Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/3lC4RtQowFbwgoBLD3YMn-sLTMs.roa
File: 3lC4RtQowFbwgoBLD3YMn-sLTMs.roa (raw, json)
Hash identifier: zKIF+qIg6ylusBUZKnpiAls5/41JBiQXJfIfCRumXIg=
Subject key identifier: DE:50:B8:46:D4:28:C0:56:F0:82:80:4B:0F:76:0C:9F:EB:0B:4C:CB
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 018CC801A18C43AE9F98A9B01E6164813AB9
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/3lC4RtQowFbwgoBLD3YMn-sLTMs.roa
Signing time: Tue 02 Jan 2024 02:29:59 +0000
ROA not before: Tue 02 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203392
IP address blocks: 185.140.233.0/24 maxlen: 24
45.148.249.0/24 maxlen: 24
45.86.4.0/24 maxlen: 24
45.86.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jul 2024 08:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a1:8c:43:ae:9f:98:a9:b0:1e:61:64:81:3a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Jan 2 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de50b846d428c056f082804b0f760c9feb0b4ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dc:71:51:4e:2c:79:7c:da:92:66:17:49:b7:
a4:d3:bd:de:cf:5f:02:f1:56:71:ae:d6:12:41:f9:
a2:9d:7c:b1:59:34:12:c1:bf:36:3b:d4:c6:09:35:
e8:59:da:fc:cd:80:28:a8:4d:ad:af:06:42:c8:c5:
bd:92:c8:c4:41:68:28:9c:fd:3b:55:2a:65:7b:b6:
db:1c:fb:b3:9b:28:f8:4a:01:17:ce:5f:b2:10:49:
c8:5c:06:4d:b2:ed:ba:e9:f9:9a:47:0a:d8:e8:f6:
55:fb:31:03:c3:09:84:d4:d4:6e:27:97:36:39:14:
39:41:8c:94:5c:9e:dc:c9:7e:7a:50:d3:56:38:29:
cc:61:3e:ed:21:f7:23:6e:f1:69:74:53:eb:6d:4d:
43:89:fe:7e:1d:46:fd:9b:37:a7:ff:14:64:49:de:
67:61:71:a4:5c:34:c2:56:1f:68:38:0c:bb:00:a1:
ff:e0:be:e3:51:6c:c7:5c:9d:0a:4e:b5:9b:ab:5a:
b9:3b:c4:9c:73:09:8b:06:b5:c0:4a:34:7b:e0:62:
09:35:29:d1:c3:29:af:e1:01:1d:b9:e1:e6:05:20:
02:31:dc:c9:07:c9:1a:80:16:bb:7b:bd:22:35:eb:
0f:e0:22:29:be:f5:33:ed:55:06:69:d8:15:b4:73:
fb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:50:B8:46:D4:28:C0:56:F0:82:80:4B:0F:76:0C:9F:EB:0B:4C:CB
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/3lC4RtQowFbwgoBLD3YMn-sLTMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.4.0/23
45.148.249.0/24
185.140.233.0/24
Signature Algorithm: sha256WithRSAEncryption
12:a9:8d:38:f7:8f:64:d2:cd:12:aa:43:68:e1:0a:f8:aa:88:
b6:65:04:64:26:c5:b9:35:82:d7:01:e9:13:b9:1b:13:2c:51:
73:33:3c:5b:f1:5d:33:d6:cc:1c:0e:30:59:a5:7e:08:a8:ab:
18:73:f0:86:9c:c2:f2:0e:7c:65:87:e7:59:f8:78:76:72:6d:
0b:39:49:d6:f7:8a:3d:45:21:e4:00:4d:ed:18:4f:4f:d6:ad:
0b:21:a5:af:aa:f0:16:93:41:af:db:b7:34:88:b6:23:ac:54:
9f:73:77:17:61:cc:38:dd:49:b9:c7:57:3c:58:0a:38:ab:9f:
0b:50:3e:6c:0d:fe:d8:1c:e6:d1:2a:c5:6d:a3:db:d3:13:e4:
5e:7e:87:20:51:53:97:9f:dd:a1:67:7b:fa:bc:94:ef:9b:d2:
52:7e:82:5f:bb:b3:a4:3d:06:53:f6:41:0a:be:9e:9a:39:24:
57:7e:57:79:00:84:e8:60:72:51:1d:06:b2:e7:e7:59:83:a7:
fe:36:7e:10:43:85:80:09:b3:fa:39:45:b2:72:a5:05:c7:d0:
d5:64:a7:b9:c9:82:36:8c:0e:ec:68:d9:f5:fa:f7:c1:86:a2:
f1:c4:84:da:d2:c8:c0:2a:5d:63:cb:1d:20:18:9b:a0:67:3f:
ee:af:66:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAaGMQ66fmKmwHmFkgTq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUwYjg0NmQ0MjhjMDU2ZjA4MjgwNGIwZjc2MGM5ZmViMGI0Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNxxUU4seXzakmYXSbek073ez18C
8VZxrtYSQfminXyxWTQSwb82O9TGCTXoWdr8zYAoqE2trwZCyMW9ksjEQWgonP07
VSple7bbHPuzmyj4SgEXzl+yEEnIXAZNsu266fmaRwrY6PZV+zEDwwmE1NRuJ5c2
ORQ5QYyUXJ7cyX56UNNWOCnMYT7tIfcjbvFpdFPrbU1Dif5+HUb9mzen/xRkSd5n
YXGkXDTCVh9oOAy7AKH/4L7jUWzHXJ0KTrWbq1q5O8SccwmLBrXASjR74GIJNSnR
wymv4QEdueHmBSACMdzJB8kagBa7e70iNesP4CIpvvUz7VUGadgVtHP7nQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN5QuEbUKMBW8IKASw92DJ/rC0zLMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvM2xDNFJ0UW93RmJ3Z29CTEQzWU1uLXNMVE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVYEAwQA
LZT5AwQAuYzpMA0GCSqGSIb3DQEBCwUAA4IBAQASqY04949k0s0SqkNo4Qr4qoi2
ZQRkJsW5NYLXAekTuRsTLFFzMzxb8V0z1swcDjBZpX4IqKsYc/CGnMLyDnxlh+dZ
+Hh2cm0LOUnW94o9RSHkAE3tGE9P1q0LIaWvqvAWk0Gv27c0iLYjrFSfc3cXYcw4
3Um5x1c8WAo4q58LUD5sDf7YHObRKsVto9vTE+RefocgUVOXn92hZ3v6vJTvm9JS
foJfu7OkPQZT9kEKvp6aOSRXfld5AIToYHJRHQay5+dZg6f+Nn4QQ4WACbP6OUWy
cqUFx9DVZKe5yYI2jA7saNn1+vfBhqLxxITa0sjAKl1jyx0gGJugZz/ur2ZS
-----END CERTIFICATE-----
Generated at Sat Jul 13 09:58:00 2024 by rpki-client on console-ams.rpki-client.org