Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/3uCQ9G42P1hdAVB4qlP_Vm0mlLw.roa
File: 3uCQ9G42P1hdAVB4qlP_Vm0mlLw.roa (raw, json)
Hash identifier: +pXrf37b4g23xqatfyhSChWloWwhDZG1YG8QpvAYLnA=
Subject key identifier: DE:E0:90:F4:6E:36:3F:58:5D:01:50:78:AA:53:FF:56:6D:26:94:BC
Certificate issuer: /CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Certificate serial: 01856C6EF3D0C313B5607A083D3E74AB04EF
Authority key identifier: EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/3uCQ9G42P1hdAVB4qlP_Vm0mlLw.roa
Signing time: Sun 01 Jan 2023 08:24:48 +0000
ROA not before: Sun 01 Jan 2023 08:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2613
IP address blocks: 193.135.150.0/24 maxlen: 24
91.218.38.0/24 maxlen: 24
2001:678:298::/48 maxlen: 48
2a07:e640::/29 maxlen: 29
2001:678:294::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f3:d0:c3:13:b5:60:7a:08:3d:3e:74:ab:04:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Validity
Not Before: Jan 1 08:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dee090f46e363f585d015078aa53ff566d2694bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:28:3f:39:e2:c4:60:27:97:f7:e1:0a:08:94:
10:1d:c1:f3:44:25:6c:65:e5:9a:86:61:66:fd:53:
bf:90:85:8c:d8:e8:ea:41:dd:f1:94:ce:30:0a:d9:
7d:17:bd:d1:6f:24:0f:40:cc:11:66:f7:f4:0e:9a:
f8:3e:61:13:2e:ad:13:5d:d7:18:5d:29:ea:18:dd:
c4:3d:43:16:61:18:94:cf:2c:1c:f4:5b:07:e3:40:
76:3a:ac:e5:bb:a6:06:a1:98:8e:ea:4a:19:af:46:
15:4a:aa:90:2e:fa:19:62:77:50:fa:4a:d5:88:34:
cf:c6:ba:28:19:56:b0:11:1d:0b:6b:9c:78:16:99:
a6:49:a7:dd:b9:4d:6f:7e:0d:93:e0:be:14:56:94:
0a:b7:54:a5:15:43:ae:82:c8:07:69:46:fc:ea:69:
35:3b:1b:e3:73:57:c0:25:cd:7e:36:48:ff:f4:89:
9e:b5:ce:11:f5:d3:17:dd:a3:c7:d6:37:ca:b9:02:
27:2c:c2:b4:01:09:10:11:a2:b0:fe:08:a4:74:4a:
82:9f:77:5b:3b:dc:3e:68:73:95:0b:1c:84:3b:ad:
0e:1d:fb:7d:50:05:3c:3b:f7:70:9c:90:28:3e:6f:
5d:f9:72:0c:b4:fd:e6:8b:b2:2f:5b:e8:6e:e5:08:
da:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E0:90:F4:6E:36:3F:58:5D:01:50:78:AA:53:FF:56:6D:26:94:BC
X509v3 Authority Key Identifier:
keyid:EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/3uCQ9G42P1hdAVB4qlP_Vm0mlLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/79YM7FOzoM_Iy0VDotCopZ5glu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.38.0/24
193.135.150.0/24
IPv6:
2001:678:294::/48
2001:678:298::/48
2a07:e640::/29
Signature Algorithm: sha256WithRSAEncryption
1b:4f:a1:74:72:2e:d7:de:3e:7c:ca:d6:13:1b:10:0c:b5:6e:
3f:b9:a5:ed:7c:28:e5:b9:58:9f:8a:b2:8e:85:cd:46:06:e1:
ee:fe:45:db:96:35:7e:d6:3b:72:68:18:49:b6:2d:9a:b6:54:
41:a5:4e:54:06:67:a6:6e:df:83:29:ed:a6:be:46:ba:e7:a6:
9c:75:0f:e6:d0:fd:b9:b8:7e:a2:d1:45:a3:2d:11:bf:73:c7:
e0:59:39:a8:3c:d8:0c:d7:2e:dc:f6:98:56:1f:ea:df:10:ec:
1c:d1:4c:27:a0:6e:cd:6c:1f:ea:90:e0:d4:b3:89:44:6e:cc:
fb:93:3d:a7:a0:d4:06:b7:5e:ca:72:a9:0b:e4:bd:2f:83:1b:
3b:3f:bb:cf:db:88:3b:de:c4:a5:b4:95:6b:6c:fc:83:65:e2:
66:0f:39:65:40:c5:0d:b2:fa:cf:04:52:97:73:45:ad:92:26:
aa:3e:34:d5:ba:49:11:0c:d4:2c:ea:37:40:fb:eb:4c:6c:56:
47:29:67:f7:64:0c:f0:75:3d:72:98:63:c6:e5:8b:f0:b1:99:
d5:90:82:e2:37:d0:93:75:77:49:3f:f1:a8:41:1f:ed:19:1b:
01:ff:40:fa:7a:8e:4c:ee:c1:f9:02:d5:e5:77:d8:3c:be:50:
50:dd:66:b3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsbvPQwxO1YHoIPT50qwTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZDYwY2VjNTNiM2EwY2ZjOGNiNDU0M2EyZDBhOGE1OWU2
MDk2ZWUwHhcNMjMwMTAxMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUwOTBmNDZlMzYzZjU4NWQwMTUwNzhhYTUzZmY1NjZkMjY5NGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyig/OeLEYCeX9+EKCJQQHcHzRCVs
ZeWahmFm/VO/kIWM2OjqQd3xlM4wCtl9F73RbyQPQMwRZvf0Dpr4PmETLq0TXdcY
XSnqGN3EPUMWYRiUzywc9FsH40B2Oqzlu6YGoZiO6koZr0YVSqqQLvoZYndQ+krV
iDTPxrooGVawER0La5x4FpmmSafduU1vfg2T4L4UVpQKt1SlFUOugsgHaUb86mk1
Oxvjc1fAJc1+Nkj/9Imetc4R9dMX3aPH1jfKuQInLMK0AQkQEaKw/gikdEqCn3db
O9w+aHOVCxyEO60OHft9UAU8O/dwnJAoPm9d+XIMtP3mi7IvW+hu5QjaOQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFN7gkPRuNj9YXQFQeKpT/1ZtJpS8MB8GA1UdIwQY
MBaAFO/WDOxTs6DPyMtFQ6LQqKWeYJbuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5Nzgt
OWUxMjhjZjNjM2FkLzEvM3VDUTlHNDJQMWhkQVZCNHFsUF9WbTBtbEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5NzgtOWUxMjhjZjNjM2Fk
LzEvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTASBAIAATAMAwQAW9omAwQA
wYeWMB8EAgACMBkDBwAgAQZ4ApQDBwAgAQZ4ApgDBQMqB+ZAMA0GCSqGSIb3DQEB
CwUAA4IBAQAbT6F0ci7X3j58ytYTGxAMtW4/uaXtfCjluVifirKOhc1GBuHu/kXb
ljV+1jtyaBhJti2atlRBpU5UBmembt+DKe2mvka656acdQ/m0P25uH6i0UWjLRG/
c8fgWTmoPNgM1y7c9phWH+rfEOwc0UwnoG7NbB/qkODUs4lEbsz7kz2noNQGt17K
cqkL5L0vgxs7P7vP24g73sSltJVrbPyDZeJmDzllQMUNsvrPBFKXc0WtkiaqPjTV
ukkRDNQs6jdA++tMbFZHKWf3ZAzwdT1ymGPG5YvwsZnVkILiN9CTdXdJP/GoQR/t
GRsB/0D6eo5M7sH5AtXld9g8vlBQ3Waz
-----END CERTIFICATE-----
Generated at Mon Nov 27 15:49:46 2023 by rpki-client on console-ams.rpki-client.org