Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/3Ws5p0e5eJvLWpdLD2Pv7xMqpmg.roa
File: 3Ws5p0e5eJvLWpdLD2Pv7xMqpmg.roa (raw, json)
Hash identifier: SHbr7IoeT8EwR24E3BOHzZCD6TJJYRqojTyUuUYVsbw=
Subject key identifier: DD:6B:39:A7:47:B9:78:9B:CB:5A:97:4B:0F:63:EF:EF:13:2A:A6:68
Certificate issuer: /CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Certificate serial: 01863AC0EEF3A377D2FEBD5841024908C468
Authority key identifier: DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/3Ws5p0e5eJvLWpdLD2Pv7xMqpmg.roa
Signing time: Fri 10 Feb 2023 09:56:07 +0000
ROA not before: Fri 10 Feb 2023 09:56:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5466
IP address blocks: 178.255.216.0/24 maxlen: 24
2a09:2140:8000::/48 maxlen: 48
2a09:2140::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:c0:ee:f3:a3:77:d2:fe:bd:58:41:02:49:08:c4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Validity
Not Before: Feb 10 09:56:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd6b39a747b9789bcb5a974b0f63efef132aa668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:06:57:6f:74:0a:85:20:92:09:81:c4:97:ed:
36:94:b9:82:c0:55:1c:f7:e0:17:f9:5e:8c:0f:c7:
e4:0d:9e:5a:85:bd:bd:9a:b4:dc:9b:32:25:e4:59:
95:65:8c:ab:63:bf:98:3e:9d:5a:41:7b:e9:26:e8:
e2:20:b1:c2:73:40:2a:d9:30:12:f1:5c:83:36:bb:
30:4e:63:d7:ee:1c:e9:ec:c7:98:9a:4b:91:42:66:
82:5d:9b:50:a6:36:67:07:f0:69:66:ba:e3:50:6e:
65:05:3b:5c:86:20:27:b4:5a:d5:2d:60:b4:b7:81:
3c:34:d0:2d:b1:8d:e5:23:7f:97:e3:b7:bc:f1:21:
fe:c1:87:17:d4:cd:66:08:e5:40:f2:12:cd:00:85:
f2:c4:26:db:43:a1:f4:b7:b4:cf:99:80:6f:24:73:
0d:35:e3:95:7a:e9:44:cc:49:fd:a9:78:00:38:65:
26:70:c4:78:87:7c:cb:98:9b:26:8b:ad:d1:08:5f:
e7:3a:f9:26:54:a7:d3:5c:33:44:1a:3c:82:4e:b9:
20:96:34:fb:71:33:d2:67:cb:9b:2f:2d:55:cc:b0:
5f:59:20:a0:b0:2d:b2:52:67:25:46:c7:ba:1b:c2:
c7:5d:21:d8:e6:38:17:c0:e1:d4:82:d2:22:54:63:
8b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:6B:39:A7:47:B9:78:9B:CB:5A:97:4B:0F:63:EF:EF:13:2A:A6:68
X509v3 Authority Key Identifier:
keyid:DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/3Ws5p0e5eJvLWpdLD2Pv7xMqpmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.216.0/24
IPv6:
2a09:2140::/48
2a09:2140:8000::/48
Signature Algorithm: sha256WithRSAEncryption
44:47:d7:ce:00:1e:e0:ee:0a:be:3c:dc:93:96:1c:13:5b:ae:
7e:7b:46:fa:2b:83:01:66:65:ba:2a:9e:1a:1f:e6:f7:b4:48:
ea:c7:5d:6e:4d:8c:c4:55:2b:b5:f6:5c:45:6c:18:40:a0:0b:
b5:ff:3e:7b:b6:0b:ec:2c:03:6c:ce:6c:40:f1:79:48:57:d0:
e7:73:9d:37:18:c7:13:13:d8:5a:43:18:6e:a5:03:7e:5a:a5:
06:8f:33:5d:5e:6d:a1:43:84:65:0d:db:91:78:67:55:d1:ad:
41:0d:a5:20:c7:fe:51:d1:9f:14:4f:98:2e:d5:5c:98:dc:07:
50:00:ce:a1:70:3a:12:44:05:35:31:0e:e1:1c:1a:95:da:4d:
7e:e0:e0:e6:bf:e1:1a:24:b8:89:ba:ad:c2:59:2a:91:13:d0:
b2:bf:0f:4f:65:4f:e3:23:32:33:0c:80:39:ce:bc:47:5b:89:
ab:f1:26:17:3f:15:e6:db:2f:bf:78:3c:4d:3e:68:ee:4a:c5:
cd:ec:87:85:ca:1c:4a:64:a9:04:55:ed:8f:19:28:ec:33:99:
3b:a0:d0:5a:16:ff:cb:2b:16:05:08:6e:92:e0:7c:70:9c:db:
d2:b0:7d:71:16:24:6e:a0:8e:00:6f:a5:1c:23:4e:c4:49:c2:
2c:7f:00:30
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYY6wO7zo3fS/r1YQQJJCMRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOTc5Yjg5OGMwZjU4MzRjYmM4MzhhNjlhMDVlM2FiZThj
MDI5MDMwHhcNMjMwMjEwMDk1NjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDZiMzlhNzQ3Yjk3ODliY2I1YTk3NGIwZjYzZWZlZjEzMmFhNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAZXb3QKhSCSCYHEl+02lLmCwFUc
9+AX+V6MD8fkDZ5ahb29mrTcmzIl5FmVZYyrY7+YPp1aQXvpJujiILHCc0Aq2TAS
8VyDNrswTmPX7hzp7MeYmkuRQmaCXZtQpjZnB/BpZrrjUG5lBTtchiAntFrVLWC0
t4E8NNAtsY3lI3+X47e88SH+wYcX1M1mCOVA8hLNAIXyxCbbQ6H0t7TPmYBvJHMN
NeOVeulEzEn9qXgAOGUmcMR4h3zLmJsmi63RCF/nOvkmVKfTXDNEGjyCTrkgljT7
cTPSZ8ubLy1VzLBfWSCgsC2yUmclRse6G8LHXSHY5jgXwOHUgtIiVGOLdQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN1rOadHuXiby1qXSw9j7+8TKqZoMB8GA1UdIwQY
MBaAFNuXm4mMD1g0y8g4ppoF46vowCkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUt
NGNiMjU3ZWUxOTJjLzEvM1dzNXAwZTVlSnZMV3BkTEQyUHY3eE1xcG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUtNGNiMjU3ZWUxOTJj
LzEvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAsv/YMBgE
AgACMBIDBwAqCSFAAAADBwAqCSFAgAAwDQYJKoZIhvcNAQELBQADggEBAERH184A
HuDuCr483JOWHBNbrn57RvorgwFmZboqnhof5ve0SOrHXW5NjMRVK7X2XEVsGECg
C7X/Pnu2C+wsA2zObEDxeUhX0OdznTcYxxMT2FpDGG6lA35apQaPM11ebaFDhGUN
25F4Z1XRrUENpSDH/lHRnxRPmC7VXJjcB1AAzqFwOhJEBTUxDuEcGpXaTX7g4Oa/
4RokuIm6rcJZKpET0LK/D09lT+MjMjMMgDnOvEdbiavxJhc/FebbL794PE0+aO5K
xc3sh4XKHEpkqQRV7Y8ZKOwzmTug0FoW/8srFgUIbpLgfHCc29KwfXEWJG6gjgBv
pRwjTsRJwix/ADA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:49 2024 by rpki-client on console-ams.rpki-client.org