Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/3Naj4npacli_o-2BOSpGQCN16Nw.roa
File: 3Naj4npacli_o-2BOSpGQCN16Nw.roa (raw, json)
Hash identifier: 8nA9Fr0WyLF/mwnNRf12wh+QeJlRQXtMtMrP2H8FdI8=
Subject key identifier: DC:D6:A3:E2:7A:5A:72:58:BF:A3:ED:81:39:2A:46:40:23:75:E8:DC
Certificate issuer: /CN=621310302018a387c692146a35efd33a6ed6b1ef
Certificate serial: 0189BB96538618A1E56531666AB9EE14DEDF
Authority key identifier: 62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/3Naj4npacli_o-2BOSpGQCN16Nw.roa
Signing time: Thu 03 Aug 2023 13:28:58 +0000
ROA not before: Thu 03 Aug 2023 13:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.179.91.0/24 maxlen: 24
185.151.146.0/24 maxlen: 24
185.99.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 04:45:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:96:53:86:18:a1:e5:65:31:66:6a:b9:ee:14:de:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=621310302018a387c692146a35efd33a6ed6b1ef
Validity
Not Before: Aug 3 13:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd6a3e27a5a7258bfa3ed81392a46402375e8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:94:20:6f:bc:e6:ba:87:9d:05:79:5d:c1:c0:
b4:ab:14:10:0a:37:82:29:e8:f1:ae:60:84:2c:6d:
fe:0a:d7:0b:b6:90:57:d4:58:60:20:2c:cd:f2:92:
6f:6b:de:73:b8:8a:dc:45:0e:34:19:2d:0a:57:46:
96:e6:ac:b0:20:0d:99:95:c5:cd:77:d2:33:f2:b6:
f5:f0:c8:bf:ce:b1:3e:ab:71:ad:33:4c:0c:83:6e:
b2:1a:24:14:01:a3:c9:a2:7b:e7:39:0a:71:59:ec:
d4:bb:62:25:90:30:82:57:d4:c4:d0:95:49:f8:2d:
06:a1:15:20:fe:58:ee:79:f2:c7:ee:3c:88:2b:68:
fc:b1:92:52:61:07:62:f3:e4:9c:4c:f7:4b:e4:a6:
ca:5b:9f:a9:bd:3c:2c:5b:b3:e7:6e:6c:35:9d:e4:
f5:3a:6b:ae:31:32:b2:78:c2:64:0c:76:78:4b:0e:
a9:3a:57:8c:c7:69:6f:33:e6:81:4b:dc:da:a9:9f:
78:8f:59:bc:47:4b:2c:f2:80:b6:3d:8e:86:57:c0:
aa:42:a0:93:50:19:e5:d8:b6:d3:b7:38:57:07:e5:
28:ed:09:9b:4d:d6:ae:6e:1d:66:a4:9f:74:70:4a:
38:e5:24:7e:af:4d:ff:8b:2d:81:9e:bc:8a:64:8a:
f6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D6:A3:E2:7A:5A:72:58:BF:A3:ED:81:39:2A:46:40:23:75:E8:DC
X509v3 Authority Key Identifier:
keyid:62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/3Naj4npacli_o-2BOSpGQCN16Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.20.0/24
185.151.146.0/24
185.179.91.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:31:dc:5c:d2:39:c3:7c:2c:bd:48:73:c0:30:a2:da:5a:a3:
1d:85:07:06:75:ce:9e:b2:71:08:65:fc:e3:81:f8:be:10:96:
56:73:49:4f:d4:bf:db:9e:55:63:07:4c:7e:6e:a5:96:a7:11:
01:04:64:a8:88:81:2d:cc:79:61:13:72:e1:27:f6:77:75:2c:
c1:1f:21:9b:bf:e9:c5:a0:58:be:73:3f:95:60:df:de:e6:b0:
a0:69:c0:f9:2a:da:dc:15:f4:e4:43:b6:c9:7b:9a:97:04:89:
b7:95:be:45:1e:e9:13:d7:23:1d:fe:b7:6c:07:ea:88:84:97:
f2:80:0c:8d:8f:47:7e:e6:48:47:22:19:86:56:d5:a3:3b:a9:
b7:5c:51:dc:d5:57:32:92:56:c9:3a:0a:a4:04:c2:a4:9f:8d:
84:2b:b5:80:58:45:aa:fc:00:6b:30:15:4d:6f:76:f0:48:71:
ab:c8:5d:21:82:9e:a5:86:95:8f:eb:c7:57:7d:c8:80:36:c3:
ed:1e:a6:00:44:e1:5f:5e:c3:4a:02:c4:05:4c:0d:c4:c1:07:
11:4c:ef:f6:4e:20:a4:72:54:db:e7:c6:51:44:9b:80:9d:51:
0d:a8:95:6c:e8:3d:45:97:2b:26:a2:88:42:d9:18:a2:c6:82:
87:54:d9:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm7llOGGKHlZTFmarnuFN7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTMxMDMwMjAxOGEzODdjNjkyMTQ2YTM1ZWZkMzNhNmVk
NmIxZWYwHhcNMjMwODAzMTMyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q2YTNlMjdhNWE3MjU4YmZhM2VkODEzOTJhNDY0MDIzNzVlOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZQgb7zmuoedBXldwcC0qxQQCjeC
KejxrmCELG3+CtcLtpBX1FhgICzN8pJva95zuIrcRQ40GS0KV0aW5qywIA2ZlcXN
d9Iz8rb18Mi/zrE+q3GtM0wMg26yGiQUAaPJonvnOQpxWezUu2IlkDCCV9TE0JVJ
+C0GoRUg/ljuefLH7jyIK2j8sZJSYQdi8+ScTPdL5KbKW5+pvTwsW7Pnbmw1neT1
OmuuMTKyeMJkDHZ4Sw6pOleMx2lvM+aBS9zaqZ94j1m8R0ss8oC2PY6GV8CqQqCT
UBnl2LbTtzhXB+Uo7QmbTdaubh1mpJ90cEo45SR+r03/iy2BnryKZIr2rwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNzWo+J6WnJYv6PtgTkqRkAjdejcMB8GA1UdIwQY
MBaAFGITEDAgGKOHxpIUajXv0zpu1rHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjIt
YmU1N2Q3ZGZhMGRlLzEvM05hajRucGFjbGlfby0yQk9TcEdRQ04xNk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjItYmU1N2Q3ZGZhMGRl
LzEvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWMUAwQA
uZeSAwQAubNbMA0GCSqGSIb3DQEBCwUAA4IBAQCKMdxc0jnDfCy9SHPAMKLaWqMd
hQcGdc6esnEIZfzjgfi+EJZWc0lP1L/bnlVjB0x+bqWWpxEBBGSoiIEtzHlhE3Lh
J/Z3dSzBHyGbv+nFoFi+cz+VYN/e5rCgacD5KtrcFfTkQ7bJe5qXBIm3lb5FHukT
1yMd/rdsB+qIhJfygAyNj0d+5khHIhmGVtWjO6m3XFHc1VcyklbJOgqkBMKkn42E
K7WAWEWq/ABrMBVNb3bwSHGryF0hgp6lhpWP68dXfciANsPtHqYAROFfXsNKAsQF
TA3EwQcRTO/2TiCkclTb58ZRRJuAnVENqJVs6D1FlysmoohC2RiixoKHVNlV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:42 2024 by rpki-client on console-ams.rpki-client.org