:a9:aa:81:74:a8:56:74:10:6c:e0:
e0:e4:7b:2f:7f:c3:d2:c1:3d:8b:6f:a3:1d:b0:cb:47:47:15:
a0:d0:b2:8f:2c:aa:ee:7a:a7:4d:d2:d2:b4:31:4d:bf:24:8e:
b2:ce:33:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvnPboncB7RPU1yhsEFpynpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDlhY2E4NWRjNjZjODNjZTU1ZWNkYzA0NWM5NjA3NWNh
N2RlYmMwHhcNMjMxMTE5MTEwMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM5OGQyYTU0MDQxNmI3Mzc0NmM2NjYyNjIxNzZlZjQwZmYzYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0VmavlN8jP6R5G4VgylhOw6T6O9
Tg7wBnhPZv0KRJf3eKyQ03oRr3LLsQVyX1CwTCreumvltsDKJYqIrc3WA9+RRnQ0
lqkU0slAzdh9dNqDQQ13M+jY4aaUVwWfFCktnwFTlTS7zA+l0wNsciPmfC8w2DAR
4hodKS/ogrD4i3lIpUtJ3Ni+Y9jnFajz4MQ1VahG+VJaET2hlU+xVqqFMwVBQUJ1
kp6qjSCqY+NvrWoyHDO9kJA3iXn250qnq/DESvmDvMZ9MWg6DAS6nLslTkFIDzpu
IK2FznzCOeFXDzOLyM+G1s1bIltnDz2Moxg9LoiCC7GAUmvm2LcXTu2c2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNw5jSpUBBa3N0bGZiYhdu9A/zxZMB8GA1UdIwQY
MBaAFKdJrKhdxmyDzlXs3ARclgdcp968MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2Mt
NGM5ZjQzZjg3OGFiLzEvM0RtTktsUUVGcmMzUnNabUppRjI3MERfUEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2MtNGM5ZjQzZjg3OGFi
LzEvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuRHsMA0E
AgACMAcDBQAqA91AMA0GCSqGSIb3DQEBCwUAA4IBAQCow5xE2vtUfiVyJt7zG4HO
NM9NZXU/P9jIgx4ALAkSnpr5Qg7/mzCOEgDu5EDBeh+/4EBheZL5K5zML3uMREF1
cz0a7y+uxZDCISCx7+7tIgJSOPcMEFCmimzTMP1Fv/i/OF7WCnIfKLTlttRPduK7
XcrjsmsSXHyIdhGQVcvNNW0946sxkYjrmKwzhIc86cWU60P/BAcOHMr61L6q+OLb
5Mk5iATZ1EjxuLcF9BmgfxxiumjyIvNNAzDq1p+0lXyr1a00f1be+mmUW/nJoKmq
gXSoVnQQbODg5Hsvf8PSwT2Lb6MdsMtHRxWg0LKPLKrueqdN0tK0MU2/JI6yzjPU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:52 2024 by rpki-client on console-fra.rpki-client.org