Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/3FNj7w4Q57F7gjwfexLUNwIjaPw.roa
File: 3FNj7w4Q57F7gjwfexLUNwIjaPw.roa (raw, json)
Hash identifier: OedfwVyB7LkTfBlZ0rt3McGCTBmTzV3S2hrWgEagako=
Subject key identifier: DC:53:63:EF:0E:10:E7:B1:7B:82:3C:1F:7B:12:D4:37:02:23:68:FC
Certificate issuer: /CN=454bef73c5a47687b2b5c5276b0dbc070bb9cb50
Certificate serial: 01856F42C2AEA60494DE49ECC3388570A5AF
Authority key identifier: 45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUvvc8WkdoeytcUnaw28Bwu5y1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/3FNj7w4Q57F7gjwfexLUNwIjaPw.roa
Signing time: Sun 01 Jan 2023 21:35:24 +0000
ROA not before: Sun 01 Jan 2023 21:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 185.253.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:c2:ae:a6:04:94:de:49:ec:c3:38:85:70:a5:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=454bef73c5a47687b2b5c5276b0dbc070bb9cb50
Validity
Not Before: Jan 1 21:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc5363ef0e10e7b17b823c1f7b12d437022368fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9b:e1:66:bb:8c:89:de:68:31:49:a7:fa:bf:
91:eb:69:bb:5e:81:03:d7:23:1e:84:5e:9a:01:41:
a2:ea:c2:0b:52:d8:f9:f6:72:93:ab:ee:a8:4e:db:
43:b6:8d:fa:72:72:34:1e:c3:50:d3:ce:58:66:50:
35:f9:d2:3f:6d:1a:1c:44:0b:27:91:ae:a7:f7:8e:
33:56:ff:67:90:99:23:fc:22:3c:86:d8:45:14:18:
51:d2:81:ca:38:f7:f2:af:35:60:5c:e6:70:31:33:
56:d1:49:14:db:47:73:65:42:17:92:d2:09:58:81:
a7:4d:91:59:96:6c:da:b4:4e:e6:f4:37:78:4f:0e:
78:e9:09:ec:cb:aa:0d:31:63:f2:fe:72:b5:10:c4:
26:d1:33:e5:62:81:dd:ce:49:96:bf:5b:19:0b:af:
c9:9a:51:f8:57:92:b6:38:67:7e:e8:63:a3:72:8b:
16:df:9e:99:11:79:a1:38:c1:1d:db:14:5f:2f:a6:
99:48:66:a3:7a:8e:bc:6e:55:3e:ba:26:67:d1:36:
6a:f3:31:ae:8d:6d:02:d1:84:d6:8c:0b:65:ec:fd:
cd:5e:cb:cc:ad:d6:a1:f7:a7:f0:a5:dc:4d:5a:d3:
74:7b:1d:a2:95:0a:b0:5f:ce:d9:6a:f3:f1:b0:dc:
d9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:53:63:EF:0E:10:E7:B1:7B:82:3C:1F:7B:12:D4:37:02:23:68:FC
X509v3 Authority Key Identifier:
keyid:45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUvvc8WkdoeytcUnaw28Bwu5y1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/3FNj7w4Q57F7gjwfexLUNwIjaPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/RUvvc8WkdoeytcUnaw28Bwu5y1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.3.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:a3:79:c6:03:af:c5:a4:3c:8f:9b:e4:20:c5:02:43:63:a8:
b0:78:b3:a4:23:a1:ea:b8:80:be:af:0a:28:8d:13:b4:b5:d8:
0d:c2:be:06:e3:f7:db:a4:08:df:51:1e:61:5b:ee:83:13:03:
94:59:6e:2b:6e:c2:82:e0:76:6c:8b:61:d7:ae:aa:03:83:c8:
3a:0c:ef:98:28:b5:c1:65:77:35:9e:47:a2:a1:14:69:54:8f:
f5:61:f3:41:5d:17:28:39:a6:c2:0d:c6:bf:eb:9f:5d:e9:da:
6e:6d:68:6a:0c:de:d0:ce:f2:53:ad:a6:ad:f7:bc:ac:95:ed:
81:58:ae:6f:c4:21:67:9a:88:4c:f0:a6:06:27:72:19:c7:ed:
0e:da:dc:40:da:08:9c:7b:f5:46:c5:31:72:dc:25:b3:bf:73:
02:6c:d9:a9:27:c6:a6:43:a7:3e:3c:f6:e1:08:6a:da:e8:65:
1d:20:c4:8a:b0:ac:83:49:27:25:b7:36:54:87:ba:c5:4d:b9:
7b:cb:27:4e:04:56:10:93:47:45:c7:2c:af:4e:ff:ad:e5:b1:
aa:5e:bc:b1:7d:3d:03:48:b0:26:fa:b3:f1:84:8f:4c:c2:49:
5d:63:07:a5:7a:41:ad:06:9e:8b:56:55:02:c1:6b:dd:cd:e1:
a3:00:cf:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQsKupgSU3knswziFcKWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NGJlZjczYzVhNDc2ODdiMmI1YzUyNzZiMGRiYzA3MGJi
OWNiNTAwHhcNMjMwMTAxMjEzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUzNjNlZjBlMTBlN2IxN2I4MjNjMWY3YjEyZDQzNzAyMjM2OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5vhZruMid5oMUmn+r+R62m7XoED
1yMehF6aAUGi6sILUtj59nKTq+6oTttDto36cnI0HsNQ085YZlA1+dI/bRocRAsn
ka6n944zVv9nkJkj/CI8hthFFBhR0oHKOPfyrzVgXOZwMTNW0UkU20dzZUIXktIJ
WIGnTZFZlmzatE7m9Dd4Tw546Qnsy6oNMWPy/nK1EMQm0TPlYoHdzkmWv1sZC6/J
mlH4V5K2OGd+6GOjcosW356ZEXmhOMEd2xRfL6aZSGajeo68blU+uiZn0TZq8zGu
jW0C0YTWjAtl7P3NXsvMrdah96fwpdxNWtN0ex2ilQqwX87ZavPxsNzZ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxTY+8OEOexe4I8H3sS1DcCI2j8MB8GA1UdIwQY
MBaAFEVL73PFpHaHsrXFJ2sNvAcLuctQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlV2dmM4V2tkb2V5dGNVbmF3MjhCd3U1eTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jNDI1ZmQtOTgwYS00NjQ2LWExNjIt
OWMyOTE0ZWY4NzUzLzEvM0ZOajd3NFE1N0Y3Z2p3ZmV4TFVOd0lqYVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jNDI1ZmQtOTgwYS00NjQ2LWExNjItOWMyOTE0ZWY4NzUz
LzEvUlV2dmM4V2tkb2V5dGNVbmF3MjhCd3U1eTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0DMA0G
CSqGSIb3DQEBCwUAA4IBAQC7o3nGA6/FpDyPm+QgxQJDY6iweLOkI6HquIC+rwoo
jRO0tdgNwr4G4/fbpAjfUR5hW+6DEwOUWW4rbsKC4HZsi2HXrqoDg8g6DO+YKLXB
ZXc1nkeioRRpVI/1YfNBXRcoOabCDca/659d6dpubWhqDN7QzvJTraat97ysle2B
WK5vxCFnmohM8KYGJ3IZx+0O2txA2gice/VGxTFy3CWzv3MCbNmpJ8amQ6c+PPbh
CGra6GUdIMSKsKyDSScltzZUh7rFTbl7yydOBFYQk0dFxyyvTv+t5bGqXryxfT0D
SLAm+rPxhI9MwkldYwelekGtBp6LVlUCwWvdzeGjAM9x
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:17 2024 by rpki-client on console-ams.rpki-client.org