Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/3rPSfF-3PdjO30_2Xbd3SRZlxv0.roa
File: 3rPSfF-3PdjO30_2Xbd3SRZlxv0.roa (raw, json)
Hash identifier: IdwR6nnez0nJeH4H4nIqolRWf/Cwcbp+Wp4nWTN8yqg=
Subject key identifier: DE:B3:D2:7C:5F:B7:3D:D8:CE:DF:4F:F6:5D:B7:77:49:16:65:C6:FD
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018CC43D927998AB186BB66CE960183C143D
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/3rPSfF-3PdjO30_2Xbd3SRZlxv0.roa
Signing time: Mon 01 Jan 2024 08:56:58 +0000
ROA not before: Mon 01 Jan 2024 08:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216271
IP address blocks: 185.201.136.0/22 maxlen: 22
2a0f:e000::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:3d:92:79:98:ab:18:6b:b6:6c:e9:60:18:3c:14:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 1 08:56:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=deb3d27c5fb73dd8cedf4ff65db777491665c6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:cf:3f:a4:10:f1:1c:12:d2:e2:32:57:7d:2f:
1f:4b:c2:6b:df:50:e6:3e:36:0d:a9:04:e2:05:34:
6d:a5:75:83:3b:77:fb:ee:64:2e:67:bb:e9:7b:fa:
41:d6:31:74:e7:fb:5f:06:8c:ba:d8:af:20:61:7b:
66:97:a9:4e:f2:9c:7d:d3:a1:b7:b5:27:88:8b:2b:
12:36:ff:19:db:ea:5d:a9:11:49:c8:3c:30:75:b5:
47:19:0f:9a:28:fa:55:6e:c0:31:c9:81:7e:c0:ee:
bc:5f:0c:2c:93:fd:b6:b1:35:28:57:2a:5b:42:ff:
22:3e:f5:a5:a3:b6:fc:0f:a4:7b:af:73:68:21:ce:
dd:5e:0d:c9:53:64:68:e1:df:67:2c:24:09:4c:5e:
aa:ac:76:19:b7:ee:83:ad:91:17:a8:a7:48:00:b4:
c4:0b:f1:73:99:9b:52:ec:84:77:42:23:2b:53:bc:
d2:88:68:cc:65:7f:5d:e2:d2:4b:95:74:d5:00:fd:
59:91:c0:42:53:81:52:57:af:f0:cf:bb:07:39:e6:
fc:fc:61:3a:f2:a3:9c:d4:db:73:e5:ee:52:1f:8a:
ad:c8:ea:f0:e0:17:6a:0c:c9:85:c3:f5:d1:b0:ba:
5d:9d:55:e5:a2:c7:e2:16:a2:25:52:e5:2a:1d:46:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B3:D2:7C:5F:B7:3D:D8:CE:DF:4F:F6:5D:B7:77:49:16:65:C6:FD
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/3rPSfF-3PdjO30_2Xbd3SRZlxv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.136.0/22
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
Signature Algorithm: sha256WithRSAEncryption
98:a8:ae:aa:22:97:b6:76:69:66:d1:87:c7:5e:b3:9e:38:1d:
bb:67:7f:78:52:5a:26:c0:44:5f:a0:45:e0:33:93:d4:15:7d:
8b:45:e7:a1:01:cf:91:80:58:9b:a9:13:03:f4:90:43:b5:0f:
ea:b1:65:39:ee:7c:ad:fa:16:7a:6d:e3:c3:8b:ba:7c:71:43:
f5:21:85:ff:e8:26:db:66:32:3f:5b:6e:a5:dc:e6:6b:67:b4:
c5:cb:bf:a0:37:22:cd:19:11:91:1a:3d:7b:98:21:f2:49:a3:
02:f5:61:41:6c:7a:71:e2:cb:a3:93:e5:ed:6f:32:13:8b:6a:
0f:ab:58:22:c3:00:ed:45:a0:df:08:59:fe:49:62:e6:63:49:
cc:83:79:cd:92:8e:f5:8a:ab:20:ab:db:43:ad:1d:81:fa:42:
14:01:e2:a9:e6:9c:68:df:c0:b2:2a:88:e4:f4:6d:dc:5d:3c:
ad:b6:62:68:a6:a0:6c:60:cb:8b:27:59:d1:b6:81:03:e7:51:
19:2b:4b:6f:68:b0:a1:55:a2:eb:c6:92:28:a9:f8:af:dd:60:
fe:7a:50:11:2d:25:f8:6d:e2:e6:3b:c8:98:43:df:da:09:ee:
57:ba:65:5f:a0:16:be:f1:4c:61:ff:4e:2e:42:2d:56:14:1b:
c7:12:06:d7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEPZJ5mKsYa7Zs6WAYPBQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMTAxMDg1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWIzZDI3YzVmYjczZGQ4Y2VkZjRmZjY1ZGI3Nzc0OTE2NjVjNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgs8/pBDxHBLS4jJXfS8fS8Jr31Dm
PjYNqQTiBTRtpXWDO3f77mQuZ7vpe/pB1jF05/tfBoy62K8gYXtml6lO8px906G3
tSeIiysSNv8Z2+pdqRFJyDwwdbVHGQ+aKPpVbsAxyYF+wO68Xwwsk/22sTUoVypb
Qv8iPvWlo7b8D6R7r3NoIc7dXg3JU2Ro4d9nLCQJTF6qrHYZt+6DrZEXqKdIALTE
C/FzmZtS7IR3QiMrU7zSiGjMZX9d4tJLlXTVAP1ZkcBCU4FSV6/wz7sHOeb8/GE6
8qOc1Ntz5e5SH4qtyOrw4BdqDMmFw/XRsLpdnVXlosfiFqIlUuUqHUanrQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFN6z0nxftz3Yzt9P9l23d0kWZcb9MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvM3JQU2ZGLTNQZGpPMzBfMlhiZDNTUlpseHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQCucmIMBsE
AgACMBUDBQMqCuLAAwUDKg53gAMFAyoP4AAwDQYJKoZIhvcNAQELBQADggEBAJio
rqoil7Z2aWbRh8des544Hbtnf3hSWibARF+gReAzk9QVfYtF56EBz5GAWJupEwP0
kEO1D+qxZTnufK36Fnpt48OLunxxQ/Uhhf/oJttmMj9bbqXc5mtntMXLv6A3Is0Z
EZEaPXuYIfJJowL1YUFsenHiy6OT5e1vMhOLag+rWCLDAO1FoN8IWf5JYuZjScyD
ec2SjvWKqyCr20OtHYH6QhQB4qnmnGjfwLIqiOT0bdxdPK22YmimoGxgy4snWdG2
gQPnURkrS29osKFVouvGkiip+K/dYP56UBEtJfht4uY7yJhD39oJ7le6ZV+gFr7x
TGH/Ti5CLVYUG8cSBtc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org