Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9f379d-51dc-42a8-b2cc-1d1fe2784e24/1/3hc9y9c7W_Sp3o4Js7xg-kH30QE.roa
File: 3hc9y9c7W_Sp3o4Js7xg-kH30QE.roa (raw, json)
Hash identifier: 6bo5bPT2MzXExkdQ8jdtiWm0/0QRQBBRJpeURa5uDvk=
Subject key identifier: DE:17:3D:CB:D7:3B:5B:F4:A9:DE:8E:09:B3:BC:60:FA:41:F7:D1:01
Certificate issuer: /CN=1e2ecaec8a4865046594c6f7f2109520016f0eb7
Certificate serial: 01856E38BE3198CB226AD08D1E888232F839
Authority key identifier: 1E:2E:CA:EC:8A:48:65:04:65:94:C6:F7:F2:10:95:20:01:6F:0E:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hi7K7IpIZQRllMb38hCVIAFvDrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/9f379d-51dc-42a8-b2cc-1d1fe2784e24/1/3hc9y9c7W_Sp3o4Js7xg-kH30QE.roa
Signing time: Sun 01 Jan 2023 16:44:50 +0000
ROA not before: Sun 01 Jan 2023 16:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50980
IP address blocks: 185.133.196.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:be:31:98:cb:22:6a:d0:8d:1e:88:82:32:f8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e2ecaec8a4865046594c6f7f2109520016f0eb7
Validity
Not Before: Jan 1 16:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de173dcbd73b5bf4a9de8e09b3bc60fa41f7d101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a9:9b:40:1c:53:71:66:f3:9e:53:be:63:50:
fa:f1:52:2a:d4:77:3c:bf:39:d1:b1:9e:40:f3:09:
4e:4a:4a:b5:a7:b8:c9:3a:88:70:6e:48:07:a6:a6:
06:2b:28:d6:f4:44:b5:28:74:d5:e5:ba:88:cc:9d:
a7:8b:21:38:76:a7:eb:e1:41:1d:e7:d9:8c:aa:68:
8c:d2:d5:77:3a:d6:7f:6c:29:01:8b:b1:29:1d:c0:
1e:dc:32:5c:47:0e:90:c3:58:c6:3d:50:1f:04:fb:
8b:c9:8b:af:c8:55:20:7c:68:a5:e6:14:d4:0d:53:
2d:a1:d3:fe:48:5d:27:9d:16:69:25:b3:0a:8f:7d:
ee:68:d2:0b:87:df:48:4f:70:61:92:66:ba:b5:9a:
af:53:6a:2e:44:ce:38:d8:f0:09:48:85:98:6a:a0:
72:33:0d:7a:ec:ca:39:a3:af:fb:0d:0d:a0:d9:4b:
5d:02:8e:d5:54:2a:08:e9:bc:8d:18:00:13:81:f5:
5b:6e:a7:03:20:5a:ff:fb:e0:a5:ac:45:1b:52:d3:
ee:d1:d6:6a:77:29:6e:16:c5:d6:94:09:0b:fe:94:
dd:6a:e6:0d:c0:79:92:95:62:93:57:ff:57:b8:88:
03:fe:c5:ab:a1:11:c1:19:07:28:98:72:07:6a:e0:
7f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:17:3D:CB:D7:3B:5B:F4:A9:DE:8E:09:B3:BC:60:FA:41:F7:D1:01
X509v3 Authority Key Identifier:
keyid:1E:2E:CA:EC:8A:48:65:04:65:94:C6:F7:F2:10:95:20:01:6F:0E:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hi7K7IpIZQRllMb38hCVIAFvDrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9f379d-51dc-42a8-b2cc-1d1fe2784e24/1/3hc9y9c7W_Sp3o4Js7xg-kH30QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9f379d-51dc-42a8-b2cc-1d1fe2784e24/1/Hi7K7IpIZQRllMb38hCVIAFvDrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.196.0/22
Signature Algorithm: sha256WithRSAEncryption
01:43:53:ae:11:5f:7b:90:4e:54:60:15:7a:8a:9b:03:12:78:
af:92:5f:8c:a9:8e:61:f7:e4:04:c6:b4:db:55:82:cb:df:9f:
c3:56:48:44:83:19:82:be:0d:35:e2:d9:a1:c6:20:53:d2:01:
d9:fb:6a:54:f4:6c:8e:f3:92:c4:48:6e:0e:3b:6d:27:d1:f0:
43:f6:42:c0:63:b5:30:f5:e0:d9:39:56:77:ea:cf:a2:cf:60:
3c:af:5d:96:20:f4:8a:61:40:ed:63:3f:f4:eb:ff:1e:a0:15:
21:a5:ec:7b:a6:ad:8b:3f:9e:eb:78:8d:62:95:d8:b9:ed:e9:
ff:ee:66:3b:f7:86:6c:d6:fe:fb:1b:70:56:e6:42:d1:56:57:
16:11:d9:5b:54:41:14:16:bd:c1:59:f5:c8:5b:24:44:92:b8:
79:28:b8:a6:2d:a2:56:54:d2:64:80:db:e5:99:1c:a5:30:3b:
98:e8:95:d2:fb:e3:87:dd:9a:2d:9f:52:cd:93:0c:4e:61:35:
e7:52:6f:d9:8e:b5:d2:c9:5c:37:52:bc:01:6c:66:a2:52:b8:
a1:ed:fb:ff:0a:7f:3b:f0:2a:ad:a1:0a:4b:a0:c7:6c:cb:75:
b0:9e:98:68:0e:45:f7:13:ed:f5:8e:09:cc:79:96:6f:c7:48:
5a:9e:59:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOL4xmMsiatCNHoiCMvg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMmVjYWVjOGE0ODY1MDQ2NTk0YzZmN2YyMTA5NTIwMDE2
ZjBlYjcwHhcNMjMwMTAxMTY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE3M2RjYmQ3M2I1YmY0YTlkZThlMDliM2JjNjBmYTQxZjdkMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqmbQBxTcWbznlO+Y1D68VIq1Hc8
vznRsZ5A8wlOSkq1p7jJOohwbkgHpqYGKyjW9ES1KHTV5bqIzJ2niyE4dqfr4UEd
59mMqmiM0tV3OtZ/bCkBi7EpHcAe3DJcRw6Qw1jGPVAfBPuLyYuvyFUgfGil5hTU
DVMtodP+SF0nnRZpJbMKj33uaNILh99IT3Bhkma6tZqvU2ouRM442PAJSIWYaqBy
Mw167Mo5o6/7DQ2g2UtdAo7VVCoI6byNGAATgfVbbqcDIFr/++ClrEUbUtPu0dZq
dyluFsXWlAkL/pTdauYNwHmSlWKTV/9XuIgD/sWroRHBGQcomHIHauB/pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4XPcvXO1v0qd6OCbO8YPpB99EBMB8GA1UdIwQY
MBaAFB4uyuyKSGUEZZTG9/IQlSABbw63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGk3SzdJcElaUVJsbE1iMzhoQ1ZJQUZ2RHJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85ZjM3OWQtNTFkYy00MmE4LWIyY2Mt
MWQxZmUyNzg0ZTI0LzEvM2hjOXk5YzdXX1NwM280SnM3eGcta0gzMFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85ZjM3OWQtNTFkYy00MmE4LWIyY2MtMWQxZmUyNzg0ZTI0
LzEvSGk3SzdJcElaUVJsbE1iMzhoQ1ZJQUZ2RHJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYXEMA0G
CSqGSIb3DQEBCwUAA4IBAQABQ1OuEV97kE5UYBV6ipsDEnivkl+MqY5h9+QExrTb
VYLL35/DVkhEgxmCvg014tmhxiBT0gHZ+2pU9GyO85LESG4OO20n0fBD9kLAY7Uw
9eDZOVZ36s+iz2A8r12WIPSKYUDtYz/06/8eoBUhpex7pq2LP57reI1ildi57en/
7mY794Zs1v77G3BW5kLRVlcWEdlbVEEUFr3BWfXIWyREkrh5KLimLaJWVNJkgNvl
mRylMDuY6JXS++OH3Zotn1LNkwxOYTXnUm/ZjrXSyVw3UrwBbGaiUrih7fv/Cn87
8CqtoQpLoMdsy3WwnphoDkX3E+31jgnMeZZvx0hanln2
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:59 2024 by rpki-client on console-fra.rpki-client.org