Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/3BLOilEp6NJqMGi4xzFnPKQph4E.roa
File: 3BLOilEp6NJqMGi4xzFnPKQph4E.roa (raw, json)
Hash identifier: y/JPW83g0yZP7GKioHpGls59PIfcp43iO80ZBvfz97s=
Subject key identifier: DC:12:CE:8A:51:29:E8:D2:6A:30:68:B8:C7:31:67:3C:A4:29:87:81
Certificate issuer: /CN=de52fee9542d63a68e49b2c8ed7838f8a0346b08
Certificate serial: 018571552379F25241D82FC0C7F1A374143B
Authority key identifier: DE:52:FE:E9:54:2D:63:A6:8E:49:B2:C8:ED:78:38:F8:A0:34:6B:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3lL-6VQtY6aOSbLI7Xg4-KA0awg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/3BLOilEp6NJqMGi4xzFnPKQph4E.roa
Signing time: Mon 02 Jan 2023 07:14:42 +0000
ROA not before: Mon 02 Jan 2023 07:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202440
IP address blocks: 194.11.84.0/22 maxlen: 22
194.11.84.0/23 maxlen: 23
194.11.84.0/24 maxlen: 24
194.11.85.0/24 maxlen: 24
194.11.87.0/24 maxlen: 24
194.11.86.0/24 maxlen: 24
194.11.86.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:23:79:f2:52:41:d8:2f:c0:c7:f1:a3:74:14:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de52fee9542d63a68e49b2c8ed7838f8a0346b08
Validity
Not Before: Jan 2 07:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc12ce8a5129e8d26a3068b8c731673ca4298781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:94:9c:ac:20:72:e7:8e:ca:43:29:d1:e6:c1:
4e:da:e4:e9:0f:49:bf:a8:ca:d2:05:a7:4b:1d:6a:
af:75:52:ef:68:b9:4c:3e:dd:b4:d9:8b:d9:cc:7f:
8c:90:c5:b5:7a:a1:26:93:73:b1:4b:e4:f3:bb:88:
99:00:50:aa:63:3a:05:6f:4a:2c:00:24:8e:b8:ca:
bc:85:0f:96:93:76:e5:51:43:d9:c6:64:51:80:6f:
03:cd:0a:0b:5c:db:9c:94:a7:66:e1:fb:de:e3:b0:
20:41:74:28:4b:88:00:19:4e:45:58:e8:a2:cb:f7:
6d:66:ac:51:3c:13:b1:54:f9:60:49:66:5e:65:93:
24:14:0f:d2:f7:cf:ab:a8:ed:30:f2:c4:76:8d:7c:
40:a1:78:07:69:d6:0e:fc:39:29:9e:92:5d:e2:4c:
03:b2:a6:82:f4:f1:aa:47:b4:a9:71:93:98:c8:ff:
89:00:ff:d3:73:29:63:77:63:70:ee:27:5c:d6:7d:
84:0c:00:54:44:3d:bf:9d:8a:3c:ad:62:90:04:c3:
59:7b:cf:6e:21:36:84:eb:38:5e:43:78:7c:22:ec:
80:4d:1c:3c:75:57:d2:23:4a:f5:1a:ea:f2:ba:29:
4a:5e:10:1c:4a:5b:7a:40:ce:de:10:ec:71:9b:69:
91:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:12:CE:8A:51:29:E8:D2:6A:30:68:B8:C7:31:67:3C:A4:29:87:81
X509v3 Authority Key Identifier:
keyid:DE:52:FE:E9:54:2D:63:A6:8E:49:B2:C8:ED:78:38:F8:A0:34:6B:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3lL-6VQtY6aOSbLI7Xg4-KA0awg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/3BLOilEp6NJqMGi4xzFnPKQph4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76e3b3-ab55-4ac9-bb28-a4f333654cc9/1/3lL-6VQtY6aOSbLI7Xg4-KA0awg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.84.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:8a:13:f2:64:8f:bd:88:02:90:90:1f:a3:73:2e:77:c7:a5:
8d:e0:57:bd:d0:06:3b:b5:1a:a0:6f:71:9f:1a:f0:6c:33:87:
dd:ba:c8:b7:c5:92:38:d1:f8:ec:2e:3e:55:40:56:27:60:b0:
3f:e9:ad:f4:57:c1:10:a1:c1:b0:f3:46:26:12:0a:d0:9f:86:
44:26:e4:95:62:41:88:b4:d7:24:7d:ab:65:13:3f:58:cb:cd:
12:6c:67:d0:d0:5b:b4:69:e3:f7:cc:f8:0e:7a:47:5f:eb:c2:
b8:e0:e2:6f:00:ed:fa:8a:d1:b7:3e:d0:de:59:42:09:b0:ff:
13:0e:47:50:b7:5e:fe:a2:66:7f:6f:14:e0:86:a5:79:41:b3:
68:7c:39:4d:12:21:b4:e9:22:7c:b0:d7:94:3d:a5:3c:e1:22:
55:56:44:ea:fc:3f:0a:12:44:f7:d6:1e:61:85:62:e0:a3:a5:
6c:86:08:fc:73:89:ce:8f:04:a7:c4:c6:7a:51:5e:a3:f9:2c:
eb:97:ad:af:f7:32:73:0f:a8:e9:bc:9f:3d:66:52:08:51:09:
6b:a8:df:14:28:6c:e2:c6:c4:62:b1:00:d1:ae:85:a0:e8:a7:
2b:38:aa:e1:bd:09:cd:de:72:fe:e3:e3:04:70:c3:dc:df:d5:
89:0c:09:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVSN58lJB2C/Ax/GjdBQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNTJmZWU5NTQyZDYzYTY4ZTQ5YjJjOGVkNzgzOGY4YTAz
NDZiMDgwHhcNMjMwMTAyMDcxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzEyY2U4YTUxMjllOGQyNmEzMDY4YjhjNzMxNjczY2E0Mjk4NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppScrCBy547KQynR5sFO2uTpD0m/
qMrSBadLHWqvdVLvaLlMPt202YvZzH+MkMW1eqEmk3OxS+Tzu4iZAFCqYzoFb0os
ACSOuMq8hQ+Wk3blUUPZxmRRgG8DzQoLXNuclKdm4fve47AgQXQoS4gAGU5FWOii
y/dtZqxRPBOxVPlgSWZeZZMkFA/S98+rqO0w8sR2jXxAoXgHadYO/DkpnpJd4kwD
sqaC9PGqR7SpcZOYyP+JAP/Tcyljd2Nw7idc1n2EDABURD2/nYo8rWKQBMNZe89u
ITaE6zheQ3h8IuyATRw8dVfSI0r1GuryuilKXhAcSlt6QM7eEOxxm2mR9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwSzopRKejSajBouMcxZzykKYeBMB8GA1UdIwQY
MBaAFN5S/ulULWOmjkmyyO14OPigNGsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2xMLTZWUXRZNmFPU2JMSTdYZzQtS0EwYXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83NmUzYjMtYWI1NS00YWM5LWJiMjgt
YTRmMzMzNjU0Y2M5LzEvM0JMT2lsRXA2TkpxTUdpNHh6Rm5QS1FwaDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83NmUzYjMtYWI1NS00YWM5LWJiMjgtYTRmMzMzNjU0Y2M5
LzEvM2xMLTZWUXRZNmFPU2JMSTdYZzQtS0EwYXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwgtUMA0G
CSqGSIb3DQEBCwUAA4IBAQBfihPyZI+9iAKQkB+jcy53x6WN4Fe90AY7tRqgb3Gf
GvBsM4fdusi3xZI40fjsLj5VQFYnYLA/6a30V8EQocGw80YmEgrQn4ZEJuSVYkGI
tNckfatlEz9Yy80SbGfQ0Fu0aeP3zPgOekdf68K44OJvAO36itG3PtDeWUIJsP8T
DkdQt17+omZ/bxTghqV5QbNofDlNEiG06SJ8sNeUPaU84SJVVkTq/D8KEkT31h5h
hWLgo6Vshgj8c4nOjwSnxMZ6UV6j+Szrl62v9zJzD6jpvJ89ZlIIUQlrqN8UKGzi
xsRisQDRroWg6KcrOKrhvQnN3nL+4+MEcMPc39WJDAlv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:03 2024 by rpki-client on console-ams.rpki-client.org