Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3VT3dmgew0zPxrC1jkKBhYlMdqA.roa
File: 3VT3dmgew0zPxrC1jkKBhYlMdqA.roa (raw, json)
Hash identifier: XNJmdd73GXslkdDikA1VmAmJwK5TqFtj2Eo7evpbf7w=
Subject key identifier: DD:54:F7:76:68:1E:C3:4C:CF:C6:B0:B5:8E:42:81:85:89:4C:76:A0
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019267494848C5F45FB01A53573555CBEB20
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3VT3dmgew0zPxrC1jkKBhYlMdqA.roa
Signing time: Mon 07 Oct 2024 14:01:48 +0000
ROA not before: Mon 07 Oct 2024 14:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49556
IP address blocks: 5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Oct 2024 09:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:67:49:48:48:c5:f4:5f:b0:1a:53:57:35:55:cb:eb:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 7 14:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd54f776681ec34ccfc6b0b58e428185894c76a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:c7:e2:ed:3c:29:ba:41:75:8c:bd:b4:62:
dd:43:4a:1a:24:54:ba:ff:59:12:a1:54:9a:dc:84:
1b:10:86:1d:f6:b2:ff:dd:d8:0c:9f:a0:a7:5f:7f:
65:e1:64:2b:1e:81:20:45:28:8a:62:23:2c:52:46:
c0:95:80:3c:87:3a:ef:c8:3a:5a:9a:55:d5:a1:ab:
43:76:06:51:03:43:bb:d6:23:11:8e:41:64:ef:51:
eb:82:01:cb:aa:1a:26:5c:80:a5:ab:aa:ae:66:06:
5e:cb:36:cf:d4:e4:61:43:8c:49:1b:a5:ed:1b:11:
32:68:c8:3f:c1:aa:04:a8:09:1d:a7:fc:ba:56:57:
67:b6:de:c5:91:13:f9:7f:fb:53:75:ce:e9:58:81:
27:c2:5e:09:6d:a0:84:e6:a4:ee:fc:42:c0:16:81:
26:a0:76:77:b6:50:6e:94:d4:0e:60:cf:0f:b9:a8:
0a:ee:09:fd:26:42:ef:5b:05:61:92:b2:12:6e:b5:
32:2b:0b:8f:23:2b:4f:5f:2b:e3:c6:e5:6c:e3:fe:
bc:42:34:d2:48:70:03:1c:f5:de:2f:17:5c:34:f6:
ab:41:5c:d7:93:69:af:f7:62:0f:21:57:f5:33:88:
57:3d:d5:b3:05:cf:db:fb:6e:fc:e7:81:22:b4:49:
02:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:54:F7:76:68:1E:C3:4C:CF:C6:B0:B5:8E:42:81:85:89:4C:76:A0
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3VT3dmgew0zPxrC1jkKBhYlMdqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0-45.94.215.255
185.239.0.0/24
185.239.2.0/24
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f5:61:16:68:fc:dc:64:18:1b:6d:48:74:b6:5d:a9:14:44:
9b:38:c0:1b:e1:77:1e:1b:32:4a:ba:1f:7a:8e:eb:4c:9b:b1:
7a:21:e6:46:47:83:01:b0:4c:62:64:5c:40:5e:0b:44:45:57:
63:94:8b:e8:c3:6d:ae:36:79:57:90:1d:97:c0:4b:c7:31:07:
e1:78:c8:5b:dc:0c:2b:64:07:1c:9d:60:7f:79:58:09:d0:7e:
35:3c:5e:77:bd:4e:ed:69:08:5b:9e:c8:e4:05:88:e7:d0:7f:
1d:2f:4f:73:0f:e1:ee:e4:69:e9:68:dc:4c:13:e7:a4:5a:af:
67:5c:39:eb:35:2f:2c:59:a6:0b:d1:f9:11:9e:63:9c:30:81:
a1:18:5f:63:7a:63:b7:7e:c6:16:29:29:25:d2:bf:2c:83:db:
8d:8f:16:5c:b0:27:da:c3:07:29:0a:e3:33:a2:40:c9:be:59:
e2:cf:c5:5f:57:74:72:9a:b8:e0:7d:45:54:06:00:40:cb:bf:
ef:bc:97:04:d6:a4:8f:6b:27:c6:e4:ba:e9:6f:ee:c1:83:7e:
20:d7:38:66:56:f1:db:8b:dc:b4:ae:4f:2d:57:b3:f8:39:81:
c9:3b:70:f7:0a:80:f4:6a:71:71:6b:01:01:95:47:d9:ec:2e:
4b:41:9f:7c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZJnSUhIxfRfsBpTVzVVy+sgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDA3MTQwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU0Zjc3NjY4MWVjMzRjY2ZjNmIwYjU4ZTQyODE4NTg5NGM3NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAvH4u08KbpBdYy9tGLdQ0oaJFS6
/1kSoVSa3IQbEIYd9rL/3dgMn6CnX39l4WQrHoEgRSiKYiMsUkbAlYA8hzrvyDpa
mlXVoatDdgZRA0O71iMRjkFk71HrggHLqhomXIClq6quZgZeyzbP1ORhQ4xJG6Xt
GxEyaMg/waoEqAkdp/y6Vldntt7FkRP5f/tTdc7pWIEnwl4JbaCE5qTu/ELAFoEm
oHZ3tlBulNQOYM8PuagK7gn9JkLvWwVhkrISbrUyKwuPIytPXyvjxuVs4/68QjTS
SHADHPXeLxdcNParQVzXk2mv92IPIVf1M4hXPdWzBc/b+27854EitEkChwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFN1U93ZoHsNMz8awtY5CgYWJTHagMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvM1ZUM2RtZ2V3MHpQeHJDMWprS0JoWWxNZHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABZ8xAwQA
BZ82MAwDBAAtXtUDBAMtXtADBAC57wADBAC57wIDBAC81GMwDQYJKoZIhvcNAQEL
BQADggEBAAr1YRZo/NxkGBttSHS2XakURJs4wBvhdx4bMkq6H3qO60ybsXoh5kZH
gwGwTGJkXEBeC0RFV2OUi+jDba42eVeQHZfAS8cxB+F4yFvcDCtkBxydYH95WAnQ
fjU8Xne9Tu1pCFueyOQFiOfQfx0vT3MP4e7kaelo3EwT56Rar2dcOes1LyxZpgvR
+RGeY5wwgaEYX2N6Y7d+xhYpKSXSvyyD242PFlywJ9rDBykK4zOiQMm+WeLPxV9X
dHKauOB9RVQGAEDLv++8lwTWpI9rJ8bkuulv7sGDfiDXOGZW8duL3LSuTy1Xs/g5
gck7cPcKgPRqcXFrAQGVR9nsLktBn3w=
-----END CERTIFICATE-----
Generated at Sat Oct 19 10:00:35 2024 by rpki-client on console-fra.rpki-client.org