Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/3DzbyqDSlAgUheApZvBjqLXWIDI.roa
File: 3DzbyqDSlAgUheApZvBjqLXWIDI.roa (raw, json)
Hash identifier: ksLtoRRJNxkrugWQ3bOjZmaawmXdMPoPOS2aZJDthys=
Subject key identifier: DC:3C:DB:CA:A0:D2:94:08:14:85:E0:29:66:F0:63:A8:B5:D6:20:32
Certificate issuer: /CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
Certificate serial: 018CC6B7F64BA0358080229C39BDF3A59E0A
Authority key identifier: 69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/3DzbyqDSlAgUheApZvBjqLXWIDI.roa
Signing time: Mon 01 Jan 2024 20:29:54 +0000
ROA not before: Mon 01 Jan 2024 20:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203836
IP address blocks: 194.34.201.0/24 maxlen: 24
194.34.202.0/24 maxlen: 24
194.34.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 07:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:f6:4b:a0:35:80:80:22:9c:39:bd:f3:a5:9e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
Validity
Not Before: Jan 1 20:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc3cdbcaa0d294081485e02966f063a8b5d62032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:76:bf:c9:86:f4:9a:fe:c0:54:e8:c7:62:e4:
76:2e:c9:8d:c4:08:98:7c:eb:2a:85:88:4e:c5:e4:
ec:9f:e3:cc:7f:12:d3:09:96:22:5e:a6:3b:6b:90:
02:51:b1:db:41:35:62:98:69:5f:ce:e3:91:35:db:
43:58:b5:ae:1e:b8:d3:fc:c7:f6:fb:47:3a:f1:7e:
7d:ab:26:8f:fd:5c:27:4c:ee:d1:2f:67:30:ab:4b:
eb:5f:33:c3:0d:dc:59:ee:6b:fd:14:35:22:32:6b:
42:67:fe:92:ec:45:3f:f4:29:59:00:f8:9e:9a:ee:
01:3c:c4:d1:0d:03:5b:7b:dd:91:95:ea:03:d1:c8:
60:3d:8b:f8:64:3f:74:24:f1:ca:83:8d:7c:8f:5b:
ef:23:d7:84:a1:34:32:74:e0:7c:14:11:fb:fa:53:
2c:d3:54:5f:34:a6:ad:cc:ea:13:be:13:bb:1b:14:
2d:4b:38:10:68:4c:27:cf:74:0c:01:0f:07:23:0d:
92:f3:92:e0:d5:d4:2e:f2:36:f0:98:c8:5c:e4:13:
10:79:f6:53:98:4f:eb:7e:32:fb:ac:98:2f:10:23:
9f:40:44:a9:17:d1:22:00:dd:00:47:6d:42:5c:96:
c0:e7:38:8b:a8:55:ae:16:60:ac:47:25:72:10:82:
28:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3C:DB:CA:A0:D2:94:08:14:85:E0:29:66:F0:63:A8:B5:D6:20:32
X509v3 Authority Key Identifier:
keyid:69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/3DzbyqDSlAgUheApZvBjqLXWIDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.200.0-194.34.202.255
Signature Algorithm: sha256WithRSAEncryption
af:4b:60:2f:bb:74:8f:99:09:85:a0:6f:5e:11:e7:ee:53:ce:
18:58:15:f3:f6:50:c2:5f:9c:80:c0:ee:08:27:74:2b:81:47:
a6:7c:7e:b0:a1:13:67:fd:77:2f:2d:e1:06:2b:a8:f5:1b:65:
d2:5f:26:9e:0f:31:91:e5:d6:f9:d4:eb:50:41:1c:f0:ad:40:
54:a1:03:29:4a:de:d9:48:43:dd:a9:cf:cc:a0:67:4b:12:64:
0d:38:60:42:39:0c:08:3d:3d:5b:16:c2:0f:72:0a:cc:81:4e:
0d:f5:56:6b:ac:0b:41:e7:08:b1:f1:ef:8f:c2:7a:b5:8a:0b:
42:e1:72:16:0d:bc:7a:0d:0c:17:41:75:a1:2e:b9:2d:e5:db:
72:e7:32:f9:3f:dc:5f:5e:34:ad:ea:e8:79:d7:19:50:71:19:
63:86:6c:75:9a:9c:7c:12:1b:4d:92:b7:41:f5:ab:ed:d9:64:
de:19:fd:7b:91:1b:cd:d6:9e:2d:e4:ec:0b:8a:8a:2f:13:45:
95:5e:c0:34:6b:c5:e1:95:c2:de:42:b6:b8:60:18:13:e2:99:
f4:46:a2:3a:8d:ba:70:72:0e:c8:a5:11:21:b2:14:d0:b6:02:
ae:6e:c1:ab:b7:dc:3d:01:d8:b6:76:e5:b4:56:1b:83:5c:b3:
78:5b:d3:9c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGt/ZLoDWAgCKcOb3zpZ4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODU0YTU3YWIwZDhhM2M5MjJjOGY2YTc5YWE4ZmU4YTZh
MmMwOWUwHhcNMjQwMTAxMjAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNjZGJjYWEwZDI5NDA4MTQ4NWUwMjk2NmYwNjNhOGI1ZDYyMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwna/yYb0mv7AVOjHYuR2LsmNxAiY
fOsqhYhOxeTsn+PMfxLTCZYiXqY7a5ACUbHbQTVimGlfzuORNdtDWLWuHrjT/Mf2
+0c68X59qyaP/VwnTO7RL2cwq0vrXzPDDdxZ7mv9FDUiMmtCZ/6S7EU/9ClZAPie
mu4BPMTRDQNbe92RleoD0chgPYv4ZD90JPHKg418j1vvI9eEoTQydOB8FBH7+lMs
01RfNKatzOoTvhO7GxQtSzgQaEwnz3QMAQ8HIw2S85Lg1dQu8jbwmMhc5BMQefZT
mE/rfjL7rJgvECOfQESpF9EiAN0AR21CXJbA5ziLqFWuFmCsRyVyEIIooQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNw828qg0pQIFIXgKWbwY6i11iAyMB8GA1UdIwQY
MBaAFGmFSlerDYo8kiyPanmqj+imosCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQt
NTIzOGIwMzU0NWNhLzEvM0R6YnlxRFNsQWdVaGVBcFp2QmpxTFhXSURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQtNTIzOGIwMzU0NWNh
LzEvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPCIsgD
BADCIsowDQYJKoZIhvcNAQELBQADggEBAK9LYC+7dI+ZCYWgb14R5+5TzhhYFfP2
UMJfnIDA7ggndCuBR6Z8frChE2f9dy8t4QYrqPUbZdJfJp4PMZHl1vnU61BBHPCt
QFShAylK3tlIQ92pz8ygZ0sSZA04YEI5DAg9PVsWwg9yCsyBTg31VmusC0HnCLHx
74/CerWKC0LhchYNvHoNDBdBdaEuuS3l23LnMvk/3F9eNK3q6HnXGVBxGWOGbHWa
nHwSG02St0H1q+3ZZN4Z/XuRG83Wni3k7AuKii8TRZVewDRrxeGVwt5CtrhgGBPi
mfRGojqNunByDsilESGyFNC2Aq5uwau33D0B2LZ25bRWG4Ncs3hb05w=
-----END CERTIFICATE-----
Generated at Wed Jul 24 09:54:23 2024 by rpki-client on console-ams.rpki-client.org