Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/3SxK6avwurQEai3E28uyBNCfvdw.roa
File: 3SxK6avwurQEai3E28uyBNCfvdw.roa (raw, json)
Hash identifier: rvv9fVYK8DfUWcUv3eOFm6eryU3eZQcmgBaAcE35o8Q=
Subject key identifier: DD:2C:4A:E9:AB:F0:BA:B4:04:6A:2D:C4:DB:CB:B2:04:D0:9F:BD:DC
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E1EACE22956DBCF8A5A7615DB8C37BAB8
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/3SxK6avwurQEai3E28uyBNCfvdw.roa
Signing time: Fri 08 Mar 2024 15:27:10 +0000
ROA not before: Fri 08 Mar 2024 15:27:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 152.89.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 15:15:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:ac:e2:29:56:db:cf:8a:5a:76:15:db:8c:37:ba:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 8 15:27:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd2c4ae9abf0bab4046a2dc4dbcbb204d09fbddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ae:41:cd:89:3e:7b:a5:fa:f5:6a:48:9d:66:
da:d7:0b:57:fb:f7:92:a8:d6:81:a3:65:9a:29:19:
ab:0c:ed:18:64:83:32:61:b1:f4:6b:04:fc:8b:f6:
91:b3:d0:37:83:25:d9:67:18:e7:8e:12:73:7f:56:
c2:65:24:6f:2e:d1:a0:f2:34:d2:97:a7:4d:6c:ed:
d4:fd:61:b9:b1:9f:ef:aa:4a:29:38:a3:3d:64:3e:
b4:32:8b:89:fb:c2:07:f9:35:6c:50:9a:40:90:d6:
50:40:a6:a0:dd:4b:18:5a:58:94:19:67:5a:0d:bc:
e0:ef:d1:c0:8e:c6:e0:79:43:b3:20:66:84:7a:54:
0b:ea:01:43:90:48:db:22:23:46:3c:a5:22:ed:af:
30:b2:80:44:1e:f1:81:82:ec:f5:a9:02:d1:fa:fd:
73:05:56:5f:f2:9e:10:7c:c0:4e:c8:0e:43:0e:5a:
6e:2f:df:ac:1f:4d:64:25:50:95:e9:a0:a2:04:c3:
13:4f:0d:40:01:df:08:18:e9:26:0c:da:a2:a8:29:
d2:87:8a:35:04:f8:b3:b5:12:dd:5f:ba:83:9a:72:
7e:e2:21:54:a9:08:fe:45:5e:99:02:a2:f7:6c:c8:
cd:1f:f6:ca:81:59:95:ec:56:d2:cd:67:e6:e2:66:
f8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2C:4A:E9:AB:F0:BA:B4:04:6A:2D:C4:DB:CB:B2:04:D0:9F:BD:DC
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/3SxK6avwurQEai3E28uyBNCfvdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.199.0/24
Signature Algorithm: sha256WithRSAEncryption
57:0d:4c:c3:1b:9c:74:5b:ee:7e:89:c7:f8:96:62:9d:52:48:
81:18:f3:b8:bd:97:bf:30:2f:9f:28:13:97:fd:44:8d:3a:57:
f4:11:91:1a:14:e3:16:bb:cf:4b:59:6f:28:ce:e3:b7:f9:4f:
5c:de:1a:4a:55:c4:74:fa:d5:0f:0f:46:db:82:4d:87:22:53:
65:f6:6b:71:4b:32:42:2f:95:95:48:98:27:eb:77:6b:74:d5:
9a:e2:e3:4a:b3:3c:f9:59:cd:ba:ed:27:d6:e5:8b:9b:0b:af:
1a:a1:ee:dc:26:53:d3:ad:30:d4:4e:de:05:f2:b0:11:eb:40:
79:88:69:76:85:77:b0:61:6a:61:8a:70:a9:e4:af:21:71:af:
39:7b:bf:c2:05:01:cf:c0:14:73:2f:06:9c:c4:42:ae:44:5e:
0e:fd:34:82:02:99:0e:ef:92:ee:72:17:97:c1:4f:37:cd:ef:
17:4b:2e:d1:b5:34:49:16:ca:ba:56:43:6c:0d:e3:fe:63:61:
31:c9:b6:85:72:e9:9c:32:9e:aa:53:ba:d4:1d:42:84:71:d0:
44:4c:f2:46:46:81:d1:d8:d3:21:81:62:c4:fc:62:ce:ef:35:
8d:85:07:9e:89:74:38:23:ab:f1:35:34:02:4a:c9:a9:dc:b2:
a4:d3:55:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4erOIpVtvPilp2FduMN7q4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA4MTUyNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJjNGFlOWFiZjBiYWI0MDQ2YTJkYzRkYmNiYjIwNGQwOWZiZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk65BzYk+e6X69WpInWba1wtX+/eS
qNaBo2WaKRmrDO0YZIMyYbH0awT8i/aRs9A3gyXZZxjnjhJzf1bCZSRvLtGg8jTS
l6dNbO3U/WG5sZ/vqkopOKM9ZD60MouJ+8IH+TVsUJpAkNZQQKag3UsYWliUGWda
Dbzg79HAjsbgeUOzIGaEelQL6gFDkEjbIiNGPKUi7a8wsoBEHvGBguz1qQLR+v1z
BVZf8p4QfMBOyA5DDlpuL9+sH01kJVCV6aCiBMMTTw1AAd8IGOkmDNqiqCnSh4o1
BPiztRLdX7qDmnJ+4iFUqQj+RV6ZAqL3bMjNH/bKgVmV7FbSzWfm4mb4vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0sSumr8Lq0BGotxNvLsgTQn73cMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvM1N4SzZhdnd1clFFYWkzRTI4dXlCTkNmdmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnHMA0G
CSqGSIb3DQEBCwUAA4IBAQBXDUzDG5x0W+5+icf4lmKdUkiBGPO4vZe/MC+fKBOX
/USNOlf0EZEaFOMWu89LWW8ozuO3+U9c3hpKVcR0+tUPD0bbgk2HIlNl9mtxSzJC
L5WVSJgn63drdNWa4uNKszz5Wc267SfW5YubC68aoe7cJlPTrTDUTt4F8rAR60B5
iGl2hXewYWphinCp5K8hca85e7/CBQHPwBRzLwacxEKuRF4O/TSCApkO75LucheX
wU83ze8XSy7RtTRJFsq6VkNsDeP+Y2ExybaFcumcMp6qU7rUHUKEcdBETPJGRoHR
2NMhgWLE/GLO7zWNhQeeiXQ4I6vxNTQCSsmp3LKk01Xe
-----END CERTIFICATE-----
Generated at Wed May 15 19:48:13 2024 by rpki-client on console-fra.rpki-client.org