Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/3VThBiaZ_ujmzrkVnTqA7XznRuY.roa
File: 3VThBiaZ_ujmzrkVnTqA7XznRuY.roa (raw, json)
Hash identifier: CcvDcefL3Iw+aRnwWNW6kPMtvo/v4raCd4vYE5zjLy4=
Subject key identifier: DD:54:E1:06:26:99:FE:E8:E6:CE:B9:15:9D:3A:80:ED:7C:E7:46:E6
Certificate issuer: /CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Certificate serial: 01856BDCAD43AB62D4D257BBEA5C29B7D7D6
Authority key identifier: 73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/3VThBiaZ_ujmzrkVnTqA7XznRuY.roa
Signing time: Sun 01 Jan 2023 05:45:02 +0000
ROA not before: Sun 01 Jan 2023 05:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42072
IP address blocks: 45.154.74.0/23 maxlen: 24
2a0f:b300:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:ad:43:ab:62:d4:d2:57:bb:ea:5c:29:b7:d7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Validity
Not Before: Jan 1 05:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd54e1062699fee8e6ceb9159d3a80ed7ce746e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dc:5c:28:35:82:89:70:63:51:f8:0e:f2:a6:
fc:84:ef:70:a9:bb:a0:29:09:a3:2d:ca:7f:c8:95:
96:88:2c:e7:80:84:9a:cd:4c:e3:82:3d:c1:cf:e0:
bd:0f:5d:83:b5:3f:e4:4c:f9:7e:63:ab:5d:22:da:
14:41:09:b3:54:5c:1a:17:40:c4:cb:be:ff:e5:49:
56:c5:23:ac:69:1d:5a:91:61:29:ea:cc:c8:fc:8f:
dd:17:eb:e8:48:36:68:fd:eb:d4:66:a5:b6:c7:ee:
ae:ee:73:e9:54:ca:e9:f6:de:1d:ef:f7:75:1b:b1:
19:a4:35:e7:8f:a9:c9:7c:a1:23:d5:bd:c1:a0:cf:
dd:19:ed:14:2f:ff:8b:e7:05:38:59:90:3a:1e:0c:
60:cb:9c:4d:e1:4f:06:4e:80:67:10:09:14:56:43:
42:f4:00:91:68:20:2b:c5:34:31:0c:58:76:2f:17:
7c:45:04:41:1e:61:84:15:42:82:48:d6:19:af:f3:
97:98:ea:9b:7b:07:a4:7a:d2:12:fc:00:f7:96:6a:
b3:c2:60:ac:7e:8e:68:81:cd:ac:9d:9e:11:d2:27:
07:64:49:9d:fe:bc:48:7c:2a:ac:b7:3c:79:70:08:
91:6f:62:7d:b5:85:99:e7:0f:68:5d:2a:82:57:35:
05:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:54:E1:06:26:99:FE:E8:E6:CE:B9:15:9D:3A:80:ED:7C:E7:46:E6
X509v3 Authority Key Identifier:
keyid:73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/3VThBiaZ_ujmzrkVnTqA7XznRuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/c21yTiOe-38ve-pSap4MXn_Im74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.74.0/23
IPv6:
2a0f:b300:2000::/36
Signature Algorithm: sha256WithRSAEncryption
6e:67:e7:bb:e6:7a:db:4a:4a:dc:2b:5d:03:c1:51:22:e0:1e:
d9:39:e0:f5:b7:81:06:f5:ea:df:b7:1c:04:51:cc:45:cf:fa:
4f:2a:72:83:cc:ed:00:d5:af:ce:63:f2:99:a4:04:e9:dd:e4:
04:33:3b:8e:b4:2a:0d:83:6a:24:7b:38:7f:6e:1e:0c:10:b8:
03:ea:03:d3:ec:1e:7b:f3:42:2d:59:83:4f:10:64:31:9c:4f:
42:21:84:c2:b1:ec:3c:5e:a6:92:65:65:a4:41:c1:9e:18:f9:
f1:2c:0c:d5:0f:e3:d4:79:2c:a0:38:04:ad:ad:44:ef:e7:92:
8e:29:8e:bd:40:3a:22:8f:35:3d:82:01:2b:5e:a5:32:a1:eb:
fd:28:ee:b3:f1:16:1a:91:7d:d4:3c:08:f4:15:11:df:90:72:
a5:76:e8:a8:43:5f:d2:77:b9:ce:5b:29:a3:3b:3d:78:52:fa:
86:bd:1f:82:d6:19:c1:b4:0b:b6:e2:e0:94:d4:78:45:52:a9:
3b:88:28:ad:70:9f:46:07:d3:6c:97:e7:e2:27:06:6f:79:37:
9d:9a:cd:c1:75:ce:ba:09:3f:ed:e5:44:31:a4:a0:c5:c5:a2:
dd:2b:a8:3d:eb:db:69:97:12:5a:0e:a5:ef:71:23:cf:20:65:
b4:d3:18:b2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVr3K1Dq2LU0le76lwpt9fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNmQ3MjRlMjM5ZWZiN2YyZjdiZWE1MjZhOWUwYzVlN2Zj
ODliYmUwHhcNMjMwMTAxMDU0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU0ZTEwNjI2OTlmZWU4ZTZjZWI5MTU5ZDNhODBlZDdjZTc0NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNxcKDWCiXBjUfgO8qb8hO9wqbug
KQmjLcp/yJWWiCzngISazUzjgj3Bz+C9D12DtT/kTPl+Y6tdItoUQQmzVFwaF0DE
y77/5UlWxSOsaR1akWEp6szI/I/dF+voSDZo/evUZqW2x+6u7nPpVMrp9t4d7/d1
G7EZpDXnj6nJfKEj1b3BoM/dGe0UL/+L5wU4WZA6Hgxgy5xN4U8GToBnEAkUVkNC
9ACRaCArxTQxDFh2Lxd8RQRBHmGEFUKCSNYZr/OXmOqbeweketIS/AD3lmqzwmCs
fo5ogc2snZ4R0icHZEmd/rxIfCqstzx5cAiRb2J9tYWZ5w9oXSqCVzUF8wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN1U4QYmmf7o5s65FZ06gO1850bmMB8GA1UdIwQY
MBaAFHNtck4jnvt/L3vqUmqeDF5/yJu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzIxeVRpT2UtMzh2ZS1wU2FwNE1Ybl9JbTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmMxMTAtNzkyNC00OWE5LTg1NjQt
MGJlYmZjYmRlMWYzLzEvM1ZUaEJpYVpfdWptenJrVm5UcUE3WHpuUnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmMxMTAtNzkyNC00OWE5LTg1NjQtMGJlYmZjYmRlMWYz
LzEvYzIxeVRpT2UtMzh2ZS1wU2FwNE1Ybl9JbTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBLZpKMA4E
AgACMAgDBgQqD7MAIDANBgkqhkiG9w0BAQsFAAOCAQEAbmfnu+Z620pK3CtdA8FR
IuAe2Tng9beBBvXq37ccBFHMRc/6Typyg8ztANWvzmPymaQE6d3kBDM7jrQqDYNq
JHs4f24eDBC4A+oD0+wee/NCLVmDTxBkMZxPQiGEwrHsPF6mkmVlpEHBnhj58SwM
1Q/j1HksoDgEra1E7+eSjimOvUA6Io81PYIBK16lMqHr/Sjus/EWGpF91DwI9BUR
35BypXboqENf0ne5zlspozs9eFL6hr0fgtYZwbQLtuLglNR4RVKpO4gorXCfRgfT
bJfn4icGb3k3nZrNwXXOugk/7eVEMaSgxcWi3SuoPevbaZcSWg6l73EjzyBltNMY
sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:34 2024 by rpki-client on console-fra.rpki-client.org