Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3qQ3DXqYcqj6b1eyRp6Tkooam44.roa
File: 3qQ3DXqYcqj6b1eyRp6Tkooam44.roa (raw, json)
Hash identifier: aPob4XNveLx5sj/qraGzzXW86bGs/71ghjM/8gShDy0=
Subject key identifier: DE:A4:37:0D:7A:98:72:A8:FA:6F:57:B2:46:9E:93:92:8A:1A:9B:8E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019037DCCB03CF06DA256644367DE5BA15BE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3qQ3DXqYcqj6b1eyRp6Tkooam44.roa
Signing time: Thu 20 Jun 2024 22:55:35 +0000
ROA not before: Thu 20 Jun 2024 22:55:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.50.111.0/24 maxlen: 24
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 09:18:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:37:dc:cb:03:cf:06:da:25:66:44:36:7d:e5:ba:15:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 20 22:55:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dea4370d7a9872a8fa6f57b2469e93928a1a9b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:00:6a:d4:fa:25:65:a7:b2:29:bd:69:74:be:
81:51:82:ba:20:c7:ae:2a:0d:2b:5a:df:2b:21:96:
4a:75:2e:e3:16:35:19:3b:80:f1:2c:4e:2a:ab:47:
0e:4a:0b:69:75:22:e9:75:49:a2:62:53:a7:20:3e:
ac:18:76:17:4c:a4:22:f2:d3:81:c4:37:2a:e4:1c:
88:9a:42:c5:00:38:67:7e:9d:a9:c9:dd:41:36:b6:
28:05:46:6f:17:19:31:f6:3b:f4:ee:e5:5d:94:07:
72:07:2f:b4:9f:7c:7c:a7:6d:e3:59:07:4e:30:be:
ef:bd:14:d7:4d:f4:ba:82:fc:76:7a:b7:f3:6b:36:
f0:1b:d3:2a:60:62:b8:8a:70:b0:57:94:b4:dd:9f:
14:46:7a:a5:ac:8a:fd:1d:80:4b:dc:06:69:92:84:
82:31:9c:a5:01:b3:03:c9:1d:e3:41:a7:5a:fa:15:
9d:25:63:a3:c8:0d:4c:0d:05:07:26:f2:83:44:1f:
e8:ae:fc:5a:72:a4:78:87:65:a1:bc:66:22:9e:f0:
6d:e7:03:02:7d:8e:15:19:d9:67:d2:7c:e9:3e:92:
4b:1a:fd:c0:d9:19:f9:ec:a6:d3:7b:ad:fa:5d:5d:
2e:ac:4c:d5:56:0f:94:7b:80:1c:ea:a2:40:83:70:
c4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A4:37:0D:7A:98:72:A8:FA:6F:57:B2:46:9E:93:92:8A:1A:9B:8E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3qQ3DXqYcqj6b1eyRp6Tkooam44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
IPv6:
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
Signature Algorithm: sha256WithRSAEncryption
ba:6c:a8:21:c6:6e:44:c1:00:67:89:a8:f1:bc:e1:cf:91:47:
67:c7:4c:2d:0f:6b:85:ba:10:c1:75:b1:a4:38:74:f3:f3:2a:
b2:86:4b:41:b4:e9:ca:c5:35:d4:d8:46:1b:3f:e4:55:a7:b8:
ec:1a:a4:dd:37:cb:31:47:2e:41:22:c3:31:12:e5:86:a7:d7:
95:fe:d6:f5:88:40:8c:be:54:cd:a4:a4:83:d2:67:91:ef:8e:
62:70:d2:74:a4:6b:4a:5c:04:48:fc:ce:f3:7a:52:21:f6:ee:
6f:f4:ec:5d:a5:49:78:c5:b7:88:52:33:45:ed:11:69:d5:9b:
00:96:b1:52:71:f8:b9:48:28:8a:ff:4b:9a:50:91:cf:f1:91:
da:80:85:c6:65:a4:cd:ca:df:f6:26:e5:cb:15:1f:e9:fb:31:
f8:c0:2f:40:ff:55:b3:ae:50:5f:47:94:f5:b9:08:81:f0:7b:
b6:6c:6a:a3:4a:81:fb:31:9b:be:a8:47:b7:2d:0c:93:3f:14:
4a:47:16:66:34:bd:7c:a1:71:29:30:31:a7:ba:de:be:ec:2e:
33:5e:70:f3:c4:79:88:3c:77:cd:73:15:82:3a:13:db:ee:24:
6f:28:19:a7:58:94:91:f0:81:61:fb:8c:cb:04:a8:6c:8c:42:
21:6c:5e:d8
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZA33MsDzwbaJWZENn3luhW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjIwMjI1NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE0MzcwZDdhOTg3MmE4ZmE2ZjU3YjI0NjllOTM5MjhhMWE5YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wBq1PolZaeyKb1pdL6BUYK6IMeu
Kg0rWt8rIZZKdS7jFjUZO4DxLE4qq0cOSgtpdSLpdUmiYlOnID6sGHYXTKQi8tOB
xDcq5ByImkLFADhnfp2pyd1BNrYoBUZvFxkx9jv07uVdlAdyBy+0n3x8p23jWQdO
ML7vvRTXTfS6gvx2erfzazbwG9MqYGK4inCwV5S03Z8URnqlrIr9HYBL3AZpkoSC
MZylAbMDyR3jQada+hWdJWOjyA1MDQUHJvKDRB/orvxacqR4h2WhvGYinvBt5wMC
fY4VGdln0nzpPpJLGv3A2Rn57KbTe636XV0urEzVVg+Ue4Ac6qJAg3DEdQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFN6kNw16mHKo+m9Xskaek5KKGpuOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM3FRM0RYcVljcWo2YjFleVJwNlRrb29hbTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQAwjJvMD4E
AgACMDgDBwAqDpfABBEDBwAqDpfACOADBwAqDrEHGaAwEgMHACoOsQcaYwMHACoO
sQcaZAMHAioOsQcogDANBgkqhkiG9w0BAQsFAAOCAQEAumyoIcZuRMEAZ4mo8bzh
z5FHZ8dMLQ9rhboQwXWxpDh08/MqsoZLQbTpysU11NhGGz/kVae47Bqk3TfLMUcu
QSLDMRLlhqfXlf7W9YhAjL5UzaSkg9Jnke+OYnDSdKRrSlwESPzO83pSIfbub/Ts
XaVJeMW3iFIzRe0RadWbAJaxUnH4uUgoiv9LmlCRz/GR2oCFxmWkzcrf9iblyxUf
6fsx+MAvQP9Vs65QX0eU9bkIgfB7tmxqo0qB+zGbvqhHty0Mkz8USkcWZjS9fKFx
KTAxp7revuwuM15w88R5iDx3zXMVgjoT2+4kbygZp1iUkfCBYfuMywSobIxCIWxe
2A==
-----END CERTIFICATE-----
Generated at Fri Jun 21 13:17:26 2024 by rpki-client on console-fra.rpki-client.org