Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/b95e83-282b-4deb-aff2-a4ddec7a3b9e/1/IT3GbSVQyPtGuM_Zd_lKJMG4Cbs.roa
File: IT3GbSVQyPtGuM_Zd_lKJMG4Cbs.roa (raw, json)
Hash identifier: u7qitwOlCjnKV0T0unGlmAZSv0W2OglXgLYwqPJy2GU=
Subject key identifier: 21:3D:C6:6D:25:50:C8:FB:46:B8:CF:D9:77:F9:4A:24:C1:B8:09:BB
Certificate issuer: /CN=bdf1b69c82f781a817ce102117178cdb7fb263af
Certificate serial: 01856B00A8224390B3B8FFBCB43CB7E60E8F
Authority key identifier: BD:F1:B6:9C:82:F7:81:A8:17:CE:10:21:17:17:8C:DB:7F:B2:63:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfG2nIL3gagXzhAhFxeM23-yY68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/b95e83-282b-4deb-aff2-a4ddec7a3b9e/1/IT3GbSVQyPtGuM_Zd_lKJMG4Cbs.roa
Signing time: Sun 01 Jan 2023 01:44:43 +0000
ROA not before: Sun 01 Jan 2023 01:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202105
IP address blocks: 185.217.11.0/24 maxlen: 24
185.217.8.0/24 maxlen: 24
185.217.9.0/24 maxlen: 24
185.217.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:a8:22:43:90:b3:b8:ff:bc:b4:3c:b7:e6:0e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdf1b69c82f781a817ce102117178cdb7fb263af
Validity
Not Before: Jan 1 01:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=213dc66d2550c8fb46b8cfd977f94a24c1b809bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b3:aa:56:5f:5c:32:96:a0:bd:2a:32:35:3d:
b5:fa:a8:bf:d9:9a:2a:70:71:81:cd:09:32:88:5e:
33:b8:c6:ab:fb:8e:a5:1c:8b:96:a2:87:68:81:38:
45:2f:bf:6c:9d:fa:da:e2:f8:4e:10:70:cd:fe:3f:
9e:fc:8e:e9:69:9c:5f:7a:ab:12:81:ea:a2:e3:21:
48:5a:ba:32:c4:3d:7e:78:2e:8b:d5:2f:7a:a3:02:
9f:c1:eb:99:10:d5:3f:3d:9d:ba:da:b3:75:15:f7:
8e:88:3b:94:9e:8e:c5:3e:b0:9b:41:68:18:43:58:
78:8d:2c:8e:7a:cc:a9:0c:ae:72:2f:e3:f8:5f:92:
16:2c:00:fb:c6:42:e5:61:63:17:12:15:3b:29:bc:
bd:57:40:c9:b0:c4:3f:2e:44:e5:9d:8b:22:64:02:
7d:3f:18:c8:97:d8:7a:26:fe:ce:19:00:89:7b:24:
6d:66:74:ba:1e:10:37:18:42:86:66:31:c7:fd:fa:
76:5b:56:0a:1d:73:5a:49:69:f0:37:e3:6c:83:3e:
5e:be:40:78:22:85:99:dc:ff:ba:6a:b2:18:ef:b6:
c3:0c:4e:f4:bf:8c:9b:93:22:20:27:7c:76:a5:8f:
d3:4a:af:52:3e:f9:40:c6:7c:6b:76:4b:ec:a0:16:
9b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3D:C6:6D:25:50:C8:FB:46:B8:CF:D9:77:F9:4A:24:C1:B8:09:BB
X509v3 Authority Key Identifier:
keyid:BD:F1:B6:9C:82:F7:81:A8:17:CE:10:21:17:17:8C:DB:7F:B2:63:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfG2nIL3gagXzhAhFxeM23-yY68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b95e83-282b-4deb-aff2-a4ddec7a3b9e/1/IT3GbSVQyPtGuM_Zd_lKJMG4Cbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b95e83-282b-4deb-aff2-a4ddec7a3b9e/1/vfG2nIL3gagXzhAhFxeM23-yY68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.8.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:3b:64:4b:fc:83:a8:0f:69:33:84:fc:4f:22:ac:fe:ce:55:
8f:a5:79:f4:90:af:da:cb:34:a6:6d:76:fe:27:72:29:5d:32:
23:26:40:f2:03:05:55:88:38:ad:19:9e:df:75:14:7e:0c:16:
71:8b:c6:33:6b:53:48:4f:cf:61:6a:69:92:c7:55:c6:45:ab:
92:9a:ce:9f:f4:d0:0e:fa:07:c6:0c:c7:03:bb:25:8e:3c:7e:
10:24:ca:cb:c2:f1:05:79:1d:4f:cc:8b:11:7d:4b:26:12:48:
6d:70:f0:f1:c2:ac:31:17:4d:93:67:49:17:27:ec:7e:f7:24:
8d:c9:45:87:cf:0f:85:23:49:71:2f:70:5b:a7:43:41:c9:5d:
fd:e0:f2:cf:b1:19:98:bd:0a:1a:27:99:c7:85:85:f0:18:d1:
a3:18:11:d4:b4:95:48:ed:e9:7b:e5:f4:f8:4d:1c:05:c0:ed:
d0:7c:5a:61:8b:f6:f0:38:f5:aa:7a:cc:58:37:49:99:60:ac:
4b:b7:7e:01:f0:47:97:ac:38:65:00:9f:98:e4:11:46:b3:2d:
6c:cc:19:12:6d:5e:b5:99:d8:da:93:ea:d7:18:cd:99:65:1a:
73:19:80:bf:da:ec:2b:7a:e5:65:ed:da:bb:45:b6:ae:e4:46:
2e:76:af:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrAKgiQ5CzuP+8tDy35g6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjFiNjljODJmNzgxYTgxN2NlMTAyMTE3MTc4Y2RiN2Zi
MjYzYWYwHhcNMjMwMTAxMDE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNkYzY2ZDI1NTBjOGZiNDZiOGNmZDk3N2Y5NGEyNGMxYjgwOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLOqVl9cMpagvSoyNT21+qi/2Zoq
cHGBzQkyiF4zuMar+46lHIuWoodogThFL79snfra4vhOEHDN/j+e/I7paZxfeqsS
geqi4yFIWroyxD1+eC6L1S96owKfweuZENU/PZ262rN1FfeOiDuUno7FPrCbQWgY
Q1h4jSyOesypDK5yL+P4X5IWLAD7xkLlYWMXEhU7Kby9V0DJsMQ/LkTlnYsiZAJ9
PxjIl9h6Jv7OGQCJeyRtZnS6HhA3GEKGZjHH/fp2W1YKHXNaSWnwN+Nsgz5evkB4
IoWZ3P+6arIY77bDDE70v4ybkyIgJ3x2pY/TSq9SPvlAxnxrdkvsoBabkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCE9xm0lUMj7RrjP2Xf5SiTBuAm7MB8GA1UdIwQY
MBaAFL3xtpyC94GoF84QIRcXjNt/smOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZHMm5JTDNnYWdYemhBaEZ4ZU0yMy15WTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iOTVlODMtMjgyYi00ZGViLWFmZjIt
YTRkZGVjN2EzYjllLzEvSVQzR2JTVlF5UHRHdU1fWmRfbEtKTUc0Q2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iOTVlODMtMjgyYi00ZGViLWFmZjItYTRkZGVjN2EzYjll
LzEvdmZHMm5JTDNnYWdYemhBaEZ4ZU0yMy15WTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudkIMA0G
CSqGSIb3DQEBCwUAA4IBAQA+O2RL/IOoD2kzhPxPIqz+zlWPpXn0kK/ayzSmbXb+
J3IpXTIjJkDyAwVViDitGZ7fdRR+DBZxi8Yza1NIT89hammSx1XGRauSms6f9NAO
+gfGDMcDuyWOPH4QJMrLwvEFeR1PzIsRfUsmEkhtcPDxwqwxF02TZ0kXJ+x+9ySN
yUWHzw+FI0lxL3Bbp0NByV394PLPsRmYvQoaJ5nHhYXwGNGjGBHUtJVI7el75fT4
TRwFwO3QfFphi/bwOPWqesxYN0mZYKxLt34B8EeXrDhlAJ+Y5BFGsy1szBkSbV61
mdjak+rXGM2ZZRpzGYC/2uwreuVl7dq7Rbau5EYudq9r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:59 2024 by rpki-client on console-fra.rpki-client.org