Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3FNmdy_RAqKkQBTlnTCeWnWqCu8.roa
File: 3FNmdy_RAqKkQBTlnTCeWnWqCu8.roa (raw, json)
Hash identifier: toko96WqVPCSain/GLzuu94RQlX/kWOEwou/5FAyvXw=
Subject key identifier: DC:53:66:77:2F:D1:02:A2:A4:40:14:E5:9D:30:9E:5A:75:AA:0A:EF
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01869EE5DCBE954479BFD2E51B3E68372DC6
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3FNmdy_RAqKkQBTlnTCeWnWqCu8.roa
Signing time: Wed 01 Mar 2023 20:38:29 +0000
ROA not before: Wed 01 Mar 2023 20:38:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211567
IP address blocks: 193.35.153.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:e5:dc:be:95:44:79:bf:d2:e5:1b:3e:68:37:2d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 1 20:38:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc5366772fd102a2a44014e59d309e5a75aa0aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:14:76:a4:a4:27:9c:f2:4d:47:1a:df:bf:a5:
73:13:4d:d8:4d:d4:42:79:60:ca:3c:4f:2e:f4:8b:
6c:d5:bf:6e:ae:04:2c:8c:a5:cb:cb:2a:db:00:38:
aa:7e:31:ba:3d:1a:a5:56:ad:37:87:7f:ac:c4:b8:
60:74:ee:b8:7b:d7:8e:2c:18:0c:1c:3f:ea:ae:b5:
45:33:7a:8a:5c:0e:9f:b5:4b:32:3f:20:76:0f:b2:
34:f4:b0:5c:82:f8:6d:49:d2:3c:1b:82:04:f7:b2:
b1:fc:c2:91:b1:15:0d:f9:fc:b5:1e:9d:f0:7a:93:
db:bc:6b:1e:88:16:86:57:6c:96:e2:13:6a:33:67:
61:b5:48:d7:35:92:9f:81:67:3b:da:57:d3:d8:35:
8e:9c:8e:96:7b:79:42:d2:4d:ef:31:e7:ff:52:d8:
01:29:20:a1:1f:c0:30:9e:02:ad:35:d4:22:26:93:
b4:3c:ed:df:63:45:26:59:16:ef:d3:62:da:97:53:
df:f8:15:29:b1:1a:cc:7f:90:b0:0c:46:ed:17:f4:
0f:74:74:84:df:b4:2a:19:f7:47:52:9d:4d:72:2e:
0b:4e:0e:bd:b3:4e:1e:ad:00:3c:f0:4c:e5:60:1c:
e0:05:74:6e:92:d8:05:4a:10:b3:79:5c:5b:77:e0:
b8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:53:66:77:2F:D1:02:A2:A4:40:14:E5:9D:30:9E:5A:75:AA:0A:EF
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3FNmdy_RAqKkQBTlnTCeWnWqCu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.48.0/24
185.88.173.0/24
185.243.180.0/24
185.250.210.0/24
193.35.153.0/24
194.62.52.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:85:93:e4:d7:7c:c3:7f:dc:69:50:e4:63:89:a9:e0:72:44:
aa:f9:44:9e:f6:a1:64:73:7b:2d:df:08:24:60:6b:90:fb:c4:
ed:47:20:9b:7e:3b:b6:c3:43:f5:80:0f:91:f1:86:10:d1:07:
2c:90:1e:27:55:db:42:a8:da:e2:90:fb:d0:99:7f:4b:f9:5d:
d6:6b:67:41:45:10:3f:09:d1:44:a2:fb:6d:5e:57:0f:d2:a3:
61:55:fa:f1:9a:17:6f:0a:4d:a9:d0:c8:bd:96:d6:4b:f3:53:
73:e2:1b:62:73:ca:34:4f:c7:1e:59:0c:a0:a6:78:0d:fc:53:
dc:5f:83:b8:51:33:f5:f1:13:ce:0b:9a:2d:fb:38:68:fe:fb:
a2:d5:1e:48:63:c9:dc:9b:1a:ee:f7:ae:ef:82:7e:ca:59:e5:
71:04:42:51:5e:a4:0f:1c:1f:18:57:fb:a9:5f:f2:84:b9:98:
b0:f2:38:f2:4a:bd:7c:3a:a9:cf:70:a2:cf:d2:9f:24:2e:88:
77:b7:42:7c:7a:03:f0:3b:31:ef:43:17:8f:2f:87:2d:f7:7b:
ac:54:24:02:c4:8c:32:9c:b8:0e:37:8b:cf:01:e5:99:1c:04:
b6:94:26:be:51:b6:85:d5:74:28:c3:9a:d4:4b:7d:d6:95:3b:
2b:26:39:6a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYae5dy+lUR5v9LlGz5oNy3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMzAxMjAzODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUzNjY3NzJmZDEwMmEyYTQ0MDE0ZTU5ZDMwOWU1YTc1YWEwYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhR2pKQnnPJNRxrfv6VzE03YTdRC
eWDKPE8u9Its1b9urgQsjKXLyyrbADiqfjG6PRqlVq03h3+sxLhgdO64e9eOLBgM
HD/qrrVFM3qKXA6ftUsyPyB2D7I09LBcgvhtSdI8G4IE97Kx/MKRsRUN+fy1Hp3w
epPbvGseiBaGV2yW4hNqM2dhtUjXNZKfgWc72lfT2DWOnI6We3lC0k3vMef/UtgB
KSChH8AwngKtNdQiJpO0PO3fY0UmWRbv02Lal1Pf+BUpsRrMf5CwDEbtF/QPdHSE
37QqGfdHUp1Nci4LTg69s04erQA88EzlYBzgBXRuktgFShCzeVxbd+C4mwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNxTZncv0QKipEAU5Z0wnlp1qgrvMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvM0ZObWR5X1JBcUtrUUJUbG5UQ2VXbldxQ3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAbewwAwQA
uVitAwQAufO0AwQAufrSAwQAwSOZAwQAwj40MA0GCSqGSIb3DQEBCwUAA4IBAQA/
hZPk13zDf9xpUORjiangckSq+USe9qFkc3st3wgkYGuQ+8TtRyCbfju2w0P1gA+R
8YYQ0QcskB4nVdtCqNrikPvQmX9L+V3Wa2dBRRA/CdFEovttXlcP0qNhVfrxmhdv
Ck2p0Mi9ltZL81Nz4htic8o0T8ceWQygpngN/FPcX4O4UTP18RPOC5ot+zho/vui
1R5IY8ncmxru967vgn7KWeVxBEJRXqQPHB8YV/upX/KEuZiw8jjySr18OqnPcKLP
0p8kLoh3t0J8egPwOzHvQxePL4ct93usVCQCxIwynLgON4vPAeWZHAS2lCa+UbaF
1XQow5rUS33WlTsrJjlq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org