Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/3fApWVTE1AKPrvdcKFPmZl87RJs.roa
File: 3fApWVTE1AKPrvdcKFPmZl87RJs.roa (raw, json)
Hash identifier: awvhVJXuJvv95Ax/aQD5FaC+ziIWYLoE1o4ueX2vzUM=
Subject key identifier: DD:F0:29:59:54:C4:D4:02:8F:AE:F7:5C:28:53:E6:66:5F:3B:44:9B
Certificate issuer: /CN=27d8640c305107766a646fbf8ec81db45ce1f249
Certificate serial: 0189DF6D12813964410D2CC3E066318DCF12
Authority key identifier: 27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/3fApWVTE1AKPrvdcKFPmZl87RJs.roa
Signing time: Thu 10 Aug 2023 12:30:14 +0000
ROA not before: Thu 10 Aug 2023 12:30:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196755
IP address blocks: 188.66.8.0/21 maxlen: 21
185.164.156.0/22 maxlen: 22
2a0c:10c0::/29 maxlen: 40
2a0c:10c0::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 13 Dec 2023 12:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:6d:12:81:39:64:41:0d:2c:c3:e0:66:31:8d:cf:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d8640c305107766a646fbf8ec81db45ce1f249
Validity
Not Before: Aug 10 12:30:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddf0295954c4d4028faef75c2853e6665f3b449b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:76:5f:1a:23:32:81:ae:a6:3b:66:11:1f:ca:
78:6f:90:cc:3b:45:ba:e2:90:ca:42:d8:5d:02:e2:
e0:3c:d1:73:ee:08:4e:b5:c9:49:60:cb:d0:89:66:
cc:14:28:b2:a7:0a:2e:b6:c6:8d:36:a8:13:1e:78:
94:ec:34:41:d7:09:f3:25:72:60:51:63:6b:4c:46:
c4:de:2a:4c:91:7c:54:29:bd:49:b4:6e:8a:ee:9b:
ab:3f:06:9c:e3:b1:8f:cf:19:f5:bd:aa:e1:9b:6e:
31:64:d0:d7:a4:20:ca:54:f3:1f:9a:b1:f0:0c:21:
c7:bf:a8:75:03:70:52:b8:a2:3f:3a:c5:70:a7:25:
05:4b:ef:ed:a4:f4:71:01:ca:7c:9d:bd:f4:03:fd:
7d:3b:cc:12:75:15:c9:c4:14:14:b8:48:07:a7:e8:
cd:ed:eb:d3:ae:77:b3:66:f0:28:bc:45:26:13:66:
a3:2b:2e:5e:f2:7b:8c:e9:84:c4:56:53:8e:08:04:
90:b3:4e:e8:d7:38:bb:11:0a:de:65:5d:70:19:77:
4e:0f:49:3e:da:e7:be:01:8f:f7:04:d2:1a:aa:75:
4c:61:b5:14:f8:23:92:0c:e2:68:d1:ab:78:41:63:
e3:a8:43:72:e4:08:ac:bf:b5:09:99:f2:20:aa:71:
6f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F0:29:59:54:C4:D4:02:8F:AE:F7:5C:28:53:E6:66:5F:3B:44:9B
X509v3 Authority Key Identifier:
keyid:27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/3fApWVTE1AKPrvdcKFPmZl87RJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.156.0/22
188.66.8.0/21
IPv6:
2a0c:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:0b:b8:31:b8:67:38:80:1d:b5:3e:ff:bf:64:e4:9e:4c:46:
76:a4:a3:e2:b8:a6:02:34:6f:a7:fd:aa:74:87:c5:f5:ec:db:
56:aa:f8:8b:16:3e:18:dd:aa:cb:c4:75:88:14:f5:ee:ce:16:
4f:64:f5:fe:12:8f:56:1f:dd:31:df:a5:4c:8d:e3:57:52:d6:
43:13:87:a3:f4:d7:4c:b3:2e:c6:e4:00:11:99:df:44:9c:56:
cb:d6:7f:6f:fa:94:84:d4:2a:70:60:26:31:d1:f3:9b:46:85:
61:ba:1b:f3:9b:4d:51:52:05:55:3b:26:1e:a9:0e:83:40:01:
93:b9:b5:01:04:33:90:c2:41:8a:18:fd:01:ab:3e:79:63:95:
53:81:a6:45:eb:72:f8:ca:05:de:b9:0c:03:90:af:8e:60:c6:
11:db:25:28:9c:cd:28:4e:ff:91:3e:cf:66:5a:a4:47:6b:fc:
13:93:b6:69:bd:c0:0e:44:01:1e:5e:17:42:4e:d8:80:8e:df:
3d:0c:a5:65:00:fc:fc:b9:70:68:4c:ed:48:33:b8:74:5d:70:
b1:9c:69:20:af:4a:18:5a:18:61:31:72:12:ff:94:bf:79:7a:
2a:e8:52:ed:70:f4:3c:90:d4:c9:e2:ea:86:e2:e0:e1:b9:27:
6d:c9:5c:e5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYnfbRKBOWRBDSzD4GYxjc8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDg2NDBjMzA1MTA3NzY2YTY0NmZiZjhlYzgxZGI0NWNl
MWYyNDkwHhcNMjMwODEwMTIzMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGYwMjk1OTU0YzRkNDAyOGZhZWY3NWMyODUzZTY2NjVmM2I0NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnZfGiMyga6mO2YRH8p4b5DMO0W6
4pDKQthdAuLgPNFz7ghOtclJYMvQiWbMFCiypwoutsaNNqgTHniU7DRB1wnzJXJg
UWNrTEbE3ipMkXxUKb1JtG6K7purPwac47GPzxn1varhm24xZNDXpCDKVPMfmrHw
DCHHv6h1A3BSuKI/OsVwpyUFS+/tpPRxAcp8nb30A/19O8wSdRXJxBQUuEgHp+jN
7evTrnezZvAovEUmE2ajKy5e8nuM6YTEVlOOCASQs07o1zi7EQreZV1wGXdOD0k+
2ue+AY/3BNIaqnVMYbUU+COSDOJo0at4QWPjqENy5Aisv7UJmfIgqnFvkwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN3wKVlUxNQCj673XChT5mZfO0SbMB8GA1UdIwQY
MBaAFCfYZAwwUQd2amRvv47IHbRc4fJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAt
M2M2Zjg4YzkxNGIxLzEvM2ZBcFdWVEUxQUtQcnZkY0tGUG1abDg3UkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAtM2M2Zjg4YzkxNGIx
LzEvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuaScAwQD
vEIIMA0EAgACMAcDBQMqDBDAMA0GCSqGSIb3DQEBCwUAA4IBAQChC7gxuGc4gB21
Pv+/ZOSeTEZ2pKPiuKYCNG+n/ap0h8X17NtWqviLFj4Y3arLxHWIFPXuzhZPZPX+
Eo9WH90x36VMjeNXUtZDE4ej9NdMsy7G5AARmd9EnFbL1n9v+pSE1CpwYCYx0fOb
RoVhuhvzm01RUgVVOyYeqQ6DQAGTubUBBDOQwkGKGP0Bqz55Y5VTgaZF63L4ygXe
uQwDkK+OYMYR2yUonM0oTv+RPs9mWqRHa/wTk7ZpvcAORAEeXhdCTtiAjt89DKVl
APz8uXBoTO1IM7h0XXCxnGkgr0oYWhhhMXIS/5S/eXoq6FLtcPQ8kNTJ4uqG4uDh
uSdtyVzl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:24 2024 by rpki-client on console-fra.rpki-client.org