Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/3QFkNBs8qMkccbOPihYFgoHjPC4.roa
File: 3QFkNBs8qMkccbOPihYFgoHjPC4.roa (raw, json)
Hash identifier: rYoKI6ElQgWmyJAloVy3mB33Wq6XI4MylUPew9TQBmg=
Subject key identifier: DD:01:64:34:1B:3C:A8:C9:1C:71:B3:8F:8A:16:05:82:81:E3:3C:2E
Certificate issuer: /CN=3a34889251e7cb133e906c70891ba1a0495ed860
Certificate serial: 018571A7AD494F9DAE3FE28969D9725A5069
Authority key identifier: 3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/3QFkNBs8qMkccbOPihYFgoHjPC4.roa
Signing time: Mon 02 Jan 2023 08:44:52 +0000
ROA not before: Mon 02 Jan 2023 08:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 185.195.60.0/24 maxlen: 24
185.240.79.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:ad:49:4f:9d:ae:3f:e2:89:69:d9:72:5a:50:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a34889251e7cb133e906c70891ba1a0495ed860
Validity
Not Before: Jan 2 08:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd0164341b3ca8c91c71b38f8a16058281e33c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bc:19:52:0f:be:11:e5:bc:b0:bc:c5:da:5d:
cb:a0:fb:31:2b:c5:0a:3a:5c:71:ec:55:3a:53:43:
45:70:b7:3f:83:75:97:71:3f:eb:76:c1:2f:97:cd:
4a:7b:42:aa:1e:86:9d:0f:79:79:f5:b8:f2:b0:3d:
9c:dc:25:97:12:77:80:b0:fa:35:7f:b0:d9:9d:95:
e8:76:f2:c4:55:38:93:ea:7a:02:4a:13:06:33:6b:
61:a3:13:2a:4f:b2:a4:d7:d6:f3:fd:d8:e2:7a:88:
0c:a6:ee:de:25:ca:d7:31:06:26:e0:c9:4e:2e:88:
6a:10:f2:3c:4a:0c:c4:1f:ee:b1:05:ab:b4:8e:4d:
23:a2:48:dc:1b:53:92:6b:5b:37:6b:83:19:78:46:
2a:06:07:9e:a6:37:49:78:5b:59:db:bb:ad:52:97:
17:f4:18:8a:da:37:d4:54:f2:bc:2c:38:32:31:90:
eb:0f:5a:bb:b4:98:d7:71:62:97:32:d7:fa:d3:16:
42:db:65:bc:5d:4a:df:12:7a:10:c7:ed:7d:1b:af:
b2:35:42:93:00:e4:26:18:16:a1:d9:ec:98:81:5e:
a7:dd:b6:6c:6d:17:f6:0f:a0:00:fe:95:2e:1e:c4:
58:f6:33:14:95:3a:45:f5:5f:99:3d:81:23:9a:5a:
af:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:01:64:34:1B:3C:A8:C9:1C:71:B3:8F:8A:16:05:82:81:E3:3C:2E
X509v3 Authority Key Identifier:
keyid:3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/3QFkNBs8qMkccbOPihYFgoHjPC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.60.0/24
185.240.79.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:2b:21:ed:2d:c5:3c:d6:c3:da:77:bb:84:aa:33:77:74:57:
93:55:54:a1:f7:cc:71:35:f1:ba:67:1d:74:c2:2a:9b:8f:87:
c2:7a:c0:11:c4:77:94:b4:c6:df:21:86:07:c9:80:26:f9:b6:
40:fd:70:ce:8b:be:bc:97:a5:42:44:35:ed:32:4d:2a:63:65:
64:e9:a1:f0:fa:27:12:a5:8b:11:38:9f:74:1f:d8:b0:97:68:
9a:3d:b7:79:f3:24:82:61:b9:25:75:8f:8d:b8:28:49:54:97:
17:a3:14:41:bb:73:a6:ec:8e:31:8a:1c:a8:19:7c:fe:11:07:
ec:78:72:b4:9f:24:71:dd:62:b6:21:63:03:73:ec:0e:6c:a8:
d2:6b:a9:86:b1:be:b0:e5:9d:95:a2:d6:57:3d:30:22:34:76:
b8:04:ff:b6:19:be:35:79:24:f2:ec:4a:b8:71:c4:cc:54:9c:
50:81:ce:fd:e8:cc:96:db:92:f3:f0:1b:8a:8b:b0:b7:6c:8e:
2e:58:e6:b5:48:ca:4e:37:ea:05:31:7e:49:e7:2a:35:2a:e7:
0e:92:ca:61:5f:5e:d9:90:44:28:1f:21:ac:f4:ff:17:1a:1d:
65:7d:c2:1a:d1:1d:2f:44:9a:f9:77:e7:0a:a2:0f:05:47:e6:
65:28:05:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp61JT52uP+KJadlyWlBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMzQ4ODkyNTFlN2NiMTMzZTkwNmM3MDg5MWJhMWEwNDk1
ZWQ4NjAwHhcNMjMwMTAyMDg0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDAxNjQzNDFiM2NhOGM5MWM3MWIzOGY4YTE2MDU4MjgxZTMzYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbwZUg++EeW8sLzF2l3LoPsxK8UK
Olxx7FU6U0NFcLc/g3WXcT/rdsEvl81Ke0KqHoadD3l59bjysD2c3CWXEneAsPo1
f7DZnZXodvLEVTiT6noCShMGM2thoxMqT7Kk19bz/djieogMpu7eJcrXMQYm4MlO
LohqEPI8SgzEH+6xBau0jk0jokjcG1OSa1s3a4MZeEYqBgeepjdJeFtZ27utUpcX
9BiK2jfUVPK8LDgyMZDrD1q7tJjXcWKXMtf60xZC22W8XUrfEnoQx+19G6+yNUKT
AOQmGBah2eyYgV6n3bZsbRf2D6AA/pUuHsRY9jMUlTpF9V+ZPYEjmlqvuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN0BZDQbPKjJHHGzj4oWBYKB4zwuMB8GA1UdIwQY
MBaAFDo0iJJR58sTPpBscIkboaBJXthgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMt
ODRmOWVkODdhYzMxLzEvM1FGa05CczhxTWtjY2JPUGloWUZnb0hqUEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMtODRmOWVkODdhYzMx
LzEvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucM8AwQA
ufBPMA0GCSqGSIb3DQEBCwUAA4IBAQCqKyHtLcU81sPad7uEqjN3dFeTVVSh98xx
NfG6Zx10wiqbj4fCesARxHeUtMbfIYYHyYAm+bZA/XDOi768l6VCRDXtMk0qY2Vk
6aHw+icSpYsROJ90H9iwl2iaPbd58ySCYbkldY+NuChJVJcXoxRBu3Om7I4xihyo
GXz+EQfseHK0nyRx3WK2IWMDc+wObKjSa6mGsb6w5Z2VotZXPTAiNHa4BP+2Gb41
eSTy7Eq4ccTMVJxQgc796MyW25Lz8BuKi7C3bI4uWOa1SMpON+oFMX5J5yo1KucO
ksphX17ZkEQoHyGs9P8XGh1lfcIa0R0vRJr5d+cKog8FR+ZlKAUU
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:07 2024 by rpki-client on console-ams.rpki-client.org