Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/3R-pdHkJraOUzIHjB4hoKRljvbM.roa
File: 3R-pdHkJraOUzIHjB4hoKRljvbM.roa (raw, json)
Hash identifier: 4wG4mf4FwbZGOyA02WaN89N5hRh658T4vqKzz/UKoZE=
Subject key identifier: DD:1F:A9:74:79:09:AD:A3:94:CC:81:E3:07:88:68:29:19:63:BD:B3
Certificate issuer: /CN=d779968e66edbea372ef95baa2bf689138567a40
Certificate serial: 01856E38E88AF84D935A7A803CE4CD887796
Authority key identifier: D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/3R-pdHkJraOUzIHjB4hoKRljvbM.roa
Signing time: Sun 01 Jan 2023 16:45:01 +0000
ROA not before: Sun 01 Jan 2023 16:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205496
IP address blocks: 194.15.137.0/24 maxlen: 24
185.214.228.0/24 maxlen: 24
185.214.228.0/22 maxlen: 22
185.214.231.0/24 maxlen: 24
185.214.230.0/24 maxlen: 24
185.214.229.0/24 maxlen: 24
2001:67c:2fd8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:e8:8a:f8:4d:93:5a:7a:80:3c:e4:cd:88:77:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d779968e66edbea372ef95baa2bf689138567a40
Validity
Not Before: Jan 1 16:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1fa9747909ada394cc81e3078868291963bdb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:59:63:ae:14:55:bc:4d:e6:b9:93:a3:d6:94:
58:8c:a8:66:95:4e:0a:9a:57:a4:e6:d2:72:04:e6:
dd:9f:2f:8c:bf:60:53:c8:62:34:6d:1e:16:a1:80:
27:93:08:d2:d9:41:d5:0d:e9:77:7a:9f:44:b7:42:
4f:6c:62:74:be:21:41:ff:42:04:4b:92:8e:50:61:
76:56:c9:bb:02:30:a5:de:45:ce:63:09:d2:38:a2:
72:c3:31:eb:d7:fb:f6:b0:98:0d:2c:36:b8:57:f1:
b7:06:8c:7f:e7:13:61:d7:33:34:9c:94:fa:49:57:
6d:56:b9:10:a1:3d:14:7b:16:ea:b4:3d:e9:7d:88:
2f:b7:31:a7:1f:f7:08:ff:20:e2:a7:35:4a:19:d7:
ee:f0:f4:ae:7a:72:5d:37:22:27:6c:7b:21:03:16:
9c:f0:9d:e1:ac:56:a1:b5:f7:63:03:8d:b2:d9:f3:
2d:1e:20:6a:8c:b3:58:c8:2c:21:c6:35:e4:cd:00:
28:77:87:68:39:00:1f:71:e0:db:f4:77:4e:34:fd:
ae:b6:fa:85:52:3f:1e:6d:f4:cd:ce:4d:0e:67:af:
32:38:d1:55:d7:a3:3f:27:a7:42:0a:18:0c:09:9d:
a8:90:57:6f:c0:01:b9:c1:ed:e1:64:08:63:a4:00:
47:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1F:A9:74:79:09:AD:A3:94:CC:81:E3:07:88:68:29:19:63:BD:B3
X509v3 Authority Key Identifier:
keyid:D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/3R-pdHkJraOUzIHjB4hoKRljvbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.228.0/22
194.15.137.0/24
IPv6:
2001:67c:2fd8::/48
Signature Algorithm: sha256WithRSAEncryption
4c:1e:b4:ff:e0:7c:a7:4e:8d:39:ca:cd:34:a8:9c:77:50:d3:
c9:26:21:27:78:f0:28:4b:3f:36:25:a5:47:31:19:d3:75:16:
f8:a7:c2:d5:35:22:3a:fd:cf:b9:f7:df:0c:ea:6b:83:9d:cb:
3c:9c:80:d0:be:a8:27:05:62:7f:1d:1e:fc:aa:70:ad:4c:20:
c8:a4:9e:74:87:41:d3:17:58:a6:a8:de:bf:94:22:28:4d:73:
98:3d:9e:52:93:e3:f4:80:94:c7:50:62:26:35:00:cf:8f:aa:
c2:ae:8d:8a:a9:bf:a9:ad:c5:52:5c:10:1c:b4:1a:83:37:20:
e2:e5:c0:c9:2d:94:f8:c2:08:0e:af:65:9f:e7:a5:97:74:f3:
0a:e8:38:5e:dc:bc:2e:71:33:ad:cd:80:a8:39:b7:06:92:6c:
67:9a:04:85:04:aa:03:42:7f:ec:aa:97:47:36:64:62:5a:69:
aa:f3:3b:86:13:e7:b9:c5:cd:f5:7a:13:ee:fd:a6:b1:ce:b4:
48:65:b2:be:a6:f3:96:07:fb:d0:82:2c:8a:da:78:b9:01:66:
37:67:27:8d:e3:fa:30:2f:37:3c:30:b7:b3:ec:b6:75:10:d5:
fb:d8:a5:c6:25:77:f7:e8:78:64:8d:a6:0b:67:43:b8:c3:31:
37:00:13:27
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVuOOiK+E2TWnqAPOTNiHeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Nzk5NjhlNjZlZGJlYTM3MmVmOTViYWEyYmY2ODkxMzg1
NjdhNDAwHhcNMjMwMTAxMTY0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFmYTk3NDc5MDlhZGEzOTRjYzgxZTMwNzg4NjgyOTE5NjNiZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVljrhRVvE3muZOj1pRYjKhmlU4K
mlek5tJyBObdny+Mv2BTyGI0bR4WoYAnkwjS2UHVDel3ep9Et0JPbGJ0viFB/0IE
S5KOUGF2Vsm7AjCl3kXOYwnSOKJywzHr1/v2sJgNLDa4V/G3Box/5xNh1zM0nJT6
SVdtVrkQoT0UexbqtD3pfYgvtzGnH/cI/yDipzVKGdfu8PSuenJdNyInbHshAxac
8J3hrFahtfdjA42y2fMtHiBqjLNYyCwhxjXkzQAod4doOQAfceDb9HdONP2utvqF
Uj8ebfTNzk0OZ68yONFV16M/J6dCChgMCZ2okFdvwAG5we3hZAhjpABHLQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFN0fqXR5Ca2jlMyB4weIaCkZY72zMB8GA1UdIwQY
MBaAFNd5lo5m7b6jcu+VuqK/aJE4VnpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYt
NmU2ZmEzOWJiMWVjLzEvM1ItcGRIa0pyYU9VeklIakI0aG9LUmxqdmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYtNmU2ZmEzOWJiMWVj
LzEvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCudbkAwQA
wg+JMA8EAgACMAkDBwAgAQZ8L9gwDQYJKoZIhvcNAQELBQADggEBAEwetP/gfKdO
jTnKzTSonHdQ08kmISd48ChLPzYlpUcxGdN1FvinwtU1Ijr9z7n33wzqa4Odyzyc
gNC+qCcFYn8dHvyqcK1MIMiknnSHQdMXWKao3r+UIihNc5g9nlKT4/SAlMdQYiY1
AM+PqsKujYqpv6mtxVJcEBy0GoM3IOLlwMktlPjCCA6vZZ/npZd08wroOF7cvC5x
M63NgKg5twaSbGeaBIUEqgNCf+yql0c2ZGJaaarzO4YT57nFzfV6E+79prHOtEhl
sr6m85YH+9CCLIraeLkBZjdnJ43j+jAvNzwwt7PstnUQ1fvYpcYld/foeGSNpgtn
Q7jDMTcAEyc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:08 2024 by rpki-client on console-ams.rpki-client.org