Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/3Zg4jlv0Y7hq1MGCK1RsGLhoeDE.roa
File: 3Zg4jlv0Y7hq1MGCK1RsGLhoeDE.roa (raw, json)
Hash identifier: OtUPNNwCN7mf5QcoH6LTuk7ZPvq/FI0yw4zopzNFN2U=
Subject key identifier: DD:98:38:8E:5B:F4:63:B8:6A:D4:C1:82:2B:54:6C:18:B8:68:78:31
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 01864F160D9FA64BE510E0C160DF98BD017F
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/3Zg4jlv0Y7hq1MGCK1RsGLhoeDE.roa
Signing time: Tue 14 Feb 2023 08:41:30 +0000
ROA not before: Tue 14 Feb 2023 08:41:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 185.15.100.0/22 maxlen: 24
5.152.168.0/21 maxlen: 24
5.8.184.0/21 maxlen: 24
37.1.176.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:16:0d:9f:a6:4b:e5:10:e0:c1:60:df:98:bd:01:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Feb 14 08:41:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd98388e5bf463b86ad4c1822b546c18b8687831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:53:49:10:65:e0:5e:ea:f0:02:04:ca:c5:
b0:03:f7:7c:6b:74:24:79:a8:a8:7e:8d:76:db:59:
e5:69:99:71:fd:95:b4:68:46:52:e6:4d:97:4d:4d:
4a:2a:81:31:fc:e8:17:a9:c4:e2:1e:f4:33:67:95:
c1:ed:5d:a6:28:c5:44:4e:bd:73:f6:94:a7:cb:91:
9e:94:2a:f3:c0:a6:38:92:85:d9:46:e4:bb:7d:7a:
c0:18:8e:76:d6:85:7e:c6:20:50:cf:ff:e8:80:41:
ba:72:ba:18:27:99:e2:c8:b8:49:fd:94:98:45:50:
e0:bd:2a:fb:08:fb:12:6a:24:2c:79:88:e5:42:43:
95:79:24:40:77:aa:f5:ce:f4:dc:ea:30:c4:11:82:
ac:6c:7f:17:80:84:55:90:bf:4e:d6:22:11:3d:85:
8e:cf:24:7f:a8:c3:8b:ec:47:6d:9a:03:75:30:ca:
4d:0b:46:b9:9b:e7:1f:5f:c3:aa:f1:c3:d0:ba:13:
87:e7:31:57:77:ba:84:f5:19:cf:dc:8f:e4:fd:18:
74:fc:82:4b:ea:b3:79:75:76:7d:45:88:d5:e4:9a:
d4:cc:c9:7d:c7:7f:45:a1:ef:36:f4:df:3a:fe:71:
bb:19:6e:01:9a:16:bb:e9:8f:46:56:af:33:23:86:
77:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:98:38:8E:5B:F4:63:B8:6A:D4:C1:82:2B:54:6C:18:B8:68:78:31
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/3Zg4jlv0Y7hq1MGCK1RsGLhoeDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
5.152.168.0/21
37.1.176.0/21
185.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
47:cd:4a:4d:1a:37:9a:ea:0b:e5:60:91:32:92:c1:20:d2:1b:
93:20:1f:4f:50:7e:e0:43:58:c0:5c:99:71:f0:4e:84:ea:fc:
4c:e7:d7:f2:e9:b3:eb:30:09:d9:55:f5:a6:d2:fe:c7:4a:62:
4c:c9:37:e0:06:17:b7:f8:0f:73:5d:d2:3f:85:5a:10:f7:49:
fc:79:b7:d8:51:eb:1c:33:64:e4:1e:89:5d:31:7e:7c:7a:eb:
4c:bf:8c:ce:d8:03:bb:86:aa:75:2c:20:9a:ac:51:ea:09:f5:
d2:0c:db:ff:61:41:a2:c1:14:34:da:fb:65:8a:7f:ff:8a:4b:
5f:67:9e:de:67:76:de:c3:8a:bf:84:e8:e8:01:82:78:5f:3c:
e3:6d:23:6a:2c:a1:be:4f:b9:11:88:e3:31:ae:8b:39:f6:0d:
42:69:0e:39:13:93:04:58:b0:ed:00:7f:22:46:9a:e6:a3:a6:
f8:6c:77:be:d4:75:b1:38:ae:a9:ab:ea:2c:54:16:54:38:b9:
98:fa:fa:ce:ba:8c:5c:af:df:85:db:12:8b:66:06:19:f4:03:
5c:2d:5a:65:ae:7c:b9:d1:50:0e:85:46:e9:ed:34:b5:42:51:
e6:39:76:08:70:82:07:a6:77:a2:52:43:35:d2:c6:dc:1b:65:
f7:98:cc:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZPFg2fpkvlEODBYN+YvQF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0
MTEyNTcwHhcNMjMwMjE0MDg0MTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk4Mzg4ZTViZjQ2M2I4NmFkNGMxODIyYjU0NmMxOGI4Njg3ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXBTSRBl4F7q8AIEysWwA/d8a3Qk
eaiofo1221nlaZlx/ZW0aEZS5k2XTU1KKoEx/OgXqcTiHvQzZ5XB7V2mKMVETr1z
9pSny5GelCrzwKY4koXZRuS7fXrAGI521oV+xiBQz//ogEG6croYJ5niyLhJ/ZSY
RVDgvSr7CPsSaiQseYjlQkOVeSRAd6r1zvTc6jDEEYKsbH8XgIRVkL9O1iIRPYWO
zyR/qMOL7EdtmgN1MMpNC0a5m+cfX8Oq8cPQuhOH5zFXd7qE9RnP3I/k/Rh0/IJL
6rN5dXZ9RYjV5JrUzMl9x39Foe829N86/nG7GW4Bmha76Y9GVq8zI4Z3PQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN2YOI5b9GO4atTBgitUbBi4aHgxMB8GA1UdIwQY
MBaAFLGom2fGbev13tPyiAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTct
MjEwMGJmMGYxNDBhLzEvM1pnNGpsdjBZN2hxMU1HQ0sxUnNHTGhvZURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBh
LzEvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQi4AwQD
BZioAwQDJQGwAwQCuQ9kMA0GCSqGSIb3DQEBCwUAA4IBAQBHzUpNGjea6gvlYJEy
ksEg0huTIB9PUH7gQ1jAXJlx8E6E6vxM59fy6bPrMAnZVfWm0v7HSmJMyTfgBhe3
+A9zXdI/hVoQ90n8ebfYUescM2TkHoldMX58eutMv4zO2AO7hqp1LCCarFHqCfXS
DNv/YUGiwRQ02vtlin//iktfZ57eZ3bew4q/hOjoAYJ4XzzjbSNqLKG+T7kRiOMx
ros59g1CaQ45E5MEWLDtAH8iRprmo6b4bHe+1HWxOK6pq+osVBZUOLmY+vrOuoxc
r9+F2xKLZgYZ9ANcLVplrny50VAOhUbp7TS1QlHmOXYIcIIHpneiUkM10sbcG2X3
mMx1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:16 2024 by rpki-client on console-fra.rpki-client.org