Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/n3K8C-U0fK6dwO9lSh7r9F6nqmU.roa
File: n3K8C-U0fK6dwO9lSh7r9F6nqmU.roa (raw, json)
Hash identifier: mOboHDEa9Cj2xzEHQfc0g1cd0ll1kNnY/tQRsh0Drpw=
Subject key identifier: 9F:72:BC:0B:E5:34:7C:AE:9D:C0:EF:65:4A:1E:EB:F4:5E:A7:AA:65
Certificate issuer: /CN=7c835498f35199a1571964d855c3877751681ab9
Certificate serial: 018BD766C04EA31989B7C04ADE6B60C914E2
Authority key identifier: 7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/n3K8C-U0fK6dwO9lSh7r9F6nqmU.roa
Signing time: Thu 16 Nov 2023 09:11:57 +0000
ROA not before: Thu 16 Nov 2023 09:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29024
IP address blocks: 185.3.48.0/22 maxlen: 22
91.189.40.0/21 maxlen: 21
185.187.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:66:c0:4e:a3:19:89:b7:c0:4a:de:6b:60:c9:14:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c835498f35199a1571964d855c3877751681ab9
Validity
Not Before: Nov 16 09:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f72bc0be5347cae9dc0ef654a1eebf45ea7aa65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fc:73:0f:0d:c2:0e:11:9a:6d:ca:ce:03:f5:
ef:1c:9f:d8:bf:85:da:09:68:a1:eb:99:73:05:c9:
50:23:9e:13:f7:6c:96:e8:10:fd:ea:3a:82:aa:07:
62:51:bc:42:e7:eb:48:ac:89:11:02:85:ff:b2:a9:
2f:6b:b2:98:0e:f3:39:70:67:c9:86:4f:f4:5f:64:
d2:7c:00:ed:b7:c4:32:25:3d:05:3a:a1:55:02:c8:
8b:6c:dc:d2:c3:b0:5e:e9:d3:6f:17:93:85:c7:52:
e3:a6:1a:ec:d7:0c:e1:87:88:76:7c:48:08:3c:6e:
bd:7b:3c:69:26:44:f4:08:10:33:ad:62:d6:23:8f:
21:5a:48:72:3b:44:54:e7:04:9f:99:e7:4e:55:50:
27:c5:b3:e9:6a:41:e1:11:ff:f6:42:7d:15:b2:25:
7d:eb:4f:89:f1:56:0f:1c:13:1c:a3:86:78:c1:6e:
71:2b:93:e3:c3:a8:38:c7:f6:50:da:b2:8b:e0:ae:
7f:2a:d0:24:ed:e9:ff:6b:04:af:24:c6:d7:d7:9a:
06:6f:5b:2b:d9:9e:d6:5b:f3:56:fa:41:43:3a:10:
66:96:5e:03:5a:fe:6b:db:b9:78:12:c2:7e:a7:6e:
59:27:b1:01:65:79:bc:2b:cb:24:33:26:86:03:a0:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:72:BC:0B:E5:34:7C:AE:9D:C0:EF:65:4A:1E:EB:F4:5E:A7:AA:65
X509v3 Authority Key Identifier:
keyid:7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/n3K8C-U0fK6dwO9lSh7r9F6nqmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.40.0/21
185.3.48.0/22
185.187.252.0/22
Signature Algorithm: sha256WithRSAEncryption
08:de:bb:a7:40:73:27:28:51:3f:a8:20:31:87:be:1f:a7:b3:
3b:b6:0d:80:5b:cc:1f:a0:55:b0:6a:16:04:a6:51:20:65:55:
a6:55:66:2e:23:95:39:d7:74:24:0d:2c:c7:e7:c5:87:6e:7a:
db:e4:ba:4e:95:ab:78:8f:aa:75:3b:8d:c9:6e:d8:2f:e1:5d:
36:a2:8b:3e:1b:fa:24:c0:6a:e4:ba:45:89:55:dc:88:54:7e:
37:53:e1:60:e7:18:67:4b:55:48:26:42:a8:33:e8:38:b6:b4:
a8:cb:c7:77:6a:0b:b5:03:fd:dd:be:d5:f8:8c:03:fb:00:4c:
d3:9e:a3:75:d7:82:0d:27:1c:fe:ee:42:4d:94:cb:28:3a:b9:
f2:3f:4b:8a:87:2e:81:f9:1f:5f:25:06:09:ad:96:ca:78:e8:
93:6b:60:5f:5b:1e:da:2b:b4:b5:4c:c5:0c:66:37:fd:19:46:
17:52:d7:b9:36:84:df:49:93:19:11:69:eb:a2:4d:93:59:63:
c1:84:65:a8:ac:d3:c8:ba:f3:19:83:c3:98:c4:0d:23:e3:46:
f3:87:d4:28:9f:1f:e5:ce:11:fa:a6:b4:a8:25:b8:f6:98:b7:
1f:9f:f3:12:5d:d6:ba:02:4b:71:f9:51:02:32:4f:89:6d:7c:
ec:7e:36:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvXZsBOoxmJt8BK3mtgyRTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODM1NDk4ZjM1MTk5YTE1NzE5NjRkODU1YzM4Nzc3NTE2
ODFhYjkwHhcNMjMxMTE2MDkxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjcyYmMwYmU1MzQ3Y2FlOWRjMGVmNjU0YTFlZWJmNDVlYTdhYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufxzDw3CDhGabcrOA/XvHJ/Yv4Xa
CWih65lzBclQI54T92yW6BD96jqCqgdiUbxC5+tIrIkRAoX/sqkva7KYDvM5cGfJ
hk/0X2TSfADtt8QyJT0FOqFVAsiLbNzSw7Be6dNvF5OFx1Ljphrs1wzhh4h2fEgI
PG69ezxpJkT0CBAzrWLWI48hWkhyO0RU5wSfmedOVVAnxbPpakHhEf/2Qn0VsiV9
60+J8VYPHBMco4Z4wW5xK5Pjw6g4x/ZQ2rKL4K5/KtAk7en/awSvJMbX15oGb1sr
2Z7WW/NW+kFDOhBmll4DWv5r27l4EsJ+p25ZJ7EBZXm8K8skMyaGA6AaxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ9yvAvlNHyuncDvZUoe6/Rep6plMB8GA1UdIwQY
MBaAFHyDVJjzUZmhVxlk2FXDh3dRaBq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMt
NGNlNDc3ZGJiNDA3LzEvbjNLOEMtVTBmSzZkd085bFNoN3I5RjZucW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMtNGNlNDc3ZGJiNDA3
LzEvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW70oAwQC
uQMwAwQCubv8MA0GCSqGSIb3DQEBCwUAA4IBAQAI3runQHMnKFE/qCAxh74fp7M7
tg2AW8wfoFWwahYEplEgZVWmVWYuI5U513QkDSzH58WHbnrb5LpOlat4j6p1O43J
btgv4V02oos+G/okwGrkukWJVdyIVH43U+Fg5xhnS1VIJkKoM+g4trSoy8d3agu1
A/3dvtX4jAP7AEzTnqN114INJxz+7kJNlMsoOrnyP0uKhy6B+R9fJQYJrZbKeOiT
a2BfWx7aK7S1TMUMZjf9GUYXUte5NoTfSZMZEWnrok2TWWPBhGWorNPIuvMZg8OY
xA0j40bzh9Qonx/lzhH6prSoJbj2mLcfn/MSXda6Aktx+VECMk+JbXzsfjZ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:31 2024 by rpki-client on console-ams.rpki-client.org