Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/3ppMtLEAD2_EC_bCuhyx3jhp560.roa
File: 3ppMtLEAD2_EC_bCuhyx3jhp560.roa (raw, json)
Hash identifier: /4O57E+UumELXI36QQs+O2Dksu1afZA5v6EKZjPf1wA=
Subject key identifier: DE:9A:4C:B4:B1:00:0F:6F:C4:0B:F6:C2:BA:1C:B1:DE:38:69:E7:AD
Certificate issuer: /CN=279f3652e4458fa001c6738a41425b07e70c91a1
Certificate serial: 01857203577C3D2FB45CF42975DA6E157125
Authority key identifier: 27:9F:36:52:E4:45:8F:A0:01:C6:73:8A:41:42:5B:07:E7:0C:91:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J582UuRFj6ABxnOKQUJbB-cMkaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/3ppMtLEAD2_EC_bCuhyx3jhp560.roa
Signing time: Mon 02 Jan 2023 10:24:59 +0000
ROA not before: Mon 02 Jan 2023 10:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39305
IP address blocks: 139.28.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:57:7c:3d:2f:b4:5c:f4:29:75:da:6e:15:71:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279f3652e4458fa001c6738a41425b07e70c91a1
Validity
Not Before: Jan 2 10:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de9a4cb4b1000f6fc40bf6c2ba1cb1de3869e7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:08:59:f2:3f:4e:8b:7b:fb:58:22:7f:e2:17:
95:30:1c:a5:56:37:d3:2f:4f:d3:59:b1:39:b5:dd:
53:f2:36:0a:8b:f3:03:74:3f:e2:9e:8b:e8:f4:ba:
0d:69:ea:ee:5b:26:8c:21:97:90:9a:24:d6:2f:39:
3c:46:1a:13:b8:53:85:0f:0c:bd:29:a0:e8:f9:66:
a4:b7:b1:14:b2:a4:5e:f6:89:8c:cc:68:ee:53:4e:
71:50:b4:b1:c2:9c:a4:ce:e8:6f:ae:ef:dd:5d:d1:
7b:91:20:63:22:28:1c:e1:9f:5b:7b:9a:8a:a6:a7:
90:89:8a:d4:25:5c:4c:20:2f:93:ca:84:c9:9c:89:
f4:e4:e7:1a:17:93:d5:d5:3c:91:a5:b8:f1:2a:91:
b3:01:27:3d:a9:93:88:b4:06:f9:fa:94:3a:71:e8:
90:d9:00:e7:67:dd:0d:37:cf:ec:2e:ba:c5:15:05:
3c:4e:48:79:c8:03:17:da:1f:e4:f9:da:a2:2e:b0:
25:ab:4a:7d:50:85:14:54:05:20:16:b0:bb:08:a6:
96:0f:2d:ab:69:ae:30:f9:2f:24:01:98:bf:f3:28:
1b:6d:cf:6e:80:5c:c0:e5:d6:fa:71:91:96:2e:79:
b2:ad:2b:5d:1e:6a:e3:fc:58:1b:24:48:36:b0:43:
c8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9A:4C:B4:B1:00:0F:6F:C4:0B:F6:C2:BA:1C:B1:DE:38:69:E7:AD
X509v3 Authority Key Identifier:
keyid:27:9F:36:52:E4:45:8F:A0:01:C6:73:8A:41:42:5B:07:E7:0C:91:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J582UuRFj6ABxnOKQUJbB-cMkaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/3ppMtLEAD2_EC_bCuhyx3jhp560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/J582UuRFj6ABxnOKQUJbB-cMkaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.68.0/22
Signature Algorithm: sha256WithRSAEncryption
52:cb:1c:8d:17:29:52:18:fd:af:1f:ec:5a:51:2e:0e:d5:2f:
b8:1b:c3:ea:e4:20:d0:41:b2:3f:cb:4b:ca:d5:16:88:4b:92:
d0:4a:62:dd:a6:be:3d:7e:89:d7:c8:b1:4c:56:d4:87:f0:35:
31:1d:87:44:c3:12:32:e8:3f:76:b7:b7:40:ca:49:17:88:be:
b5:ea:45:5f:ce:59:f3:2d:19:77:67:4a:10:b3:52:45:52:c3:
a4:d7:0e:28:e3:58:f3:00:17:ab:7f:89:46:04:3e:07:50:eb:
7d:1a:12:9b:f5:c4:12:7d:9d:98:67:64:16:92:79:0d:4f:93:
04:0e:63:b5:3b:98:63:40:9a:35:8d:bb:5d:6b:6b:5f:e7:90:
d8:9b:df:17:ee:ae:36:eb:ef:e2:7c:1a:d0:d2:26:ca:8a:64:
06:2e:80:f6:c5:e3:cb:ce:d4:b0:c0:dc:00:b0:14:f9:4e:03:
2e:44:69:7e:ef:71:ee:b7:24:2a:5f:99:a2:62:96:b7:aa:8d:
e0:38:99:0a:e1:9a:e9:dd:59:02:bd:0b:5a:88:03:6f:a4:1f:
a4:bf:27:4f:21:82:b0:6e:9b:58:57:0e:34:76:54:20:9f:70:
98:bf:ea:58:75:de:4d:0f:28:3c:cc:4e:03:65:74:1b:4f:a2:
90:34:a9:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA1d8PS+0XPQpddpuFXElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWYzNjUyZTQ0NThmYTAwMWM2NzM4YTQxNDI1YjA3ZTcw
YzkxYTEwHhcNMjMwMTAyMTAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTlhNGNiNGIxMDAwZjZmYzQwYmY2YzJiYTFjYjFkZTM4NjllN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoghZ8j9Oi3v7WCJ/4heVMBylVjfT
L0/TWbE5td1T8jYKi/MDdD/inovo9LoNaeruWyaMIZeQmiTWLzk8RhoTuFOFDwy9
KaDo+Wakt7EUsqRe9omMzGjuU05xULSxwpykzuhvru/dXdF7kSBjIigc4Z9be5qK
pqeQiYrUJVxMIC+TyoTJnIn05OcaF5PV1TyRpbjxKpGzASc9qZOItAb5+pQ6ceiQ
2QDnZ90NN8/sLrrFFQU8Tkh5yAMX2h/k+dqiLrAlq0p9UIUUVAUgFrC7CKaWDy2r
aa4w+S8kAZi/8ygbbc9ugFzA5db6cZGWLnmyrStdHmrj/FgbJEg2sEPIOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6aTLSxAA9vxAv2wrocsd44aeetMB8GA1UdIwQY
MBaAFCefNlLkRY+gAcZzikFCWwfnDJGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjU4MlV1UkZqNkFCeG5PS1FVSmJCLWNNa2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iOWMyZTItMzdiNi00MmM2LWFjZGEt
ZjhlNmJmZTFhZGZiLzEvM3BwTXRMRUFEMl9FQ19iQ3VoeXgzamhwNTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iOWMyZTItMzdiNi00MmM2LWFjZGEtZjhlNmJmZTFhZGZi
LzEvSjU4MlV1UkZqNkFCeG5PS1FVSmJCLWNNa2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixxEMA0G
CSqGSIb3DQEBCwUAA4IBAQBSyxyNFylSGP2vH+xaUS4O1S+4G8Pq5CDQQbI/y0vK
1RaIS5LQSmLdpr49fonXyLFMVtSH8DUxHYdEwxIy6D92t7dAykkXiL616kVfzlnz
LRl3Z0oQs1JFUsOk1w4o41jzABerf4lGBD4HUOt9GhKb9cQSfZ2YZ2QWknkNT5ME
DmO1O5hjQJo1jbtda2tf55DYm98X7q426+/ifBrQ0ibKimQGLoD2xePLztSwwNwA
sBT5TgMuRGl+73HutyQqX5miYpa3qo3gOJkK4Zrp3VkCvQtaiANvpB+kvydPIYKw
bptYVw40dlQgn3CYv+pYdd5NDyg8zE4DZXQbT6KQNKk5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:27 2024 by rpki-client on console-fra.rpki-client.org