Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/3pz8OCuhBOmzs40Zq3vuhFLN9pM.roa
File: 3pz8OCuhBOmzs40Zq3vuhFLN9pM.roa (raw, json)
Hash identifier: 4aVQSOIeDODwKsl4rkGeTG1+N+bpTeClZjMJ/UAdeOA=
Subject key identifier: DE:9C:FC:38:2B:A1:04:E9:B3:B3:8D:19:AB:7B:EE:84:52:CD:F6:93
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B7A1D99989C20BE78F70DC97D7FA7
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/3pz8OCuhBOmzs40Zq3vuhFLN9pM.roa
Signing time: Sun 01 Jan 2023 21:44:55 +0000
ROA not before: Sun 01 Jan 2023 21:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198692
IP address blocks: 82.150.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:7a:1d:99:98:9c:20:be:78:f7:0d:c9:7d:7f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de9cfc382ba104e9b3b38d19ab7bee8452cdf693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2a:06:69:1d:73:08:3a:80:12:41:16:e7:d5:
31:b4:a1:a3:5e:f5:fa:2b:83:64:17:7b:22:d5:1b:
7b:5e:a1:8d:37:f2:02:2f:e7:b2:48:54:97:22:7c:
d7:65:34:1f:89:c9:ce:c4:df:bb:28:f6:bd:88:52:
d7:59:8c:68:0f:1c:d3:55:0f:da:f7:79:c3:6c:e9:
70:60:9b:32:fc:af:1b:27:3c:13:8a:2e:98:20:95:
92:21:66:9f:17:1d:10:fe:ed:86:2d:d5:04:10:23:
d3:90:d4:c3:d3:2a:64:7a:97:63:f7:b8:ec:30:08:
12:19:07:a4:ce:fe:96:46:17:72:b1:74:22:c6:54:
22:31:55:87:03:22:f3:08:e5:43:96:9b:62:37:2c:
11:2c:ec:c8:63:5c:3f:5e:17:82:2b:9d:1f:9e:09:
b0:6d:4f:56:7a:8e:6b:1a:f4:bb:1f:7d:73:e0:64:
3b:76:b4:33:df:ba:34:5d:d1:96:6c:57:5d:4d:f6:
1e:57:71:24:c9:74:59:59:1a:25:52:dc:95:88:dc:
6d:0b:a5:e8:2b:b8:b8:ae:7c:bf:63:43:02:24:45:
3e:c0:f7:da:97:ef:55:c7:61:67:d3:ad:4a:3a:24:
e6:f5:34:8d:de:8b:0c:1e:04:ba:84:49:20:27:14:
c0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9C:FC:38:2B:A1:04:E9:B3:B3:8D:19:AB:7B:EE:84:52:CD:F6:93
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/3pz8OCuhBOmzs40Zq3vuhFLN9pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.138.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c7:78:94:ee:8e:45:95:f3:c5:4b:ba:ad:07:a1:d5:d9:cf:
21:2e:83:e3:ee:b8:a8:f7:6e:cc:94:08:65:41:b9:40:e5:6c:
8f:eb:e7:6b:45:f8:dc:79:ba:fa:38:6d:30:d8:a2:f3:7a:26:
cd:53:ac:ba:f9:1a:a6:e0:a7:e4:3e:a9:64:03:fc:b4:18:af:
34:41:75:df:84:45:d3:cb:a7:92:e2:01:a7:e8:41:a6:07:a1:
b6:e7:ef:cd:e7:e2:95:bf:46:28:38:ea:59:9c:42:e0:41:c9:
d3:e7:19:6f:ca:1e:6b:02:60:0d:30:f9:e6:08:99:67:28:7e:
5b:a1:68:03:11:cc:b9:53:1f:bc:0d:43:fd:56:93:1a:ee:19:
20:97:6d:63:51:83:c8:5f:73:97:24:14:d7:f3:bd:8f:cd:85:
ee:9d:a8:df:7e:d6:ad:e0:ad:b3:d5:33:55:e9:df:88:e6:26:
a5:71:47:04:63:25:7b:0c:5a:95:5a:6e:79:57:3a:93:60:64:
b3:08:4b:8a:fc:f2:82:68:2c:63:bd:68:64:88:0c:03:46:79:
9f:56:ee:85:88:f4:45:31:60:cd:90:a9:c8:32:b2:3c:54:93:
42:fc:e1:98:76:2b:2c:a2:ad:ab:cd:74:ef:e0:41:51:2c:c0:
b9:52:a7:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3odmZicIL549w3JfX+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTljZmMzODJiYTEwNGU5YjNiMzhkMTlhYjdiZWU4NDUyY2RmNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSoGaR1zCDqAEkEW59UxtKGjXvX6
K4NkF3si1Rt7XqGNN/ICL+eySFSXInzXZTQficnOxN+7KPa9iFLXWYxoDxzTVQ/a
93nDbOlwYJsy/K8bJzwTii6YIJWSIWafFx0Q/u2GLdUEECPTkNTD0ypkepdj97js
MAgSGQekzv6WRhdysXQixlQiMVWHAyLzCOVDlptiNywRLOzIY1w/XheCK50fngmw
bU9Weo5rGvS7H31z4GQ7drQz37o0XdGWbFddTfYeV3EkyXRZWRolUtyViNxtC6Xo
K7i4rny/Y0MCJEU+wPfal+9Vx2Fn061KOiTm9TSN3osMHgS6hEkgJxTAYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6c/DgroQTps7ONGat77oRSzfaTMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvM3B6OE9DdWhCT216czQwWnEzdnVoRkxOOXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpaKMA0G
CSqGSIb3DQEBCwUAA4IBAQBmx3iU7o5FlfPFS7qtB6HV2c8hLoPj7rio927MlAhl
QblA5WyP6+drRfjcebr6OG0w2KLzeibNU6y6+Rqm4KfkPqlkA/y0GK80QXXfhEXT
y6eS4gGn6EGmB6G25+/N5+KVv0YoOOpZnELgQcnT5xlvyh5rAmANMPnmCJlnKH5b
oWgDEcy5Ux+8DUP9VpMa7hkgl21jUYPIX3OXJBTX872PzYXunajfftat4K2z1TNV
6d+I5ialcUcEYyV7DFqVWm55VzqTYGSzCEuK/PKCaCxjvWhkiAwDRnmfVu6FiPRF
MWDNkKnIMrI8VJNC/OGYdissoq2rzXTv4EFRLMC5Uqe+
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:00 2024 by rpki-client on console-fra.rpki-client.org