Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/3AVJhz-SYHwQceBx-VK0ZSWhajw.roa
File: 3AVJhz-SYHwQceBx-VK0ZSWhajw.roa (raw, json)
Hash identifier: 1rA86T0bz/Pi//FLrClm3P+x7najzp1pTHR8+uuNS8Y=
Subject key identifier: DC:05:49:87:3F:92:60:7C:10:71:E0:71:F9:52:B4:65:25:A1:6A:3C
Certificate issuer: /CN=fb9e390bdcbd95afab4a5ff8c4ed9efc43687bd1
Certificate serial: 01856E01DF198213AC16F979E62F231DFAEF
Authority key identifier: FB:9E:39:0B:DC:BD:95:AF:AB:4A:5F:F8:C4:ED:9E:FC:43:68:7B:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-545C9y9la-rSl_4xO2e_ENoe9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/3AVJhz-SYHwQceBx-VK0ZSWhajw.roa
Signing time: Sun 01 Jan 2023 15:44:54 +0000
ROA not before: Sun 01 Jan 2023 15:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 93.191.148.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:df:19:82:13:ac:16:f9:79:e6:2f:23:1d:fa:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb9e390bdcbd95afab4a5ff8c4ed9efc43687bd1
Validity
Not Before: Jan 1 15:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc0549873f92607c1071e071f952b46525a16a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:27:b9:e5:87:94:49:28:f8:4c:4d:bd:0f:
ae:13:20:bb:66:e6:46:2d:6e:d2:c5:95:87:8d:d6:
7d:d9:a0:91:df:4c:50:0e:b2:ae:f3:bc:dc:3f:2a:
73:47:7d:09:a7:c6:fa:e3:3f:e9:00:a1:99:37:76:
f7:a0:90:02:aa:1c:a2:ed:5f:d2:d3:b0:0d:0c:e3:
a8:2f:a9:74:15:cc:cc:d5:85:a7:5e:0e:1e:90:8f:
13:48:7f:1a:44:96:8c:98:85:e2:a1:58:ed:5e:02:
dc:38:11:1d:34:14:35:d2:f9:97:ff:21:ac:26:de:
cd:0f:ef:b3:d0:78:3d:03:7e:21:38:61:27:e3:b7:
d6:47:3c:af:56:e8:0b:c1:da:e2:d1:bd:75:2e:01:
65:1f:6c:2d:51:e0:61:27:b5:87:9c:67:91:81:cb:
6b:6c:10:5b:ff:10:03:06:f6:e1:a4:4d:8a:89:30:
f3:59:b9:ff:e6:55:a4:1a:ac:e8:00:4f:47:c8:c8:
80:c7:53:84:c8:27:23:2a:3f:e1:ce:68:fe:72:0b:
5b:25:2c:b8:a7:aa:b4:12:b7:09:39:59:27:7a:eb:
71:58:b0:4b:ea:1a:74:9b:68:f1:d2:fb:df:6e:12:
db:55:d6:ac:be:1d:8e:fa:3c:b3:d9:5b:75:99:b2:
2e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:05:49:87:3F:92:60:7C:10:71:E0:71:F9:52:B4:65:25:A1:6A:3C
X509v3 Authority Key Identifier:
keyid:FB:9E:39:0B:DC:BD:95:AF:AB:4A:5F:F8:C4:ED:9E:FC:43:68:7B:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-545C9y9la-rSl_4xO2e_ENoe9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/3AVJhz-SYHwQceBx-VK0ZSWhajw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/1-545C9y9la-rSl_4xO2e_ENoe9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.148.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:90:50:51:9b:cd:74:e9:25:83:2c:e4:dd:5c:67:18:ca:80:
16:3a:4b:21:f7:f2:45:a0:79:5c:75:21:80:79:15:df:03:6f:
81:b2:ad:ac:38:b7:bc:77:1a:6e:9d:a4:d2:17:4d:26:dd:d0:
e2:7f:1b:7b:ed:75:04:77:67:b1:fe:89:90:60:a8:27:0e:9c:
04:09:6a:54:44:ee:f9:15:f7:b9:b8:58:ae:d7:f1:ef:8b:fb:
44:12:a1:cc:c4:6a:a0:13:78:6c:99:09:f7:91:c0:a2:36:19:
2c:8d:09:f9:f1:e7:bb:af:0c:f1:68:5f:23:15:f7:13:24:cc:
ea:dc:da:3f:c6:20:61:d4:00:7d:82:aa:82:de:f8:25:2d:c9:
94:27:04:48:60:f3:92:88:ff:9f:ed:52:e7:9e:43:1d:25:5b:
98:0f:04:9e:86:44:b6:bd:8f:e5:63:b2:06:ac:42:1c:75:b6:
ae:71:bf:8b:4e:24:d2:ce:79:2f:fa:8a:2d:92:5c:16:d5:f1:
fc:94:85:a4:e4:57:1c:c4:91:c7:85:42:6a:16:b8:1c:18:e7:
51:97:0b:64:85:4f:f2:f5:f5:db:63:e4:4e:e6:19:09:d1:0b:
6a:ba:f6:e9:ba:60:b6:8c:ab:6d:82:47:49:13:04:0d:5c:4c:
5f:93:d2:60
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVuAd8ZghOsFvl55i8jHfrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOWUzOTBiZGNiZDk1YWZhYjRhNWZmOGM0ZWQ5ZWZjNDM2
ODdiZDEwHhcNMjMwMTAxMTU0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzA1NDk4NzNmOTI2MDdjMTA3MWUwNzFmOTUyYjQ2NTI1YTE2YTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ0nueWHlEko+ExNvQ+uEyC7ZuZG
LW7SxZWHjdZ92aCR30xQDrKu87zcPypzR30Jp8b64z/pAKGZN3b3oJACqhyi7V/S
07ANDOOoL6l0FczM1YWnXg4ekI8TSH8aRJaMmIXioVjtXgLcOBEdNBQ10vmX/yGs
Jt7ND++z0Hg9A34hOGEn47fWRzyvVugLwdri0b11LgFlH2wtUeBhJ7WHnGeRgctr
bBBb/xADBvbhpE2KiTDzWbn/5lWkGqzoAE9HyMiAx1OEyCcjKj/hzmj+cgtbJSy4
p6q0ErcJOVkneutxWLBL6hp0m2jx0vvfbhLbVdasvh2O+jyz2Vt1mbIuSwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNwFSYc/kmB8EHHgcflStGUloWo8MB8GA1UdIwQY
MBaAFPueOQvcvZWvq0pf+MTtnvxDaHvRMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01NDVDOXk5bGEtclNsXzR4TzJlX0VOb2U5RS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQvZDkwMmNhLWNkZjMtNGYyOS1iMjMy
LTcyNDI2ZDkyNjAxYi8xLzNBVkpoei1TWUh3UWNlQngtVkswWlNXaGFqdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvZDkwMmNhLWNkZjMtNGYyOS1iMjMyLTcyNDI2ZDkyNjAx
Yi8xLzEtNTQ1Qzl5OWxhLXJTbF80eE8yZV9FTm9lOUUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFdv5Qw
DQYJKoZIhvcNAQELBQADggEBADyQUFGbzXTpJYMs5N1cZxjKgBY6SyH38kWgeVx1
IYB5Fd8Db4Gyraw4t7x3Gm6dpNIXTSbd0OJ/G3vtdQR3Z7H+iZBgqCcOnAQJalRE
7vkV97m4WK7X8e+L+0QSoczEaqATeGyZCfeRwKI2GSyNCfnx57uvDPFoXyMV9xMk
zOrc2j/GIGHUAH2CqoLe+CUtyZQnBEhg85KI/5/tUueeQx0lW5gPBJ6GRLa9j+Vj
sgasQhx1tq5xv4tOJNLOeS/6ii2SXBbV8fyUhaTkVxzEkceFQmoWuBwY51GXC2SF
T/L19dtj5E7mGQnRC2q69um6YLaMq22CR0kTBA1cTF+T0mA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:52 2024 by rpki-client on console-ams.rpki-client.org