Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/3OgRspBBHI3zduRanq9hSn1ESo8.roa
File: 3OgRspBBHI3zduRanq9hSn1ESo8.roa (raw, json)
Hash identifier: vp+hGyQlPqmVQv9lkZsFEXSGNQRHKv8joL3RG0wtMhY=
Subject key identifier: DC:E8:11:B2:90:41:1C:8D:F3:76:E4:5A:9E:AF:61:4A:7D:44:4A:8F
Certificate issuer: /CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
Certificate serial: 018572DF09F9C9F0D17F33A6EEDD506216DF
Authority key identifier: B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/3OgRspBBHI3zduRanq9hSn1ESo8.roa
Signing time: Mon 02 Jan 2023 14:24:57 +0000
ROA not before: Mon 02 Jan 2023 14:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 217.145.162.0/24 maxlen: 24
217.145.160.0/20 maxlen: 24
217.145.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:09:f9:c9:f0:d1:7f:33:a6:ee:dd:50:62:16:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
Validity
Not Before: Jan 2 14:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dce811b290411c8df376e45a9eaf614a7d444a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d1:f7:f6:82:6e:e5:61:36:50:7b:f1:97:b9:
28:ca:30:ef:35:50:cc:a7:65:6c:da:a4:45:6a:ba:
ec:e1:5b:b4:c9:47:6d:0c:62:2c:53:fc:f5:8b:c0:
af:b0:f2:d3:a3:54:d3:5f:3b:a8:f7:ab:a9:03:b3:
91:bf:6d:15:84:b0:de:71:c6:46:d3:c1:53:de:f9:
00:20:6e:56:33:f8:08:95:5d:29:98:09:ac:36:b2:
c0:c2:2d:92:46:02:d6:31:b3:48:9f:aa:cb:e6:d7:
e6:63:44:34:24:2b:e7:5c:8c:88:2f:57:34:68:35:
87:80:ae:7c:a6:c2:95:9d:eb:18:77:a6:cc:c6:a7:
7f:cc:98:b8:44:0e:f9:d1:29:17:43:8d:e3:17:21:
09:8b:da:46:d6:5b:9f:d2:81:63:d4:22:9a:9c:a1:
c9:01:34:c4:c3:84:de:cd:82:71:9e:08:b5:26:20:
8d:e4:23:21:27:67:b3:0e:cc:0e:f1:64:1e:a5:ee:
41:7f:4b:b1:d2:7f:82:7d:61:ff:70:a3:b1:86:bb:
ec:ed:4b:c6:79:c0:bf:0c:82:c6:61:e7:0e:9b:d4:
84:78:f4:4e:63:13:dc:f1:51:c0:95:20:13:5a:a2:
f5:7b:ee:04:c3:22:e1:54:36:39:3a:27:8f:3f:23:
e5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E8:11:B2:90:41:1C:8D:F3:76:E4:5A:9E:AF:61:4A:7D:44:4A:8F
X509v3 Authority Key Identifier:
keyid:B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/3OgRspBBHI3zduRanq9hSn1ESo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/su0dYGb05GVO9fPMcKXZBamvgpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.160.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:56:74:a2:d1:e9:43:89:28:6f:6b:31:3b:1d:0f:30:f5:5e:
6d:31:dc:a3:aa:47:43:80:e3:8a:f4:7c:f8:21:7a:5f:85:55:
ca:53:c2:27:ca:04:d1:47:68:af:91:ae:e8:59:7a:fe:f7:0f:
44:ae:3a:4b:5b:e2:38:95:f4:c3:c8:9d:f2:72:02:84:9f:19:
68:ec:85:99:68:67:72:c1:58:2e:0d:93:8a:55:78:f4:e7:1d:
10:77:2d:7a:63:c2:63:97:91:90:28:a5:c9:b2:96:95:80:3f:
d3:a4:b0:9f:d3:8a:93:fa:c2:f7:09:be:f1:c8:ff:cc:79:d1:
ff:10:fa:7a:bf:40:e0:e1:3d:e0:de:fc:d5:7f:09:ed:69:28:
1f:38:82:9e:7b:b8:e8:dd:c7:14:84:57:73:5a:98:1d:7e:bd:
00:34:57:71:c3:44:2b:1c:fe:01:e4:a8:5f:6d:0e:c2:4f:5d:
4b:c5:ac:36:36:9c:84:7a:05:a9:ef:a8:72:86:40:7e:45:8a:
30:73:bd:bd:1b:42:c5:a3:e1:1b:93:e5:57:83:38:f5:f5:ad:
98:0f:27:f4:5d:8e:29:79:71:25:52:34:3a:bb:5c:78:2e:c6:
1c:70:3c:11:f6:a6:a9:0b:8d:ea:f2:b2:27:89:53:9a:6e:27:
a9:6d:e7:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3wn5yfDRfzOm7t1QYhbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZWQxZDYwNjZmNGU0NjU0ZWY1ZjNjYzcwYTVkOTA1YTlh
ZjgyOTAwHhcNMjMwMTAyMTQyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U4MTFiMjkwNDExYzhkZjM3NmU0NWE5ZWFmNjE0YTdkNDQ0YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNH39oJu5WE2UHvxl7koyjDvNVDM
p2Vs2qRFarrs4Vu0yUdtDGIsU/z1i8CvsPLTo1TTXzuo96upA7ORv20VhLDeccZG
08FT3vkAIG5WM/gIlV0pmAmsNrLAwi2SRgLWMbNIn6rL5tfmY0Q0JCvnXIyIL1c0
aDWHgK58psKVnesYd6bMxqd/zJi4RA750SkXQ43jFyEJi9pG1luf0oFj1CKanKHJ
ATTEw4TezYJxngi1JiCN5CMhJ2ezDswO8WQepe5Bf0ux0n+CfWH/cKOxhrvs7UvG
ecC/DILGYecOm9SEePROYxPc8VHAlSATWqL1e+4EwyLhVDY5OiePPyPlHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzoEbKQQRyN83bkWp6vYUp9REqPMB8GA1UdIwQY
MBaAFLLtHWBm9ORlTvXzzHCl2QWpr4KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3UwZFlHYjA1R1ZPOWZQTWNLWFpCYW12Z3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xMTgyY2ItNWY5NS00Y2Q0LWI3MmYt
NDZiNDZmYzBlNDk2LzEvM09nUnNwQkJISTN6ZHVSYW5xOWhTbjFFU284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xMTgyY2ItNWY5NS00Y2Q0LWI3MmYtNDZiNDZmYzBlNDk2
LzEvc3UwZFlHYjA1R1ZPOWZQTWNLWFpCYW12Z3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZGgMA0G
CSqGSIb3DQEBCwUAA4IBAQBOVnSi0elDiShvazE7HQ8w9V5tMdyjqkdDgOOK9Hz4
IXpfhVXKU8InygTRR2ivka7oWXr+9w9ErjpLW+I4lfTDyJ3ycgKEnxlo7IWZaGdy
wVguDZOKVXj05x0Qdy16Y8Jjl5GQKKXJspaVgD/TpLCf04qT+sL3Cb7xyP/MedH/
EPp6v0Dg4T3g3vzVfwntaSgfOIKee7jo3ccUhFdzWpgdfr0ANFdxw0QrHP4B5Khf
bQ7CT11Lxaw2NpyEegWp76hyhkB+RYowc729G0LFo+Ebk+VXgzj19a2YDyf0XY4p
eXElUjQ6u1x4LsYccDwR9qapC43q8rIniVOabiepbedb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:09 2024 by rpki-client on console-fra.rpki-client.org