Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3rx_h_uYzBKgJrMD3zI_ktLFSP8.roa
File: 3rx_h_uYzBKgJrMD3zI_ktLFSP8.roa (raw, json)
Hash identifier: IIBQnQYlajMZQ5Q+O/8oRwKxY1KN4GY2PYl3iycHtrg=
Subject key identifier: DE:BC:7F:87:FB:98:CC:12:A0:26:B3:03:DF:32:3F:92:D2:C5:48:FF
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018F5E54577C1549A28523A1CC8785646345
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3rx_h_uYzBKgJrMD3zI_ktLFSP8.roa
Signing time: Thu 09 May 2024 17:08:56 +0000
ROA not before: Thu 09 May 2024 17:08:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 188.209.133.0/24 maxlen: 24
188.209.136.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 07:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:54:57:7c:15:49:a2:85:23:a1:cc:87:85:64:63:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 9 17:08:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=debc7f87fb98cc12a026b303df323f92d2c548ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bd:b6:c2:6a:f2:d7:36:80:f8:9e:c1:cc:84:
3e:16:2d:a5:5a:25:26:57:17:55:3e:df:78:25:48:
4f:ab:df:c5:8a:79:3b:cf:fd:1d:35:c4:2f:2e:74:
e2:b9:f1:0a:29:09:56:41:03:03:a3:86:96:98:61:
58:7b:2b:f7:81:e8:8a:99:b1:d2:40:bb:95:ae:4c:
62:99:78:06:8f:ff:d5:05:03:43:96:d5:95:bc:7f:
53:ad:ea:71:04:49:59:df:81:69:93:da:f3:72:e2:
b1:d7:00:95:09:99:56:1d:c0:c7:fa:d7:29:1e:de:
3b:12:31:1d:bd:8c:02:19:13:6e:82:07:c4:10:3e:
06:86:c2:f2:6c:42:e4:bb:65:3f:f6:17:75:e3:19:
83:ee:38:f6:3c:67:b7:51:84:c6:ed:c1:87:6b:e7:
91:92:db:0a:d3:a5:8f:cc:cf:a4:4a:d1:13:de:56:
bf:5c:b5:a2:ae:94:45:82:67:79:5c:96:1f:72:b3:
51:14:58:7b:29:39:04:26:81:8f:a7:ec:17:fa:c0:
c0:71:6a:4c:ab:52:1b:d1:f5:f7:f8:83:f8:70:60:
03:2c:08:23:74:1d:06:29:79:65:fe:d4:53:04:84:
d7:ed:f6:31:68:17:b3:75:b1:41:91:2c:88:2f:ec:
70:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BC:7F:87:FB:98:CC:12:A0:26:B3:03:DF:32:3F:92:D2:C5:48:FF
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3rx_h_uYzBKgJrMD3zI_ktLFSP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.133.0/24
188.209.136.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:28:9a:2f:f7:46:44:09:27:4b:b7:b9:55:75:ae:04:9d:6b:
99:3a:be:2f:80:be:43:c4:d1:8a:d4:80:74:35:41:af:a2:9a:
d9:05:91:56:fb:6d:0c:65:f5:a8:80:15:8b:2a:c6:e1:96:9c:
bb:68:1c:58:ba:d4:11:e6:e7:c0:3a:a9:88:c4:0d:d5:58:c8:
6e:d7:49:ed:9b:d7:bb:88:ac:65:4e:2d:cb:49:c3:ef:cd:a6:
20:62:1c:2e:82:69:48:9e:e0:e6:17:1f:94:3f:82:71:0b:46:
71:0a:9d:e9:ed:87:15:20:4d:d5:ea:c5:8d:d8:bb:77:90:37:
a1:98:9c:e2:b9:64:6d:b5:68:67:3d:4a:24:08:94:e9:ae:d3:
5f:2f:fb:d4:e8:d1:20:7d:da:79:16:e4:f3:9b:0f:f3:bf:39:
c6:7b:d1:f0:1e:84:81:91:b7:c6:be:c0:b1:7f:7f:cc:08:ac:
47:ed:c9:c2:5a:39:99:50:06:c4:19:b4:be:86:29:9c:ee:37:
25:18:95:28:e5:f1:d9:5e:21:a3:35:d2:a5:5d:8d:51:c5:7f:
20:70:84:96:c3:38:9c:53:89:ab:6f:87:75:5d:dd:ae:e3:59:
17:6f:da:4d:e8:a1:69:d7:57:b7:c9:89:f7:e8:87:ce:34:86:
6c:40:3f:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9eVFd8FUmihSOhzIeFZGNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNTA5MTcwODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWJjN2Y4N2ZiOThjYzEyYTAyNmIzMDNkZjMyM2Y5MmQyYzU0OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0722wmry1zaA+J7BzIQ+Fi2lWiUm
VxdVPt94JUhPq9/Fink7z/0dNcQvLnTiufEKKQlWQQMDo4aWmGFYeyv3geiKmbHS
QLuVrkximXgGj//VBQNDltWVvH9TrepxBElZ34Fpk9rzcuKx1wCVCZlWHcDH+tcp
Ht47EjEdvYwCGRNuggfEED4GhsLybELku2U/9hd14xmD7jj2PGe3UYTG7cGHa+eR
ktsK06WPzM+kStET3la/XLWirpRFgmd5XJYfcrNRFFh7KTkEJoGPp+wX+sDAcWpM
q1Ib0fX3+IP4cGADLAgjdB0GKXll/tRTBITX7fYxaBezdbFBkSyIL+xw8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN68f4f7mMwSoCazA98yP5LSxUj/MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvM3J4X2hfdVl6QktnSnJNRDN6SV9rdExGU1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvNGFAwQA
vNGIAwQAvNGLMA0GCSqGSIb3DQEBCwUAA4IBAQA/KJov90ZECSdLt7lVda4EnWuZ
Or4vgL5DxNGK1IB0NUGvoprZBZFW+20MZfWogBWLKsbhlpy7aBxYutQR5ufAOqmI
xA3VWMhu10ntm9e7iKxlTi3LScPvzaYgYhwugmlInuDmFx+UP4JxC0ZxCp3p7YcV
IE3V6sWN2Lt3kDehmJziuWRttWhnPUokCJTprtNfL/vU6NEgfdp5FuTzmw/zvznG
e9HwHoSBkbfGvsCxf3/MCKxH7cnCWjmZUAbEGbS+himc7jclGJUo5fHZXiGjNdKl
XY1RxX8gcISWwzicU4mrb4d1Xd2u41kXb9pN6KFp11e3yYn36IfONIZsQD+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org