Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3KAV4V2SmTpVcZrA-iXGDP0eGZ4.roa
File: 3KAV4V2SmTpVcZrA-iXGDP0eGZ4.roa (raw, json)
Hash identifier: VIy6rH+G4hfH7123Lam0dbeUe4FRHvqzejpsSCpeVAE=
Subject key identifier: DC:A0:15:E1:5D:92:99:3A:55:71:9A:C0:FA:25:C6:0C:FD:1E:19:9E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCC7DBD97B5DE344FA19D510787158CA5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3KAV4V2SmTpVcZrA-iXGDP0eGZ4.roa
Signing time: Wed 21 Feb 2024 16:26:48 +0000
ROA not before: Wed 21 Feb 2024 16:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.132.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 20:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:7d:bd:97:b5:de:34:4f:a1:9d:51:07:87:15:8c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 16:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dca015e15d92993a55719ac0fa25c60cfd1e199e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:92:c6:3d:58:4a:0a:3a:ae:4e:fc:bc:d6:76:
08:35:11:3b:a1:10:c9:1f:ad:e5:4c:c7:64:21:96:
36:f3:bb:a6:fe:01:78:55:2e:3d:82:22:a2:cb:ad:
66:41:d7:60:cf:8e:da:23:c6:ce:3e:8a:b6:36:45:
c9:76:f5:c1:39:13:f9:90:84:8b:53:75:10:55:9a:
0f:ff:2d:0b:9e:02:6b:0b:b7:34:36:2d:ed:f1:41:
c2:45:57:78:f3:dd:2b:0e:09:1a:8c:a0:37:4f:68:
ab:ce:3c:0a:0b:dc:5e:4a:35:73:ac:9f:4d:01:c6:
89:07:f5:7c:4f:30:bb:ff:a6:44:6c:32:a3:50:f3:
fd:a8:bf:87:fc:39:cf:5d:50:14:a0:e5:6e:a9:2a:
4d:5e:60:44:5d:0b:5b:ee:87:7f:68:29:b7:43:83:
69:bf:1b:a3:de:f9:e4:e1:55:08:d7:cb:0b:13:26:
c5:83:52:53:64:6c:f8:a2:82:81:64:57:2d:1f:83:
2a:da:51:cd:81:e1:42:e0:a3:92:57:4c:70:34:ce:
5f:c3:c1:60:3e:ec:af:66:86:2f:dc:6a:b7:b0:d0:
79:21:ad:14:c7:71:36:58:13:c3:7e:c3:99:45:0a:
20:f2:fb:13:ff:59:41:1c:63:f2:57:61:68:30:df:
03:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A0:15:E1:5D:92:99:3A:55:71:9A:C0:FA:25:C6:0C:FD:1E:19:9E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3KAV4V2SmTpVcZrA-iXGDP0eGZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.132.0/24
178.215.226.0/24
185.225.73.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
66:11:08:c9:fb:45:8b:d1:9a:ab:65:b0:b7:c8:90:cc:fd:6c:
a4:5a:a8:bc:a4:c8:30:13:18:b5:c8:62:50:08:37:31:da:fd:
ee:fa:a9:08:8d:a4:a0:8c:cd:46:28:9b:a1:40:79:9d:34:b2:
ec:e9:fa:0a:cf:cc:77:75:5a:76:18:18:47:dc:1d:f0:59:1c:
85:89:12:fc:8b:c1:da:81:38:f8:67:53:02:0f:35:db:d2:00:
20:9a:28:9a:2f:db:49:6e:bb:cb:32:2e:2c:05:1e:4b:ff:4c:
d3:8a:8b:18:72:89:85:5a:06:07:88:75:e8:ca:0c:b8:ad:9c:
71:c2:a4:f8:ab:92:9e:e6:43:d9:0e:ec:9d:c1:f4:38:be:53:
de:41:a0:29:2f:19:14:54:fb:7e:5e:b2:ea:94:94:4f:7d:72:
4b:31:77:36:5a:5b:d4:9f:be:32:4f:5b:5e:d7:9e:e3:23:ae:
b0:f0:1d:ca:70:dd:99:13:c5:3d:4b:cf:3f:5b:54:02:b8:06:
d2:c5:4e:e5:80:c6:12:b1:4f:88:5a:f1:92:2f:be:81:84:7b:
80:d1:e2:9f:3b:30:eb:36:c2:d0:eb:42:00:65:19:0c:cd:8f:
8d:bb:5a:d7:d8:b6:d3:64:cf:05:5b:13:34:b1:f6:bf:17:2f:
b4:49:20:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3Mfb2Xtd40T6GdUQeHFYylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMTYyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2EwMTVlMTVkOTI5OTNhNTU3MTlhYzBmYTI1YzYwY2ZkMWUxOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJLGPVhKCjquTvy81nYINRE7oRDJ
H63lTMdkIZY287um/gF4VS49giKiy61mQddgz47aI8bOPoq2NkXJdvXBORP5kISL
U3UQVZoP/y0LngJrC7c0Ni3t8UHCRVd4890rDgkajKA3T2irzjwKC9xeSjVzrJ9N
AcaJB/V8TzC7/6ZEbDKjUPP9qL+H/DnPXVAUoOVuqSpNXmBEXQtb7od/aCm3Q4Np
vxuj3vnk4VUI18sLEybFg1JTZGz4ooKBZFctH4Mq2lHNgeFC4KOSV0xwNM5fw8Fg
PuyvZoYv3Gq3sNB5Ia0Ux3E2WBPDfsOZRQog8vsT/1lBHGPyV2FoMN8DrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNygFeFdkpk6VXGawPolxgz9HhmeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM0tBVjRWMlNtVHBWY1pyQS1pWEdEUDBlR1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVdGEAwQA
stfiAwQAueFJAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQBmEQjJ+0WL0ZqrZbC3
yJDM/WykWqi8pMgwExi1yGJQCDcx2v3u+qkIjaSgjM1GKJuhQHmdNLLs6foKz8x3
dVp2GBhH3B3wWRyFiRL8i8HagTj4Z1MCDzXb0gAgmiiaL9tJbrvLMi4sBR5L/0zT
iosYcomFWgYHiHXoygy4rZxxwqT4q5Ke5kPZDuydwfQ4vlPeQaApLxkUVPt+XrLq
lJRPfXJLMXc2WlvUn74yT1te157jI66w8B3KcN2ZE8U9S88/W1QCuAbSxU7lgMYS
sU+IWvGSL76BhHuA0eKfOzDrNsLQ60IAZRkMzY+Nu1rX2LbTZM8FWxM0sfa/Fy+0
SSAP
-----END CERTIFICATE-----
Generated at Thu Feb 22 00:46:10 2024 by rpki-client on console-ams.rpki-client.org