Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3DhSLvfbOYGo0CjRHlBm3ajRE4A.roa
File: 3DhSLvfbOYGo0CjRHlBm3ajRE4A.roa (raw, json)
Hash identifier: RF/Toec/y5cdgz6e/Ixxd7S82OpBU4RMhEknJMPTHY4=
Subject key identifier: DC:38:52:2E:F7:DB:39:81:A8:D0:28:D1:1E:50:66:DD:A8:D1:13:80
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0187DCC2BE10D5E5C9AB54C479DE9A72E99A
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3DhSLvfbOYGo0CjRHlBm3ajRE4A.roa
Signing time: Tue 02 May 2023 13:59:22 +0000
ROA not before: Tue 02 May 2023 13:59:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:c2:be:10:d5:e5:c9:ab:54:c4:79:de:9a:72:e9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: May 2 13:59:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc38522ef7db3981a8d028d11e5066dda8d11380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6d:dd:88:b5:71:42:d6:ba:de:c6:cd:16:e1:
d2:8f:32:09:f4:d5:18:a0:69:2e:6c:f3:32:6b:89:
f5:c3:e5:21:e9:42:ed:6d:54:a0:e1:2f:66:b2:54:
5a:d8:11:91:bf:84:10:57:3f:eb:62:b7:cf:72:4c:
a1:b5:13:8d:d6:2e:50:73:cd:9e:6a:d8:bf:b1:de:
30:52:30:65:bc:06:fe:78:be:3d:e1:09:0f:7d:ac:
29:0b:3e:c5:a3:8b:04:6c:e4:02:a4:96:82:a4:99:
60:dd:ba:1d:ea:44:31:72:c0:99:0f:bd:14:fe:e4:
0e:06:c9:13:ad:ba:6a:7a:d5:3c:82:f5:05:ef:ef:
7d:95:a3:9d:5a:21:80:56:c7:2b:51:56:08:29:f9:
a2:d9:ce:e5:aa:73:10:6b:0d:63:66:92:d5:0b:a4:
fa:3f:fc:3b:df:5f:ff:93:6d:7f:6d:84:bf:4b:1d:
c2:c5:08:fc:0c:9b:87:8c:80:f1:1f:1a:66:bc:69:
e7:66:b0:81:06:9a:b0:92:c8:da:83:ae:e7:90:af:
0e:6c:d0:1e:68:2f:6f:cf:e3:0d:ea:bb:9b:cf:69:
00:b1:e9:31:ba:ca:51:e6:70:3a:dc:fd:18:1e:39:
83:1b:30:79:32:b2:72:79:f1:33:e0:7f:71:3b:f6:
cf:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:38:52:2E:F7:DB:39:81:A8:D0:28:D1:1E:50:66:DD:A8:D1:13:80
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3DhSLvfbOYGo0CjRHlBm3ajRE4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.54.0/24
45.94.213.0-45.94.214.255
89.46.217.0/24
185.239.2.0/23
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
63:db:05:b1:6e:75:1e:79:7d:f6:ab:27:8e:61:9c:48:88:1b:
1f:15:ca:b5:1e:a3:4f:b8:6d:68:1c:94:37:2a:5b:4f:19:62:
17:91:02:4a:ed:16:52:ac:93:3c:6f:9d:9b:85:f3:9f:12:e4:
f9:24:45:1e:d8:b9:fa:8a:ff:60:af:67:f1:64:64:a6:db:76:
fd:60:3d:64:50:3f:72:4d:8a:5f:bb:e6:c6:fc:ca:a2:f0:65:
a6:5c:53:96:90:d0:b5:87:17:b5:34:c4:63:61:4c:d6:bd:c2:
d8:25:67:44:3c:fd:2a:67:a5:0f:0e:b0:58:66:06:ec:c2:79:
a2:c7:47:24:a1:2d:1a:e9:ee:05:fa:83:fb:54:17:25:16:3f:
c8:c7:9d:0a:6d:83:b1:05:36:68:f4:f3:f6:b4:c5:4c:6f:fe:
95:6c:1f:9b:bf:33:e7:20:49:fe:7a:5b:c0:23:61:f1:19:69:
b3:a6:70:dd:88:0a:b6:20:48:b2:30:ea:c2:c9:8e:c2:6c:aa:
8c:4d:ab:35:54:69:76:c5:9e:84:80:89:eb:8f:2b:cb:3a:14:
5a:57:7c:0f:6b:1c:3b:ca:12:39:1c:79:4e:91:97:fc:21:03:
75:61:7f:e4:7d:a7:99:92:d2:d5:a7:0b:47:d2:9a:7f:66:87:
a8:9d:3d:7c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYfcwr4Q1eXJq1TEed6acumaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNTAyMTM1OTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM4NTIyZWY3ZGIzOTgxYThkMDI4ZDExZTUwNjZkZGE4ZDExMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG3diLVxQta63sbNFuHSjzIJ9NUY
oGkubPMya4n1w+Uh6ULtbVSg4S9mslRa2BGRv4QQVz/rYrfPckyhtRON1i5Qc82e
ati/sd4wUjBlvAb+eL494QkPfawpCz7Fo4sEbOQCpJaCpJlg3bod6kQxcsCZD70U
/uQOBskTrbpqetU8gvUF7+99laOdWiGAVscrUVYIKfmi2c7lqnMQaw1jZpLVC6T6
P/w731//k21/bYS/Sx3CxQj8DJuHjIDxHxpmvGnnZrCBBpqwksjag67nkK8ObNAe
aC9vz+MN6rubz2kAsekxuspR5nA63P0YHjmDGzB5MrJyefEz4H9xO/bPTQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNw4Ui732zmBqNAo0R5QZt2o0ROAMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvM0RoU0x2ZmJPWUdvMENqUkhsQm0zYWpSRTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABZ82MAwD
BAAtXtUDBAAtXtYDBABZLtkDBAG57wIDBAC88MQwDQYJKoZIhvcNAQELBQADggEB
AGPbBbFudR55ffarJ45hnEiIGx8VyrUeo0+4bWgclDcqW08ZYheRAkrtFlKskzxv
nZuF858S5PkkRR7YufqK/2CvZ/FkZKbbdv1gPWRQP3JNil+75sb8yqLwZaZcU5aQ
0LWHF7U0xGNhTNa9wtglZ0Q8/SpnpQ8OsFhmBuzCeaLHRyShLRrp7gX6g/tUFyUW
P8jHnQptg7EFNmj08/a0xUxv/pVsH5u/M+cgSf56W8AjYfEZabOmcN2ICrYgSLIw
6sLJjsJsqoxNqzVUaXbFnoSAieuPK8s6FFpXfA9rHDvKEjkceU6Rl/whA3Vhf+R9
p5mS0tWnC0fSmn9mh6idPXw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-fra.rpki-client.org