Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/3cRZTZpzn85OB3s7lBXtibCIG0I.roa
File: 3cRZTZpzn85OB3s7lBXtibCIG0I.roa (raw, json)
Hash identifier: 4Mo0HvVZ08mH8/AlGufeo+VI7+8GrXwS8KPXcvcboOM=
Subject key identifier: DD:C4:59:4D:9A:73:9F:CE:4E:07:7B:3B:94:15:ED:89:B0:88:1B:42
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018572036184F5643665C23EB8A1C4CD9806
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/3cRZTZpzn85OB3s7lBXtibCIG0I.roa
Signing time: Mon 02 Jan 2023 10:25:02 +0000
ROA not before: Mon 02 Jan 2023 10:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.206.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.84.1.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:61:84:f5:64:36:65:c2:3e:b8:a1:c4:cd:98:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddc4594d9a739fce4e077b3b9415ed89b0881b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:db:a8:cb:6e:f6:53:99:ac:56:92:0a:c3:97:
e4:eb:62:b7:13:71:cd:a0:82:2b:ac:7f:6b:2d:d4:
ed:34:9a:00:b2:73:a5:03:e0:a7:6c:92:5d:a9:c5:
87:80:2e:d7:88:b0:cf:93:e3:6e:66:8d:36:35:e4:
73:c8:6e:7f:b9:28:99:dc:ec:af:d6:30:ab:19:46:
ad:79:d4:17:13:bb:9e:c5:75:5d:8b:69:d7:ec:dd:
48:93:38:1c:d3:2f:eb:1f:da:46:a5:1b:b7:f9:34:
74:34:0a:66:3e:bd:da:3b:fc:a5:78:f6:03:95:14:
2c:f1:a2:05:17:76:c6:b4:24:4e:87:1f:85:9b:ca:
0a:62:12:05:cd:8c:b3:f4:ef:12:1d:9e:74:c2:f9:
6a:e8:23:85:fc:70:2c:25:60:59:d4:cf:9d:40:04:
6d:f0:d5:75:56:92:d1:7d:67:d9:72:58:4e:4c:0e:
36:d1:36:58:82:26:4c:16:25:76:e3:a9:4a:22:70:
f4:c3:f3:1a:df:bc:65:10:be:6d:70:97:6a:ba:c4:
d8:ef:07:ec:4f:ab:a2:55:28:89:79:73:97:34:dd:
24:47:b1:19:7a:9e:77:17:05:d6:d7:16:1e:ed:cd:
04:d9:75:b5:1e:6e:bf:41:27:2d:c5:01:d4:c2:05:
58:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C4:59:4D:9A:73:9F:CE:4E:07:7B:3B:94:15:ED:89:B0:88:1B:42
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/3cRZTZpzn85OB3s7lBXtibCIG0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.39.0/24
45.8.144.0/23
45.67.35.0/24
45.84.0.0/23
45.87.154.0/24
45.89.52.0/24
45.159.248.0/22
93.185.166.0/24
141.98.169.0/24
185.231.204.0/22
193.46.56.0/24
193.57.136.0/24
193.57.138.0/24
194.4.48.0/22
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
38:89:e5:b6:f8:c1:8c:a8:6f:04:c6:e5:ac:5d:99:bf:c5:f5:
c2:8f:3a:55:49:bb:5a:09:ca:ad:6b:af:89:3a:ff:c5:91:1d:
99:28:d2:e2:91:2d:a2:fe:44:c1:62:52:6e:32:5d:1c:d9:9b:
84:6a:8b:65:6b:a8:8e:26:98:58:cc:4e:75:4e:61:e3:6a:9c:
91:27:37:63:f5:9b:fe:a1:a3:fd:81:d2:18:8d:72:0a:28:3c:
b8:af:0f:e7:76:01:a8:10:a2:b1:fe:15:dc:ac:5f:25:23:c9:
c7:1e:99:6d:50:f5:75:d0:f7:71:99:a1:e9:05:61:ee:45:bd:
51:52:af:8c:c9:48:35:c4:1e:fc:17:5b:fd:e5:58:bb:e6:54:
2f:41:b9:c2:d3:0b:0e:a5:4d:da:9c:73:36:d0:9f:72:20:fc:
cc:31:2b:33:01:31:85:98:ec:fa:0b:f0:bd:ce:19:45:40:49:
81:3f:30:2e:79:f9:76:58:f8:36:53:a3:51:7d:ff:63:e2:cb:
71:ac:f3:79:5a:77:12:3a:9f:49:33:7e:70:2d:4b:e7:1b:6b:
6b:b4:8a:4b:76:06:91:c3:aa:04:00:79:f1:98:35:09:cf:6b:
e4:23:ee:4f:8e:86:83:a9:4a:0c:6e:d8:88:36:51:80:dc:42:
bf:d2:b5:b5
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVyA2GE9WQ2ZcI+uKHEzZgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM0NTk0ZDlhNzM5ZmNlNGUwNzdiM2I5NDE1ZWQ4OWIwODgxYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9uoy272U5msVpIKw5fk62K3E3HN
oIIrrH9rLdTtNJoAsnOlA+CnbJJdqcWHgC7XiLDPk+NuZo02NeRzyG5/uSiZ3Oyv
1jCrGUatedQXE7uexXVdi2nX7N1Ikzgc0y/rH9pGpRu3+TR0NApmPr3aO/ylePYD
lRQs8aIFF3bGtCROhx+Fm8oKYhIFzYyz9O8SHZ50wvlq6COF/HAsJWBZ1M+dQARt
8NV1VpLRfWfZclhOTA420TZYgiZMFiV246lKInD0w/Ma37xlEL5tcJdqusTY7wfs
T6uiVSiJeXOXNN0kR7EZep53FwXW1xYe7c0E2XW1Hm6/QSctxQHUwgVYAQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFN3EWU2ac5/OTgd7O5QV7YmwiBtCMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvM2NSWlRacHpuODVPQjNzN2xCWHRpYkNJRzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABbYnAwQB
LQiQAwQALUMjAwQBLVQAAwQALVeaAwQALVk0AwQCLZ/4AwQAXbmmAwQAjWKpAwQC
uefMAwQAwS44AwQAwTmIAwQAwTmKAwQCwgQwAwQBwnS+MA0GCSqGSIb3DQEBCwUA
A4IBAQA4ieW2+MGMqG8ExuWsXZm/xfXCjzpVSbtaCcqta6+JOv/FkR2ZKNLikS2i
/kTBYlJuMl0c2ZuEaotla6iOJphYzE51TmHjapyRJzdj9Zv+oaP9gdIYjXIKKDy4
rw/ndgGoEKKx/hXcrF8lI8nHHpltUPV10PdxmaHpBWHuRb1RUq+MyUg1xB78F1v9
5Vi75lQvQbnC0wsOpU3anHM20J9yIPzMMSszATGFmOz6C/C9zhlFQEmBPzAuefl2
WPg2U6NRff9j4stxrPN5WncSOp9JM35wLUvnG2trtIpLdgaRw6oEAHnxmDUJz2vk
I+5PjoaDqUoMbtiINlGA3EK/0rW1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org