Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3TxR61RvbG3-pH7sYQ9vp7RcP3w.roa
File: 3TxR61RvbG3-pH7sYQ9vp7RcP3w.roa (raw, json)
Hash identifier: MG0ya2XSxM8XReGvigR6gQeU0EaB1SyIRoBBsuqZpTY=
Subject key identifier: DD:3C:51:EB:54:6F:6C:6D:FE:A4:7E:EC:61:0F:6F:A7:B4:5C:3F:7C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01909E0DFD0AAC238628E3EA50D7FE730621
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3TxR61RvbG3-pH7sYQ9vp7RcP3w.roa
Signing time: Wed 10 Jul 2024 19:10:35 +0000
ROA not before: Wed 10 Jul 2024 19:10:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399486
IP address blocks: 45.88.91.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
85.209.133.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 08:20:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:0d:fd:0a:ac:23:86:28:e3:ea:50:d7:fe:73:06:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 10 19:10:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3c51eb546f6c6dfea47eec610f6fa7b45c3f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:da:2a:56:11:e4:9e:fa:b9:77:dc:37:8f:cf:
67:33:57:b9:67:87:00:f8:60:c7:0d:c2:ee:d7:48:
8e:dc:b6:61:7f:13:2c:3f:1a:06:d9:ea:a3:ed:5e:
ed:9b:d4:f2:69:66:d9:c5:f8:4d:47:88:8e:39:5b:
47:50:1c:7b:44:fc:29:3b:7e:06:e1:7c:6f:9f:9d:
35:5c:f9:16:b5:a7:70:ce:bf:92:70:06:19:c6:16:
ad:98:e4:bf:90:49:dd:0c:01:7f:53:16:ce:0b:ef:
aa:47:f3:40:a1:a9:0d:65:4e:ac:ac:36:b6:18:71:
c3:71:69:0e:fa:da:8a:c7:77:e8:8a:e6:91:7c:35:
52:07:9d:5c:58:8e:4d:15:85:c4:56:c9:bd:c2:6d:
78:d0:19:d6:97:d5:ce:b3:ac:ec:c3:b4:f2:f3:b6:
c6:c8:3f:ef:7b:cf:5d:9b:41:cc:16:8d:fe:5c:13:
e0:3a:06:e6:48:be:5c:eb:38:8d:69:a2:ef:51:e1:
0b:13:d9:e1:33:dd:ed:82:13:6b:e3:9e:42:e3:55:
65:2e:07:06:62:be:38:76:02:9d:68:7a:ac:48:ea:
87:77:69:33:1c:17:fc:c7:ff:10:0f:ce:45:37:62:
60:44:20:9f:b2:df:a5:68:23:7b:87:b8:3c:30:51:
0b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3C:51:EB:54:6F:6C:6D:FE:A4:7E:EC:61:0F:6F:A7:B4:5C:3F:7C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3TxR61RvbG3-pH7sYQ9vp7RcP3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.91.0/24
79.110.49.0/24
80.76.49.0/24
85.209.133.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:5c:eb:34:13:a6:0f:45:5c:25:09:19:e1:3b:43:2f:1a:4b:
3e:2e:07:2e:d0:6f:6b:cf:f3:50:5a:03:55:d9:45:60:16:13:
40:29:df:bc:df:e8:cd:8a:fe:ef:7e:fc:65:4e:b0:b8:af:7b:
c6:e3:71:eb:a7:6b:98:19:94:ff:ee:da:37:c3:19:3e:1a:18:
83:f6:38:dd:dd:5a:12:11:89:fe:45:ea:62:99:60:77:30:5b:
f7:70:57:37:43:a0:dc:fb:25:1d:a4:2a:2f:2c:17:54:dd:01:
ef:51:84:83:20:41:aa:ac:9d:fa:a0:21:5e:8b:1c:26:0a:af:
f7:38:bb:1a:92:df:2b:69:4e:d5:61:ca:15:70:8a:aa:1d:15:
ec:06:b9:63:33:4a:ac:52:31:13:61:78:c2:50:65:3b:3a:d1:
5b:8c:fa:32:6d:f9:37:33:5f:25:20:13:ae:53:c0:bd:21:33:
fc:af:bb:82:0d:85:63:32:0e:1e:41:5f:c6:7c:bc:65:88:5e:
06:a8:29:c5:36:55:e0:fa:b6:1b:39:5d:2d:71:59:f3:29:5b:
1a:64:26:16:ee:3e:3b:a3:4b:24:09:a7:2d:09:51:5e:7b:11:
43:48:03:22:be:e6:df:74:aa:18:25:6d:9b:7b:74:d6:d3:e9:
33:ba:5c:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCeDf0KrCOGKOPqUNf+cwYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzEwMTkxMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNjNTFlYjU0NmY2YzZkZmVhNDdlZWM2MTBmNmZhN2I0NWMzZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0toqVhHknvq5d9w3j89nM1e5Z4cA
+GDHDcLu10iO3LZhfxMsPxoG2eqj7V7tm9TyaWbZxfhNR4iOOVtHUBx7RPwpO34G
4Xxvn501XPkWtadwzr+ScAYZxhatmOS/kEndDAF/UxbOC++qR/NAoakNZU6srDa2
GHHDcWkO+tqKx3foiuaRfDVSB51cWI5NFYXEVsm9wm140BnWl9XOs6zsw7Ty87bG
yD/ve89dm0HMFo3+XBPgOgbmSL5c6ziNaaLvUeELE9nhM93tghNr455C41VlLgcG
Yr44dgKdaHqsSOqHd2kzHBf8x/8QD85FN2JgRCCfst+laCN7h7g8MFELtwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN08UetUb2xt/qR+7GEPb6e0XD98MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM1R4UjYxUnZiRzMtcEg3c1lROXZwN1JjUDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVhbAwQA
T24xAwQAUEwxAwQAVdGFAwQAwjsfMA0GCSqGSIb3DQEBCwUAA4IBAQAKXOs0E6YP
RVwlCRnhO0MvGks+Lgcu0G9rz/NQWgNV2UVgFhNAKd+83+jNiv7vfvxlTrC4r3vG
43Hrp2uYGZT/7to3wxk+GhiD9jjd3VoSEYn+RepimWB3MFv3cFc3Q6Dc+yUdpCov
LBdU3QHvUYSDIEGqrJ36oCFeixwmCq/3OLsakt8raU7VYcoVcIqqHRXsBrljM0qs
UjETYXjCUGU7OtFbjPoybfk3M18lIBOuU8C9ITP8r7uCDYVjMg4eQV/GfLxliF4G
qCnFNlXg+rYbOV0tcVnzKVsaZCYW7j47o0skCactCVFeexFDSAMivubfdKoYJW2b
e3TW0+kzulxb
-----END CERTIFICATE-----
Generated at Thu Jul 11 10:27:33 2024 by rpki-client on console-fra.rpki-client.org