Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/tR_3WdVxMcYfshmiwaXKDtwDes8.roa
File: tR_3WdVxMcYfshmiwaXKDtwDes8.roa (raw, json)
Hash identifier: UDmFXBknQLDAbYLsFp1MBH0pCgzhD6zEt54C6zFTZ7Q=
Subject key identifier: B5:1F:F7:59:D5:71:31:C6:1F:B2:19:A2:C1:A5:CA:0E:DC:03:7A:CF
Certificate issuer: /CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Certificate serial: 018BE73DB9647566FE9CC331EFA861D01BEB
Authority key identifier: A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/tR_3WdVxMcYfshmiwaXKDtwDes8.roa
Signing time: Sun 19 Nov 2023 11:01:03 +0000
ROA not before: Sun 19 Nov 2023 11:01:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35600
IP address blocks: 185.17.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e7:3d:b9:64:75:66:fe:9c:c3:31:ef:a8:61:d0:1b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Validity
Not Before: Nov 19 11:01:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b51ff759d57131c61fb219a2c1a5ca0edc037acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:20:40:b3:3f:d1:64:db:0b:7b:7a:9d:e0:29:
b2:d2:c9:00:fc:cd:cc:cb:17:e8:f7:9c:d4:f6:40:
18:98:3a:3e:47:03:3e:da:b3:d1:07:2d:67:c9:81:
9e:1f:d7:52:88:c5:85:1d:39:3f:ce:5e:f4:9e:cb:
4d:29:25:ab:ff:8e:97:8f:6d:41:bd:21:85:9b:38:
30:02:5c:16:22:86:5e:04:06:a9:ee:aa:46:86:5e:
97:6d:5f:73:72:28:d0:16:15:01:cd:89:c2:68:81:
97:34:2a:31:79:31:ae:03:e4:3a:e8:77:68:39:a1:
49:1a:5b:11:34:79:b9:ee:92:2d:d4:36:09:6d:bc:
74:ae:e2:98:5b:a0:52:b9:c3:f2:ad:7f:7d:8a:ee:
5c:e1:58:8b:9a:e4:7f:2b:82:10:6d:5e:14:b3:3e:
4c:bb:ac:92:c8:7e:7c:c2:b8:02:03:30:22:82:b5:
47:01:0c:ac:f1:2d:25:a4:c1:b2:0c:6d:11:d5:85:
f1:5f:4d:2d:ed:17:0c:0d:85:f0:ec:f9:e6:0d:58:
22:7c:dd:59:bb:ab:56:9e:72:b0:3f:fd:f7:39:20:
2a:b2:23:cc:bd:9b:fe:10:d6:a6:d2:78:ed:a9:38:
ff:bd:e9:bd:27:48:0e:63:0d:7d:70:d5:c0:ba:d7:
18:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1F:F7:59:D5:71:31:C6:1F:B2:19:A2:C1:A5:CA:0E:DC:03:7A:CF
X509v3 Authority Key Identifier:
keyid:A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/tR_3WdVxMcYfshmiwaXKDtwDes8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.237.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7b:28:4b:ac:6c:fa:9c:7b:2b:5a:00:73:a7:9f:87:2e:4c:
17:95:b9:de:42:46:b3:6c:fd:1c:c3:9a:38:30:1c:34:3b:96:
36:d2:78:c8:c7:f2:ed:27:3d:92:38:96:fb:69:36:06:80:28:
86:ae:1c:59:74:87:9d:fd:89:0d:54:ad:cd:46:32:a9:d8:62:
39:a7:8f:03:a9:78:28:f2:13:64:0d:d9:73:1e:70:dc:ee:52:
94:ea:1c:aa:c5:63:49:a7:d8:05:f2:ac:24:c9:86:fb:30:a2:
ba:8b:06:2a:a0:b0:a7:47:6d:82:6b:c4:1a:46:7c:c9:78:ea:
52:9c:2b:36:3b:9c:a1:29:e3:97:7d:dd:70:8f:e2:8c:28:86:
26:87:71:39:16:e6:8c:26:43:64:4d:21:46:43:fe:d8:bc:58:
0b:ef:33:c2:07:8f:87:ac:0b:30:ef:e3:93:ad:30:8c:32:d7:
2a:30:27:34:cd:ae:1a:9a:d6:29:cc:c1:ff:81:3e:ad:cc:ef:
7a:76:56:5d:a0:52:dd:9b:6f:57:41:2e:df:49:d2:93:74:bf:
d7:78:fa:db:c0:9b:a6:af:1c:89:80:25:43:19:5f:c6:39:fb:
2e:31:8d:11:79:a4:a8:84:a9:71:48:a0:d3:87:1e:cb:a5:69:
78:41:2b:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvnPblkdWb+nMMx76hh0BvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDlhY2E4NWRjNjZjODNjZTU1ZWNkYzA0NWM5NjA3NWNh
N2RlYmMwHhcNMjMxMTE5MTEwMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFmZjc1OWQ1NzEzMWM2MWZiMjE5YTJjMWE1Y2EwZWRjMDM3YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyBAsz/RZNsLe3qd4Cmy0skA/M3M
yxfo95zU9kAYmDo+RwM+2rPRBy1nyYGeH9dSiMWFHTk/zl70nstNKSWr/46Xj21B
vSGFmzgwAlwWIoZeBAap7qpGhl6XbV9zcijQFhUBzYnCaIGXNCoxeTGuA+Q66Hdo
OaFJGlsRNHm57pIt1DYJbbx0ruKYW6BSucPyrX99iu5c4ViLmuR/K4IQbV4Usz5M
u6ySyH58wrgCAzAigrVHAQys8S0lpMGyDG0R1YXxX00t7RcMDYXw7PnmDVgifN1Z
u6tWnnKwP/33OSAqsiPMvZv+ENam0njtqTj/vem9J0gOYw19cNXAutcYTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUf91nVcTHGH7IZosGlyg7cA3rPMB8GA1UdIwQY
MBaAFKdJrKhdxmyDzlXs3ARclgdcp968MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2Mt
NGM5ZjQzZjg3OGFiLzEvdFJfM1dkVnhNY1lmc2htaXdhWEtEdHdEZXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2MtNGM5ZjQzZjg3OGFi
LzEvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRHtMA0G
CSqGSIb3DQEBCwUAA4IBAQAweyhLrGz6nHsrWgBzp5+HLkwXlbneQkazbP0cw5o4
MBw0O5Y20njIx/LtJz2SOJb7aTYGgCiGrhxZdIed/YkNVK3NRjKp2GI5p48DqXgo
8hNkDdlzHnDc7lKU6hyqxWNJp9gF8qwkyYb7MKK6iwYqoLCnR22Ca8QaRnzJeOpS
nCs2O5yhKeOXfd1wj+KMKIYmh3E5FuaMJkNkTSFGQ/7YvFgL7zPCB4+HrAsw7+OT
rTCMMtcqMCc0za4amtYpzMH/gT6tzO96dlZdoFLdm29XQS7fSdKTdL/XePrbwJum
rxyJgCVDGV/GOfsuMY0ReaSohKlxSKDThx7LpWl4QStQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:19 2024 by rpki-client on console-ams.rpki-client.org