Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/B3RLvgL9enzTAk2smbWLHhIRPnE.roa
File: B3RLvgL9enzTAk2smbWLHhIRPnE.roa (raw, json)
Hash identifier: zLlQLNYpH2yne8KehyYBfV97UnaPodb9Q44fToDqgA8=
Subject key identifier: 07:74:4B:BE:02:FD:7A:7C:D3:02:4D:AC:99:B5:8B:1E:12:11:3E:71
Certificate issuer: /CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
Certificate serial: 018B183FCAAACC1FC91398AADEEAC964E807
Authority key identifier: 8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/B3RLvgL9enzTAk2smbWLHhIRPnE.roa
Signing time: Tue 10 Oct 2023 06:21:55 +0000
ROA not before: Tue 10 Oct 2023 06:21:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199114
IP address blocks: 194.37.84.0/24 maxlen: 24
194.37.86.0/24 maxlen: 24
91.198.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:3f:ca:aa:cc:1f:c9:13:98:aa:de:ea:c9:64:e8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
Validity
Not Before: Oct 10 06:21:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07744bbe02fd7a7cd3024dac99b58b1e12113e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d8:de:28:78:ce:a5:6b:dd:66:6d:8d:b8:cd:
e2:45:e3:13:9b:39:ec:f9:b6:d3:a0:8a:b3:82:19:
03:05:1c:59:c4:33:61:42:0c:f4:a0:c8:73:d3:2c:
b8:56:2b:3a:ab:1d:e7:9b:91:56:86:10:a4:c8:71:
05:9d:72:34:ec:47:cd:bf:90:b3:05:c0:e3:43:68:
83:05:b0:6c:94:df:b2:ec:fc:5f:2f:2f:1c:10:09:
95:5d:79:de:84:e1:59:e5:12:e3:e8:4e:9f:1d:7c:
5f:76:d5:69:5b:92:ae:80:f0:e6:fe:80:0d:fa:99:
4e:09:2b:58:b9:26:52:69:a9:30:04:2a:1f:8a:9c:
a7:80:7d:a7:25:42:7c:fe:53:e8:4a:66:bf:97:06:
1c:53:38:be:3e:5a:fa:c5:4b:20:a1:8f:14:c6:86:
68:93:e0:b9:ba:4a:de:00:5a:e2:ed:22:d1:5a:a4:
fd:41:ec:88:66:09:df:6b:d7:7f:6a:bc:b3:a2:61:
15:90:c0:b8:61:14:eb:bc:3f:9f:4e:f0:6a:86:b8:
67:68:35:15:0f:a9:84:23:fb:03:da:c7:d4:88:51:
10:5f:2f:27:9a:22:18:b9:ea:63:79:21:f9:c2:5a:
77:3d:33:21:d5:9d:63:a6:f3:70:29:80:cc:8c:31:
2f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:74:4B:BE:02:FD:7A:7C:D3:02:4D:AC:99:B5:8B:1E:12:11:3E:71
X509v3 Authority Key Identifier:
keyid:8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/B3RLvgL9enzTAk2smbWLHhIRPnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/jxNyAMnqFWCj9C_X4QDtKEEUFrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.18.0/24
194.37.84.0/24
194.37.86.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:3c:5e:74:1b:e2:ad:ff:47:bd:d3:54:43:1f:f3:5e:04:1f:
d9:c4:59:db:c2:21:27:c7:18:90:d3:45:e4:dd:da:e2:55:1f:
ef:91:0b:cd:b9:78:8c:65:1d:74:db:d8:e9:15:36:0a:8d:cb:
44:ce:e8:b4:a1:19:4e:aa:35:f7:36:4b:43:73:81:ed:c0:d7:
5f:65:54:00:37:dc:d7:ad:a7:38:18:d4:7d:18:37:1b:ee:ce:
7f:f5:d1:bd:79:f3:8f:d8:4a:9d:7b:35:91:35:e7:fc:6d:e0:
0d:ad:3b:45:1d:03:60:b2:0b:ad:5f:3b:7e:79:ef:d6:2f:76:
2f:0e:ea:a5:e4:16:fa:f6:97:93:71:65:37:07:26:14:80:59:
c7:39:cb:53:f5:21:e4:b6:cf:c0:38:59:61:ce:0c:09:65:42:
ac:cc:04:00:b1:22:27:7f:59:07:a0:e0:c8:86:66:f0:0a:04:
57:87:7d:74:27:21:be:50:80:05:d4:9d:c8:3c:00:15:cf:cb:
65:e7:5e:58:9f:cc:f6:da:66:68:3b:dc:ca:2f:10:79:83:d1:
8e:ff:c2:64:c4:6a:8f:9b:36:39:27:2a:96:5f:53:5c:96:52:
10:07:7f:19:0b:16:8c:34:0c:8e:ce:da:15:e4:32:cd:8f:34:
e5:ad:bf:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsYP8qqzB/JE5iq3urJZOgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTM3MjAwYzllYTE1NjBhM2Y0MmZkN2UxMDBlZDI4NDEx
NDE2YmMwHhcNMjMxMDEwMDYyMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzc0NGJiZTAyZmQ3YTdjZDMwMjRkYWM5OWI1OGIxZTEyMTEzZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9jeKHjOpWvdZm2NuM3iReMTmzns
+bbToIqzghkDBRxZxDNhQgz0oMhz0yy4Vis6qx3nm5FWhhCkyHEFnXI07EfNv5Cz
BcDjQ2iDBbBslN+y7PxfLy8cEAmVXXnehOFZ5RLj6E6fHXxfdtVpW5KugPDm/oAN
+plOCStYuSZSaakwBCofipyngH2nJUJ8/lPoSma/lwYcUzi+Plr6xUsgoY8UxoZo
k+C5ukreAFri7SLRWqT9QeyIZgnfa9d/aryzomEVkMC4YRTrvD+fTvBqhrhnaDUV
D6mEI/sD2sfUiFEQXy8nmiIYuepjeSH5wlp3PTMh1Z1jpvNwKYDMjDEvQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAd0S74C/Xp80wJNrJm1ix4SET5xMB8GA1UdIwQY
MBaAFI8TcgDJ6hVgo/Qv1+EA7ShBFBa8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTct
ZWI4MDIyMWU1MzhkLzEvQjNSTHZnTDllbnpUQWsyc21iV0xIaElSUG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTctZWI4MDIyMWU1Mzhk
LzEvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8YSAwQA
wiVUAwQAwiVWMA0GCSqGSIb3DQEBCwUAA4IBAQC0PF50G+Kt/0e901RDH/NeBB/Z
xFnbwiEnxxiQ00Xk3driVR/vkQvNuXiMZR1029jpFTYKjctEzui0oRlOqjX3NktD
c4HtwNdfZVQAN9zXrac4GNR9GDcb7s5/9dG9efOP2EqdezWRNef8beANrTtFHQNg
sgutXzt+ee/WL3YvDuql5Bb69peTcWU3ByYUgFnHOctT9SHkts/AOFlhzgwJZUKs
zAQAsSInf1kHoODIhmbwCgRXh310JyG+UIAF1J3IPAAVz8tl515Yn8z22mZoO9zK
LxB5g9GO/8JkxGqPmzY5JyqWX1NcllIQB38ZCxaMNAyOztoV5DLNjzTlrb8Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:58 2024 by rpki-client on console-fra.rpki-client.org