Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3QKS4pcSIYsMyE-PfkhZSY-a9-8.roa
File: 3QKS4pcSIYsMyE-PfkhZSY-a9-8.roa (raw, json)
Hash identifier: x1HHTTroGf+8LuctOP+pBGeeyxRJas6KBqC61GI0WO0=
Subject key identifier: DD:02:92:E2:97:12:21:8B:0C:C8:4F:8F:7E:48:59:49:8F:9A:F7:EF
Certificate issuer: /CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Certificate serial: 01856C65E53D5AAE5AA18E9C760598220F87
Authority key identifier: DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3QKS4pcSIYsMyE-PfkhZSY-a9-8.roa
Signing time: Sun 01 Jan 2023 08:14:55 +0000
ROA not before: Sun 01 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58331
IP address blocks: 193.242.195.0/24 maxlen: 24
193.242.194.0/24 maxlen: 24
185.75.205.0/24 maxlen: 24
185.75.206.0/24 maxlen: 24
185.75.207.0/24 maxlen: 24
2a05:5445::/32 maxlen: 32
2a05:5441::/32 maxlen: 32
2a05:5444::/32 maxlen: 32
2a05:5442::/32 maxlen: 32
2a05:5447::/32 maxlen: 32
2a05:5446::/32 maxlen: 32
2a05:5440::/32 maxlen: 32
2a05:5443::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e5:3d:5a:ae:5a:a1:8e:9c:76:05:98:22:0f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Validity
Not Before: Jan 1 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd0292e29712218b0cc84f8f7e4859498f9af7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fd:22:35:bf:84:96:66:1d:b5:83:c4:d5:f6:
6f:28:77:cc:05:e2:2f:5d:5d:6d:7c:58:c7:4a:28:
cd:75:c2:a3:be:fa:75:fb:40:7a:51:fc:a4:bb:5b:
21:b2:e0:59:58:7e:fc:d7:51:05:2d:3f:ad:43:72:
76:54:17:03:b7:88:37:73:8b:f7:eb:cc:6e:1a:58:
c8:dd:7a:79:45:53:32:07:b0:4c:98:c9:ef:c4:e7:
9c:61:81:61:86:65:70:08:c3:40:88:50:af:65:f1:
5b:d0:94:67:ae:b9:d0:c5:55:00:d9:53:0f:52:27:
37:d9:d2:da:1e:f9:01:a9:eb:81:aa:e1:ab:20:30:
d1:29:bb:70:86:0f:53:ba:66:14:40:68:48:eb:4d:
cb:47:f5:5a:80:da:56:f0:bb:78:d7:d2:5a:9f:4c:
f9:94:0f:5b:57:59:fd:9d:8b:1b:58:02:29:51:84:
9e:0e:d6:b8:98:57:00:f9:ef:50:fa:ba:93:36:72:
91:93:44:fe:e2:f3:51:41:92:6c:57:1c:f4:89:55:
20:4d:02:42:d8:70:51:ed:dd:12:5f:55:f6:9d:a3:
41:76:25:d9:cf:d8:e1:76:c9:ce:84:28:be:af:f0:
e1:b4:29:0e:92:5c:68:3d:49:57:41:65:8f:be:da:
33:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:02:92:E2:97:12:21:8B:0C:C8:4F:8F:7E:48:59:49:8F:9A:F7:EF
X509v3 Authority Key Identifier:
keyid:DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3QKS4pcSIYsMyE-PfkhZSY-a9-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.205.0-185.75.207.255
193.242.194.0/23
IPv6:
2a05:5440::/29
Signature Algorithm: sha256WithRSAEncryption
a0:49:24:b3:11:e2:35:b1:84:2c:5c:3f:d6:7b:43:8d:9c:7e:
72:c9:02:ee:9f:f2:9e:1a:ec:ce:e3:f2:73:fd:77:e1:9b:bd:
86:15:14:a8:94:05:a6:e5:4e:83:ee:3b:6d:ad:bd:78:e1:a8:
0c:20:44:87:8e:97:e4:c6:53:fd:49:aa:3d:7a:63:e5:80:eb:
54:1c:aa:97:ab:02:83:8c:9f:6d:6b:80:ec:97:ef:a6:25:cb:
4b:80:7b:f7:3a:fc:47:06:c6:0b:95:41:84:0c:6c:0c:84:11:
76:a9:94:9f:fa:49:c6:1e:4d:13:e4:61:71:2d:30:ba:4c:d7:
2d:bd:e4:1e:fa:69:49:5f:e9:24:e3:49:52:2a:1a:c1:1b:ed:
60:8a:18:31:d4:fb:27:56:53:3d:e1:d5:99:85:61:83:e4:e8:
03:c9:a2:95:ca:33:de:01:6f:04:de:16:91:86:88:dc:98:04:
52:e2:22:19:19:1e:bf:6e:e1:1e:fa:a5:37:08:ed:2f:9d:5b:
98:b2:f3:2e:e7:77:53:d4:a2:f5:fb:0e:cf:32:2a:94:59:1a:
54:a2:ee:dd:bb:e2:13:20:9e:1f:59:80:66:a9:d1:ef:fd:f7:
07:8e:45:bb:23:d4:3f:42:6c:f3:56:ca:c1:ae:a2:49:86:16:
26:dc:20:4e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVsZeU9Wq5aoY6cdgWYIg+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjdiOTM5OTM0YTJjYzIwNmZmYmE2YmNlOWM5MGZkY2Jh
MzljNzEwHhcNMjMwMTAxMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDAyOTJlMjk3MTIyMThiMGNjODRmOGY3ZTQ4NTk0OThmOWFmN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP0iNb+ElmYdtYPE1fZvKHfMBeIv
XV1tfFjHSijNdcKjvvp1+0B6Ufyku1shsuBZWH7811EFLT+tQ3J2VBcDt4g3c4v3
68xuGljI3Xp5RVMyB7BMmMnvxOecYYFhhmVwCMNAiFCvZfFb0JRnrrnQxVUA2VMP
Uic32dLaHvkBqeuBquGrIDDRKbtwhg9TumYUQGhI603LR/VagNpW8Lt419Jan0z5
lA9bV1n9nYsbWAIpUYSeDta4mFcA+e9Q+rqTNnKRk0T+4vNRQZJsVxz0iVUgTQJC
2HBR7d0SX1X2naNBdiXZz9jhdsnOhCi+r/DhtCkOklxoPUlXQWWPvtozQQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFN0CkuKXEiGLDMhPj35IWUmPmvfvMB8GA1UdIwQY
MBaAFN8nuTmTSizCBv+6a86ckP3Lo5xxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0Njgt
NmVkNTRkM2ZlNGY0LzEvM1FLUzRwY1NJWXNNeUUtUGZraFpTWS1hOS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0NjgtNmVkNTRkM2ZlNGY0
LzEvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5S80D
BAS5S8ADBAHB8sIwDQQCAAIwBwMFAyoFVEAwDQYJKoZIhvcNAQELBQADggEBAKBJ
JLMR4jWxhCxcP9Z7Q42cfnLJAu6f8p4a7M7j8nP9d+GbvYYVFKiUBablToPuO22t
vXjhqAwgRIeOl+TGU/1Jqj16Y+WA61QcqperAoOMn21rgOyX76Yly0uAe/c6/EcG
xguVQYQMbAyEEXaplJ/6ScYeTRPkYXEtMLpM1y295B76aUlf6STjSVIqGsEb7WCK
GDHU+ydWUz3h1ZmFYYPk6APJopXKM94BbwTeFpGGiNyYBFLiIhkZHr9u4R76pTcI
7S+dW5iy8y7nd1PUovX7Ds8yKpRZGlSi7t274hMgnh9ZgGap0e/99weORbsj1D9C
bPNWysGuokmGFibcIE4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:24 2024 by rpki-client on console-fra.rpki-client.org