Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/3yRO7373zTrGGoJbulQxwkABL3A.roa
File: 3yRO7373zTrGGoJbulQxwkABL3A.roa (raw, json)
Hash identifier: QU2T7XspUNxFxfcLFNWzw8c/s/ZY1WPM0muo1vCRPMc=
Subject key identifier: DF:24:4E:EF:7E:F7:CD:3A:C6:1A:82:5B:BA:54:31:C2:40:01:2F:70
Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Certificate serial: 01856CC172CC6E0DE4C0F9616D40BFADEDE5
Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/3yRO7373zTrGGoJbulQxwkABL3A.roa
Signing time: Sun 01 Jan 2023 09:54:55 +0000
ROA not before: Sun 01 Jan 2023 09:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29670
IP address blocks: 193.29.188.0/24 maxlen: 24
217.197.80.0/20 maxlen: 24
192.109.82.0/24 maxlen: 24
192.109.21.0/24 maxlen: 24
192.109.42.0/24 maxlen: 24
185.177.204.0/22 maxlen: 24
2001:67c:1400::/45 maxlen: 48
2a0a:4580::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:72:cc:6e:0d:e4:c0:f9:61:6d:40:bf:ad:ed:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Validity
Not Before: Jan 1 09:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df244eef7ef7cd3ac61a825bba5431c240012f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ec:3c:6f:11:b9:5d:dd:ae:d3:f7:91:36:df:
47:14:f1:ca:b5:2d:93:d5:bc:38:3d:61:80:c5:f4:
cc:f5:eb:20:a0:5f:53:ef:de:9a:f9:56:b7:2b:c9:
14:7e:60:a5:99:9f:08:a5:96:80:bf:f8:8f:97:cc:
23:5b:d6:59:95:4e:a1:76:3f:82:4e:e0:e3:0c:68:
2f:a9:c4:91:ba:a8:37:b2:d4:31:a0:c1:da:69:10:
d2:e2:de:de:be:7c:3d:cf:58:10:e3:20:cd:0a:9b:
0e:9c:49:8f:66:10:80:ae:2e:87:5a:33:d6:e3:76:
a5:96:37:0a:36:69:5f:8e:6f:82:31:36:d8:24:9a:
cf:01:a5:4f:85:ce:9a:16:a7:d8:6f:de:8d:e6:ee:
65:77:6f:0a:71:12:18:10:48:9d:d7:7c:bc:c2:38:
17:ce:ed:da:b3:2f:d4:46:cf:08:ef:b6:83:d4:6f:
a1:24:1b:99:5a:9b:9d:fb:43:bd:49:6d:af:37:1e:
27:3e:7b:05:1b:59:3f:e9:7a:1c:ff:05:94:43:ab:
3b:10:14:43:e5:43:eb:de:bd:72:32:9e:6e:de:8d:
88:f1:fc:4d:02:cb:37:20:ce:20:82:23:9b:4e:67:
e4:b5:05:17:0f:71:11:d0:ae:01:44:54:ad:ba:d0:
40:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:24:4E:EF:7E:F7:CD:3A:C6:1A:82:5B:BA:54:31:C2:40:01:2F:70
X509v3 Authority Key Identifier:
keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/3yRO7373zTrGGoJbulQxwkABL3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.204.0/22
192.109.21.0/24
192.109.42.0/24
192.109.82.0/24
193.29.188.0/24
217.197.80.0/20
IPv6:
2001:67c:1400::/45
2a0a:4580::/29
Signature Algorithm: sha256WithRSAEncryption
1a:e4:dd:7f:d4:19:2e:b9:54:9f:2a:85:7e:48:7b:04:52:a9:
a3:4c:8b:9d:1d:d6:a7:c6:56:2b:c5:79:c8:3d:27:c2:a8:6e:
00:4b:3d:11:a8:2e:11:db:00:a6:0f:94:69:67:48:15:4d:08:
50:82:2d:ef:48:97:c4:b7:84:3a:31:4c:f9:bf:9c:52:93:de:
3c:c7:1f:f3:99:eb:c8:8e:3d:4d:b7:35:9a:d0:af:a3:53:9f:
82:4e:1b:40:9b:87:e7:b2:d1:50:2f:7d:bd:03:87:81:73:4f:
b4:5e:18:af:d0:09:82:5b:31:b9:4e:3d:50:25:15:c0:cf:80:
0a:e3:ad:68:fe:36:33:88:d8:31:0f:67:26:75:8b:ba:3c:ad:
cb:5a:fa:27:db:ec:15:eb:4a:17:a9:ea:61:82:36:d1:76:d7:
2c:fb:ac:0a:91:a2:73:f0:72:df:4e:6e:8d:5c:21:22:48:d7:
80:00:6e:0c:a6:5e:a5:a2:f8:9d:60:75:85:4a:cb:f8:a5:40:
14:bb:2e:a6:a4:13:fa:3e:0b:e5:78:cf:99:f2:51:61:95:38:
20:33:26:ec:10:29:fe:fb:1d:2d:2c:3a:32:3e:9f:4c:88:1f:
7b:cc:89:8d:3b:ff:f5:51:e0:74:35:af:8d:e8:ff:db:72:d6:
59:fe:aa:0f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVswXLMbg3kwPlhbUC/re3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTk2NjY2NGVjOTZlZGJkMTJlOGU4MmU5NDBiZmI5ZmFl
YzEwNWUwHhcNMjMwMTAxMDk1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjI0NGVlZjdlZjdjZDNhYzYxYTgyNWJiYTU0MzFjMjQwMDEyZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+w8bxG5Xd2u0/eRNt9HFPHKtS2T
1bw4PWGAxfTM9esgoF9T796a+Va3K8kUfmClmZ8IpZaAv/iPl8wjW9ZZlU6hdj+C
TuDjDGgvqcSRuqg3stQxoMHaaRDS4t7evnw9z1gQ4yDNCpsOnEmPZhCAri6HWjPW
43alljcKNmlfjm+CMTbYJJrPAaVPhc6aFqfYb96N5u5ld28KcRIYEEid13y8wjgX
zu3asy/URs8I77aD1G+hJBuZWpud+0O9SW2vNx4nPnsFG1k/6Xoc/wWUQ6s7EBRD
5UPr3r1yMp5u3o2I8fxNAss3IM4ggiObTmfktQUXD3ER0K4BRFStutBAPQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFN8kTu9+9806xhqCW7pUMcJAAS9wMB8GA1UdIwQY
MBaAFPipZmZOyW7b0S6OgulAv7n67BBeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LbG1aazdKYnR2UkxvNkM2VUNfdWZyc0VGNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1
LTM4MjM1NWZjMmZmMS8xLzN5Uk83MzczelRyR0dvSmJ1bFF4d2tBQkwzQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1LTM4MjM1NWZjMmZm
MS8xLzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMCoEAgABMCQDBAK5scwD
BADAbRUDBADAbSoDBADAbVIDBADBHbwDBATZxVAwFgQCAAIwEAMHAyABBnwUAAMF
AyoKRYAwDQYJKoZIhvcNAQELBQADggEBABrk3X/UGS65VJ8qhX5IewRSqaNMi50d
1qfGVivFecg9J8KobgBLPRGoLhHbAKYPlGlnSBVNCFCCLe9Il8S3hDoxTPm/nFKT
3jzHH/OZ68iOPU23NZrQr6NTn4JOG0Cbh+ey0VAvfb0Dh4FzT7ReGK/QCYJbMblO
PVAlFcDPgArjrWj+NjOI2DEPZyZ1i7o8rcta+ifb7BXrShep6mGCNtF21yz7rAqR
onPwct9Obo1cISJI14AAbgymXqWi+J1gdYVKy/ilQBS7LqakE/o+C+V4z5nyUWGV
OCAzJuwQKf77HS0sOjI+n0yIH3vMiY07//VR4HQ1r43o/9ty1ln+qg8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:25 2024 by rpki-client on console-fra.rpki-client.org