Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/3zQw1by9iuDNqFb754tCLC_3dGo.roa
File: 3zQw1by9iuDNqFb754tCLC_3dGo.roa (raw, json)
Hash identifier: BmJIXA5JzPk9UVx5z7OzS5lJtqZ/8/NzevNVIUkneg0=
Subject key identifier: DF:34:30:D5:BC:BD:8A:E0:CD:A8:56:FB:E7:8B:42:2C:2F:F7:74:6A
Certificate issuer: /CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
Certificate serial: 0185707077727E26DC9682320635AC15B876
Authority key identifier: 2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/3zQw1by9iuDNqFb754tCLC_3dGo.roa
Signing time: Mon 02 Jan 2023 03:04:56 +0000
ROA not before: Mon 02 Jan 2023 03:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203507
IP address blocks: 193.28.13.0/24 maxlen: 24
185.123.226.0/23 maxlen: 23
185.123.226.0/24 maxlen: 24
185.123.224.0/22 maxlen: 22
185.123.224.0/23 maxlen: 23
185.123.224.0/24 maxlen: 24
185.123.225.0/24 maxlen: 24
185.123.227.0/24 maxlen: 24
5.104.152.0/22 maxlen: 22
195.245.199.0/24 maxlen: 24
212.79.224.0/19 maxlen: 19
2a06:e380:8000::/36 maxlen: 36
2a06:e380::/36 maxlen: 36
2a06:e380:8000::/48 maxlen: 48
2a06:e380::/48 maxlen: 48
2a06:e380:8001::/48 maxlen: 48
2a06:e380:1::/48 maxlen: 48
2a06:e380::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:77:72:7e:26:dc:96:82:32:06:35:ac:15:b8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
Validity
Not Before: Jan 2 03:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df3430d5bcbd8ae0cda856fbe78b422c2ff7746a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:64:e4:3d:c3:7b:b7:2d:01:b6:36:21:b3:bf:
16:89:d8:43:a0:b1:61:ec:2b:83:8a:be:4d:d5:33:
33:5f:6a:bd:33:69:c2:a4:45:dc:ac:7b:5c:e7:a4:
8e:1a:46:91:74:f5:ec:fb:31:20:16:3f:97:51:4d:
3e:3c:22:d8:52:77:e6:77:4a:c5:7a:9c:75:95:cc:
f4:57:d0:0f:85:75:10:89:c6:a3:6a:ab:12:4d:ed:
e4:0f:a9:db:68:f1:5d:bd:2a:81:74:22:f7:a5:fa:
c0:5e:82:58:3d:ec:35:fc:fd:a1:b7:22:a0:90:6b:
2e:2e:dd:87:36:94:97:68:f1:6e:fc:28:8e:c7:7c:
87:40:8a:f0:42:83:a1:d7:58:aa:cd:90:1c:22:70:
42:ee:08:ae:72:7c:6a:eb:95:2b:d4:28:d9:72:90:
5f:3a:87:5e:97:30:90:d2:8c:8f:bc:74:de:17:dc:
24:fe:4e:52:73:22:00:6b:02:51:50:80:47:cc:86:
a1:29:55:99:ff:d0:32:48:2a:7b:1b:dd:e1:d5:1e:
ed:cf:fd:ca:1b:42:f8:60:06:79:3e:3c:48:9e:92:
9e:26:b8:bf:de:d3:d8:22:04:c1:dd:58:e6:aa:82:
19:f7:0a:e8:aa:e1:77:57:a4:12:52:25:ea:d6:75:
77:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:34:30:D5:BC:BD:8A:E0:CD:A8:56:FB:E7:8B:42:2C:2F:F7:74:6A
X509v3 Authority Key Identifier:
keyid:2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/3zQw1by9iuDNqFb754tCLC_3dGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.152.0/22
185.123.224.0/22
193.28.13.0/24
195.245.199.0/24
212.79.224.0/19
IPv6:
2a06:e380::/29
Signature Algorithm: sha256WithRSAEncryption
7c:a7:64:5c:50:f7:de:83:44:3d:0f:ad:90:dd:f8:7c:41:aa:
6d:a5:4c:6a:89:b4:16:ba:26:da:06:0a:03:b4:5d:05:41:30:
c4:cd:53:e8:89:c0:b4:9d:d6:7b:04:78:ce:e3:bf:6a:d4:d5:
b8:17:57:d1:ac:ff:c0:d2:af:e4:fe:af:6d:44:31:a7:4b:f5:
e1:78:e3:d1:cd:85:85:e0:67:c8:ba:11:bf:0f:c7:c3:f7:eb:
eb:31:7a:3e:17:3e:1d:77:e2:3f:6f:73:92:58:31:9a:07:06:
40:60:73:8e:b7:9e:21:1e:42:41:d1:d4:28:9d:d5:32:aa:9f:
e9:52:3e:da:23:f7:68:5a:8f:94:63:8c:1e:60:62:31:92:6d:
d0:45:dd:6e:cc:7f:4e:34:c9:c3:8f:19:78:5b:ed:a4:60:98:
0d:f8:e6:bf:78:17:3d:b8:73:eb:1e:4e:e5:fa:53:6e:75:6f:
91:e2:34:4f:21:4f:eb:18:09:1c:97:04:de:22:10:11:85:18:
98:c5:ed:0b:e6:10:c1:9f:e4:f0:9b:85:c0:24:70:2d:2a:3d:
c0:06:9a:1f:fc:b3:68:9a:e5:9c:a2:8b:25:25:ee:2f:12:24:
2e:c1:ff:bd:e8:f8:80:c3:91:88:76:11:dd:e9:99:bb:e3:4a:
4b:a9:c9:b0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVwcHdyfibcloIyBjWsFbh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTU2ZDRkN2IxZDFhMDZjZTg5Zjc0NmY3OWI2NTZjNzM0
OGM1MjUwHhcNMjMwMTAyMDMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM0MzBkNWJjYmQ4YWUwY2RhODU2ZmJlNzhiNDIyYzJmZjc3NDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WTkPcN7ty0BtjYhs78WidhDoLFh
7CuDir5N1TMzX2q9M2nCpEXcrHtc56SOGkaRdPXs+zEgFj+XUU0+PCLYUnfmd0rF
epx1lcz0V9APhXUQicajaqsSTe3kD6nbaPFdvSqBdCL3pfrAXoJYPew1/P2htyKg
kGsuLt2HNpSXaPFu/CiOx3yHQIrwQoOh11iqzZAcInBC7giucnxq65Ur1CjZcpBf
OodelzCQ0oyPvHTeF9wk/k5ScyIAawJRUIBHzIahKVWZ/9AySCp7G93h1R7tz/3K
G0L4YAZ5PjxInpKeJri/3tPYIgTB3VjmqoIZ9wroquF3V6QSUiXq1nV3+wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFN80MNW8vYrgzahW++eLQiwv93RqMB8GA1UdIwQY
MBaAFC7lbU17HRoGzon3RvebZWxzSMUlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYt
MjJlOThkZTI2MTA2LzEvM3pRdzFieTlpdUROcUZiNzU0dENMQ18zZEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYtMjJlOThkZTI2MTA2
LzEvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBWiYAwQC
uXvgAwQAwRwNAwQAw/XHAwQF1E/gMA0EAgACMAcDBQMqBuOAMA0GCSqGSIb3DQEB
CwUAA4IBAQB8p2RcUPfeg0Q9D62Q3fh8QaptpUxqibQWuibaBgoDtF0FQTDEzVPo
icC0ndZ7BHjO479q1NW4F1fRrP/A0q/k/q9tRDGnS/XheOPRzYWF4GfIuhG/D8fD
9+vrMXo+Fz4dd+I/b3OSWDGaBwZAYHOOt54hHkJB0dQondUyqp/pUj7aI/doWo+U
Y4weYGIxkm3QRd1uzH9ONMnDjxl4W+2kYJgN+Oa/eBc9uHPrHk7l+lNudW+R4jRP
IU/rGAkclwTeIhARhRiYxe0L5hDBn+Twm4XAJHAtKj3ABpof/LNomuWcooslJe4v
EiQuwf+96PiAw5GIdhHd6Zm740pLqcmw
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:39 2024 by rpki-client on console-ams.rpki-client.org