Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/3YBt8E3p6GgAbBy7BpwMqkbsI44.roa
File: 3YBt8E3p6GgAbBy7BpwMqkbsI44.roa (raw, json)
Hash identifier: 8cH90Jjz8DkoLS4GGXM1ngj3sUik0wryxLbpRDE4kUI=
Subject key identifier: DD:80:6D:F0:4D:E9:E8:68:00:6C:1C:BB:06:9C:0C:AA:46:EC:23:8E
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 0185E9E7FDB82F9CAAA195AC297066833ACE
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/3YBt8E3p6GgAbBy7BpwMqkbsI44.roa
Signing time: Wed 25 Jan 2023 17:09:33 +0000
ROA not before: Wed 25 Jan 2023 17:09:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205530
IP address blocks: 45.140.112.0/22 maxlen: 22
195.211.56.0/22 maxlen: 22
81.89.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:e7:fd:b8:2f:9c:aa:a1:95:ac:29:70:66:83:3a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 25 17:09:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd806df04de9e868006c1cbb069c0caa46ec238e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:89:95:f9:d2:b9:4b:5b:17:66:0e:ec:de:59:
5c:e4:6a:15:f5:bd:a8:3f:32:f8:2b:69:8d:f7:39:
7e:5b:a0:d8:56:bf:e2:d8:2e:4f:d4:73:74:88:f9:
bf:23:57:5d:6f:20:86:72:13:f0:c2:80:5f:dd:a4:
5c:23:a2:c8:d7:e7:77:81:e2:fa:f2:93:4c:af:aa:
06:bc:bc:2a:2c:af:55:01:5d:e0:da:e6:21:17:a6:
6c:23:7b:43:7c:60:db:9f:b0:e2:1d:a0:7e:95:62:
0c:4d:5a:cc:f5:38:e1:39:f0:59:82:fc:ae:74:c1:
56:b2:02:95:c9:85:ca:17:d7:44:62:cb:ff:6b:33:
b1:8c:f1:76:c0:8f:71:e5:08:6f:ec:55:bd:a9:59:
cf:57:39:e4:1c:cb:85:f1:20:3c:12:26:c8:5a:6e:
42:05:6e:37:4f:89:f5:b6:d0:41:3d:1d:ce:bc:6c:
8d:dd:0b:3c:e7:f6:c2:bb:7f:6c:22:e3:85:16:0d:
4c:47:d5:34:b6:8a:75:8e:0f:02:b3:62:7d:51:a8:
95:57:a4:cc:75:5a:1f:f3:68:4d:b7:a0:d0:d2:c2:
6b:d2:8b:d0:36:05:de:f7:b8:86:50:17:4d:7d:bc:
55:04:c6:9e:f4:17:12:6a:b9:31:75:29:85:d1:cb:
4e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:80:6D:F0:4D:E9:E8:68:00:6C:1C:BB:06:9C:0C:AA:46:EC:23:8E
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/3YBt8E3p6GgAbBy7BpwMqkbsI44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.112.0/22
81.89.88.0/24
195.211.56.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:36:a6:66:d5:06:0e:3b:ef:da:d7:32:37:b3:7a:57:3b:c5:
5d:a5:a2:3d:88:05:8c:88:ad:58:51:87:54:6e:e6:81:79:ca:
cd:0e:19:af:9b:bb:07:3d:95:71:8c:b0:4b:ae:14:36:49:1b:
6b:e4:a6:10:37:58:33:29:a6:f0:54:e4:35:8d:50:88:2e:c6:
33:3e:27:46:a6:6f:cd:51:2c:26:f2:f3:d4:63:77:62:05:0d:
5e:04:46:71:1b:f7:54:e5:6b:67:87:8b:e7:51:53:79:d6:9e:
e5:2f:b1:6f:dd:c7:77:98:8a:0d:8c:45:fd:6d:c9:06:cc:4a:
a4:a5:1d:97:85:ae:8d:1f:dc:92:fb:eb:5b:f5:f5:3f:73:d6:
5d:e2:3a:dd:ad:79:4f:d0:78:d9:b5:88:b1:7e:10:cf:eb:59:
eb:4b:74:11:50:1a:35:a6:ed:6a:7e:e1:f8:b6:52:a2:68:86:
72:b7:df:81:a8:bc:33:f4:e0:a0:a2:32:18:1b:d9:d7:a6:b8:
7d:ff:2f:d8:da:ee:3f:76:63:8e:1d:f3:6b:35:f4:78:28:48:
fa:19:a4:6c:8d:7a:e0:60:90:4f:e9:1c:76:25:f3:7a:20:20:
9e:48:9f:65:f0:c7:54:5d:2e:8a:b0:84:71:f0:63:07:52:b6:
07:a9:cf:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXp5/24L5yqoZWsKXBmgzrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjMwMTI1MTcwOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgwNmRmMDRkZTllODY4MDA2YzFjYmIwNjljMGNhYTQ2ZWMyMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuomV+dK5S1sXZg7s3llc5GoV9b2o
PzL4K2mN9zl+W6DYVr/i2C5P1HN0iPm/I1ddbyCGchPwwoBf3aRcI6LI1+d3geL6
8pNMr6oGvLwqLK9VAV3g2uYhF6ZsI3tDfGDbn7DiHaB+lWIMTVrM9TjhOfBZgvyu
dMFWsgKVyYXKF9dEYsv/azOxjPF2wI9x5Qhv7FW9qVnPVznkHMuF8SA8EibIWm5C
BW43T4n1ttBBPR3OvGyN3Qs85/bCu39sIuOFFg1MR9U0top1jg8Cs2J9UaiVV6TM
dVof82hNt6DQ0sJr0ovQNgXe97iGUBdNfbxVBMae9BcSarkxdSmF0ctOCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN2AbfBN6ehoAGwcuwacDKpG7COOMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvM1lCdDhFM3A2R2dBYkJ5N0Jwd01xa2JzSTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYxwAwQA
UVlYAwQCw9M4MA0GCSqGSIb3DQEBCwUAA4IBAQAbNqZm1QYOO+/a1zI3s3pXO8Vd
paI9iAWMiK1YUYdUbuaBecrNDhmvm7sHPZVxjLBLrhQ2SRtr5KYQN1gzKabwVOQ1
jVCILsYzPidGpm/NUSwm8vPUY3diBQ1eBEZxG/dU5Wtnh4vnUVN51p7lL7Fv3cd3
mIoNjEX9bckGzEqkpR2Xha6NH9yS++tb9fU/c9Zd4jrdrXlP0HjZtYixfhDP61nr
S3QRUBo1pu1qfuH4tlKiaIZyt9+BqLwz9OCgojIYG9nXprh9/y/Y2u4/dmOOHfNr
NfR4KEj6GaRsjXrgYJBP6Rx2JfN6ICCeSJ9l8MdUXS6KsIRx8GMHUrYHqc+0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:45 2024 by rpki-client on console-fra.rpki-client.org