Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/880c47-fa92-4eef-b276-a8a0e55f5e31/1/3ToM2hVIIYoNfd_4Kw0hnIzjOI4.roa
File: 3ToM2hVIIYoNfd_4Kw0hnIzjOI4.roa (raw, json)
Hash identifier: jrfJEeuSUaaje1sNUFPTb1KnSXVrw2s3j9Gj9JK101k=
Subject key identifier: DD:3A:0C:DA:15:48:21:8A:0D:7D:DF:F8:2B:0D:21:9C:8C:E3:38:8E
Certificate issuer: /CN=4913b261adbf79ee36a6a3adfa687a7ec658210b
Certificate serial: 018EE1B6F24A7ECBCF6532054A30BFF4831A
Authority key identifier: 49:13:B2:61:AD:BF:79:EE:36:A6:A3:AD:FA:68:7A:7E:C6:58:21:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SROyYa2_ee42pqOt-mh6fsZYIQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/880c47-fa92-4eef-b276-a8a0e55f5e31/1/3ToM2hVIIYoNfd_4Kw0hnIzjOI4.roa
Signing time: Mon 15 Apr 2024 12:24:06 +0000
ROA not before: Mon 15 Apr 2024 12:24:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208621
IP address blocks: 195.144.22.0/24 maxlen: 24
2a09:7cc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Aug 2024 14:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:b6:f2:4a:7e:cb:cf:65:32:05:4a:30:bf:f4:83:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4913b261adbf79ee36a6a3adfa687a7ec658210b
Validity
Not Before: Apr 15 12:24:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3a0cda1548218a0d7ddff82b0d219c8ce3388e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fb:6b:81:58:6b:c2:c4:75:9e:2c:03:d5:fe:
e8:3b:58:1b:5d:20:91:34:3d:de:64:21:d0:9c:1c:
6d:9b:ec:23:4a:89:e0:5d:a6:a8:ca:2e:b3:e0:53:
e1:39:c4:78:58:bd:0d:7b:f1:70:18:f4:e0:af:0f:
fc:80:e6:ed:52:0c:84:c6:04:17:64:2a:3e:1c:dd:
28:c3:f6:ba:61:2a:08:c7:1a:c2:31:07:92:a1:e5:
7a:1f:c6:49:31:d4:f7:3b:b7:39:51:0b:38:bc:c1:
64:7d:d6:27:f4:8c:8a:82:35:97:eb:0a:bc:b7:41:
6a:35:c1:21:10:7b:fc:12:e6:66:18:3f:78:0a:0b:
cc:32:18:81:18:6c:b1:d2:45:24:02:1d:0e:f7:85:
e1:bb:a4:9b:93:8c:f7:32:0b:66:3f:4f:f9:75:41:
bd:55:dc:49:76:b5:99:ed:c4:cd:a9:e7:bf:b1:db:
04:7b:ee:2c:21:1f:2e:1b:5f:7f:5d:64:03:5d:9f:
e3:02:84:b8:fe:d2:e5:d6:5a:2c:8a:c1:81:fa:fc:
19:58:3f:71:e0:00:36:27:a3:f1:a2:8b:b9:3f:b6:
be:3b:92:a0:8b:27:71:aa:2a:96:44:de:ce:86:1e:
b3:c5:6b:f4:7b:71:03:46:44:19:a9:ac:a8:6e:6a:
4a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3A:0C:DA:15:48:21:8A:0D:7D:DF:F8:2B:0D:21:9C:8C:E3:38:8E
X509v3 Authority Key Identifier:
keyid:49:13:B2:61:AD:BF:79:EE:36:A6:A3:AD:FA:68:7A:7E:C6:58:21:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SROyYa2_ee42pqOt-mh6fsZYIQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/880c47-fa92-4eef-b276-a8a0e55f5e31/1/3ToM2hVIIYoNfd_4Kw0hnIzjOI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/880c47-fa92-4eef-b276-a8a0e55f5e31/1/SROyYa2_ee42pqOt-mh6fsZYIQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.22.0/24
IPv6:
2a09:7cc7::/32
Signature Algorithm: sha256WithRSAEncryption
67:c2:38:db:12:7f:fe:95:95:18:04:de:ef:fb:7d:4c:de:08:
bb:28:36:8f:3f:f2:cd:00:1f:23:23:6e:4a:2c:a6:e8:2d:f6:
1d:33:20:e2:c2:58:a6:d5:39:e8:83:66:5d:40:a6:6c:2a:d2:
ec:f8:fe:a6:a0:8f:ff:b1:29:a7:fa:ee:73:d9:8a:d9:2f:7b:
fd:42:24:2a:d5:b1:41:45:e7:f4:de:76:fa:1c:7e:3b:a5:c3:
51:7d:17:b2:6e:10:a2:e2:80:f0:28:dc:fe:49:88:61:75:3e:
28:64:38:9a:d4:f3:2d:27:d3:e9:20:66:a4:37:16:d8:5f:19:
16:c9:aa:80:ad:d3:d5:b0:2b:05:8f:cd:65:dc:be:1c:c0:27:
48:d5:6a:f2:b5:0c:f8:06:41:3c:37:ca:39:37:76:aa:04:1f:
f9:16:70:14:06:a0:f5:e5:97:00:d0:fe:6d:2a:5e:d4:0e:4e:
6c:18:66:9a:39:5a:bc:a7:70:8c:d9:d1:f9:e8:aa:66:1c:27:
92:3a:5a:c3:3d:70:52:db:47:2e:6f:fe:85:2f:30:7e:2e:c0:
7c:ab:6d:dc:c6:c4:7a:ff:ea:4a:ae:8b:79:16:2c:2a:3d:58:
84:8a:79:13:ac:d1:87:96:d4:60:98:32:0d:7b:d3:b2:72:54:
e4:24:89:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7htvJKfsvPZTIFSjC/9IMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MTNiMjYxYWRiZjc5ZWUzNmE2YTNhZGZhNjg3YTdlYzY1
ODIxMGIwHhcNMjQwNDE1MTIyNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNhMGNkYTE1NDgyMThhMGQ3ZGRmZjgyYjBkMjE5YzhjZTMzODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvtrgVhrwsR1niwD1f7oO1gbXSCR
ND3eZCHQnBxtm+wjSongXaaoyi6z4FPhOcR4WL0Ne/FwGPTgrw/8gObtUgyExgQX
ZCo+HN0ow/a6YSoIxxrCMQeSoeV6H8ZJMdT3O7c5UQs4vMFkfdYn9IyKgjWX6wq8
t0FqNcEhEHv8EuZmGD94CgvMMhiBGGyx0kUkAh0O94Xhu6Sbk4z3MgtmP0/5dUG9
VdxJdrWZ7cTNqee/sdsEe+4sIR8uG19/XWQDXZ/jAoS4/tLl1losisGB+vwZWD9x
4AA2J6Pxoou5P7a+O5KgiydxqiqWRN7Ohh6zxWv0e3EDRkQZqayobmpKKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN06DNoVSCGKDX3f+CsNIZyM4ziOMB8GA1UdIwQY
MBaAFEkTsmGtv3nuNqajrfpoen7GWCELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1JPeVlhMl9lZTQycHFPdC1taDZmc1pZSVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84ODBjNDctZmE5Mi00ZWVmLWIyNzYt
YThhMGU1NWY1ZTMxLzEvM1RvTTJoVklJWW9OZmRfNEt3MGhuSXpqT0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84ODBjNDctZmE5Mi00ZWVmLWIyNzYtYThhMGU1NWY1ZTMx
LzEvU1JPeVlhMl9lZTQycHFPdC1taDZmc1pZSVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw5AWMA0E
AgACMAcDBQAqCXzHMA0GCSqGSIb3DQEBCwUAA4IBAQBnwjjbEn/+lZUYBN7v+31M
3gi7KDaPP/LNAB8jI25KLKboLfYdMyDiwlim1Tnog2ZdQKZsKtLs+P6moI//sSmn
+u5z2YrZL3v9QiQq1bFBRef03nb6HH47pcNRfReybhCi4oDwKNz+SYhhdT4oZDia
1PMtJ9PpIGakNxbYXxkWyaqArdPVsCsFj81l3L4cwCdI1WrytQz4BkE8N8o5N3aq
BB/5FnAUBqD15ZcA0P5tKl7UDk5sGGaaOVq8p3CM2dH56KpmHCeSOlrDPXBS20cu
b/6FLzB+LsB8q23cxsR6/+pKrot5FiwqPViEinkTrNGHltRgmDINe9OyclTkJInP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:17 2025 by rpki-client