Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/X3fQfSvvL2VFvm6AG458v1s3sRc.roa
File: X3fQfSvvL2VFvm6AG458v1s3sRc.roa (raw, json)
Hash identifier: PGU6kEEmaX6zilwjVniBU91an+gdvCKl42Wv5werJ1U=
Subject key identifier: 5F:77:D0:7D:2B:EF:2F:65:45:BE:6E:80:1B:8E:7C:BF:5B:37:B1:17
Certificate issuer: /CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Certificate serial: 0185727103224B84AE99B31F844418D182CE
Authority key identifier: 3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/X3fQfSvvL2VFvm6AG458v1s3sRc.roa
Signing time: Mon 02 Jan 2023 12:24:46 +0000
ROA not before: Mon 02 Jan 2023 12:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206398
IP address blocks: 185.178.187.0/24 maxlen: 24
2a0a:6680:a000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:03:22:4b:84:ae:99:b3:1f:84:44:18:d1:82:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Validity
Not Before: Jan 2 12:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f77d07d2bef2f6545be6e801b8e7cbf5b37b117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:55:c2:c4:24:d9:26:8a:9e:36:d3:4d:f9:6f:
4a:7c:90:97:7b:3b:6f:13:c8:78:b6:a0:cd:11:51:
e9:c7:5a:b7:86:36:e8:10:f6:dd:c6:70:0a:f9:8e:
67:92:d4:17:cb:cf:37:1e:ac:d2:ab:02:1c:73:99:
45:d2:09:d1:fb:5b:a0:c8:4a:e1:1c:50:ba:b5:f6:
9f:81:b5:f2:56:a9:fe:a9:f4:a8:42:80:1e:dc:d8:
17:06:3a:0d:f8:86:a0:84:49:19:5f:9f:37:73:c4:
a9:fa:5e:00:97:a1:ed:ca:94:28:d1:18:ee:aa:b7:
1b:c1:48:7b:80:90:c1:18:fc:7a:1e:64:68:6d:14:
fb:0a:7b:7b:55:b9:fe:13:e0:25:52:08:49:67:c1:
f8:33:e4:fc:1f:1d:51:78:78:64:d8:62:ec:5d:ec:
f5:a1:70:65:1f:3d:66:d8:91:28:17:d9:95:c0:ba:
e3:ed:42:df:5c:76:79:87:1d:c6:c6:77:f2:eb:da:
b1:de:4a:8e:a4:04:b1:40:1e:b1:0d:3d:c7:f2:40:
c5:d1:74:a1:dc:36:33:07:67:c6:10:34:00:23:2a:
2f:25:08:7c:b6:90:85:5a:c2:1f:7c:c8:9b:86:2e:
6e:d3:b3:9b:a6:5e:a1:5f:a5:21:83:eb:92:0e:a1:
36:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:77:D0:7D:2B:EF:2F:65:45:BE:6E:80:1B:8E:7C:BF:5B:37:B1:17
X509v3 Authority Key Identifier:
keyid:3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/X3fQfSvvL2VFvm6AG458v1s3sRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.187.0/24
IPv6:
2a0a:6680:a000::/36
Signature Algorithm: sha256WithRSAEncryption
0e:88:fe:e8:65:d3:ac:bd:c9:88:78:61:59:76:79:29:74:a1:
f9:47:c4:29:3a:98:b1:ba:c6:44:15:9a:7e:31:75:09:8d:bf:
ed:0c:01:d0:61:27:74:0f:0a:ff:42:5d:4c:eb:a1:6f:98:e3:
b6:a4:25:c2:5c:3c:da:69:b9:79:8a:be:0d:07:15:73:28:10:
d5:59:d3:5d:8c:c4:28:05:65:0b:95:20:18:31:6c:54:ed:ee:
94:82:d9:0d:38:f3:01:41:25:9a:f2:6e:5e:5d:0e:24:50:92:
4e:5f:27:24:c8:52:8e:0c:f5:05:18:81:3c:03:9b:90:59:d2:
71:9d:44:39:32:96:de:86:45:32:8c:67:59:8e:eb:0a:60:d0:
c9:02:5e:fc:9c:aa:24:dd:c4:d9:01:a2:78:e4:68:39:fa:51:
25:d7:21:d0:18:3e:9c:d1:8e:b5:16:29:7e:c9:fe:5a:dd:4f:
56:2c:84:a7:7f:c0:90:80:5a:7a:06:e5:cb:f3:76:2e:98:f6:
fc:74:08:5a:ca:51:96:5f:e3:88:90:52:f7:d4:96:67:f0:a1:
b7:83:c6:00:89:af:8b:3d:73:74:f6:63:9c:70:f2:03:6e:52:
ea:ac:ce:c0:78:f5:60:ac:a3:92:10:70:0b:e7:84:6f:b3:6a:
6e:5c:7b:fa
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVycQMiS4SumbMfhEQY0YLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzc4ZjMzZThlMTE4NzMyNzY2N2ZhOTRmZDc0NDZiOGQ5
MWU1YjQwHhcNMjMwMTAyMTIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc3ZDA3ZDJiZWYyZjY1NDViZTZlODAxYjhlN2NiZjViMzdiMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VXCxCTZJoqeNtNN+W9KfJCXeztv
E8h4tqDNEVHpx1q3hjboEPbdxnAK+Y5nktQXy883HqzSqwIcc5lF0gnR+1ugyErh
HFC6tfafgbXyVqn+qfSoQoAe3NgXBjoN+IaghEkZX583c8Sp+l4Al6HtypQo0Rju
qrcbwUh7gJDBGPx6HmRobRT7Cnt7Vbn+E+AlUghJZ8H4M+T8Hx1ReHhk2GLsXez1
oXBlHz1m2JEoF9mVwLrj7ULfXHZ5hx3Gxnfy69qx3kqOpASxQB6xDT3H8kDF0XSh
3DYzB2fGEDQAIyovJQh8tpCFWsIffMibhi5u07Obpl6hX6Uhg+uSDqE2xwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF930H0r7y9lRb5ugBuOfL9bN7EXMB8GA1UdIwQY
MBaAFDrHjzPo4RhzJ2Z/qU/XRGuNkeW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEt
ZGMwMWY0YjRiYWU0LzEvWDNmUWZTdnZMMlZGdm02QUc0NTh2MXMzc1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEtZGMwMWY0YjRiYWU0
LzEvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAubK7MA4E
AgACMAgDBgQqCmaAoDANBgkqhkiG9w0BAQsFAAOCAQEADoj+6GXTrL3JiHhhWXZ5
KXSh+UfEKTqYsbrGRBWafjF1CY2/7QwB0GEndA8K/0JdTOuhb5jjtqQlwlw82mm5
eYq+DQcVcygQ1VnTXYzEKAVlC5UgGDFsVO3ulILZDTjzAUElmvJuXl0OJFCSTl8n
JMhSjgz1BRiBPAObkFnScZ1EOTKW3oZFMoxnWY7rCmDQyQJe/JyqJN3E2QGieORo
OfpRJdch0Bg+nNGOtRYpfsn+Wt1PViyEp3/AkIBaegbly/N2Lpj2/HQIWspRll/j
iJBS99SWZ/Cht4PGAImviz1zdPZjnHDyA25S6qzOwHj1YKyjkhBwC+eEb7Nqblx7
+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:20 2024 by rpki-client on console-ams.rpki-client.org