Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/3g9RL_6xAact-d5-_CxUdMOae3g.roa
File: 3g9RL_6xAact-d5-_CxUdMOae3g.roa (raw, json)
Hash identifier: zozX7P+F6KocMtxLGLL4sLOL1EUlnalc+RvzT6Daz0E=
Subject key identifier: DE:0F:51:2F:FE:B1:01:A7:2D:F9:DE:7E:FC:2C:54:74:C3:9A:7B:78
Certificate issuer: /CN=6f930698733bad33c081719c7b68bd19723a5a77
Certificate serial: 018D55B9D9A7A24D3A7341C416D02B81C964
Authority key identifier: 6F:93:06:98:73:3B:AD:33:C0:81:71:9C:7B:68:BD:19:72:3A:5A:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/3g9RL_6xAact-d5-_CxUdMOae3g.roa
Signing time: Mon 29 Jan 2024 14:57:39 +0000
ROA not before: Mon 29 Jan 2024 14:57:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207928
IP address blocks: 194.153.76.0/23 maxlen: 23
194.153.76.0/24 maxlen: 24
194.153.77.0/24 maxlen: 24
194.153.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 17:27:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:b9:d9:a7:a2:4d:3a:73:41:c4:16:d0:2b:81:c9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f930698733bad33c081719c7b68bd19723a5a77
Validity
Not Before: Jan 29 14:57:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de0f512ffeb101a72df9de7efc2c5474c39a7b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e2:6f:7f:0d:ef:64:d7:27:e5:57:fc:05:4c:
f7:7e:e6:9e:e0:97:96:6e:6d:68:d9:69:41:d6:78:
76:13:2b:e1:85:ce:b5:2c:74:c7:c3:5a:e0:4f:cf:
9f:17:58:35:a1:d3:bf:43:c7:a6:1c:70:31:2c:bd:
38:1b:8b:cf:24:24:07:e7:5e:34:2f:dd:3e:5e:45:
97:e8:0a:d2:4a:4b:58:38:29:d3:1d:49:ed:67:99:
84:cf:24:45:af:09:ec:64:b3:a3:83:70:66:e1:64:
92:66:5f:45:f4:96:34:3c:93:c4:63:e5:c5:fa:5b:
5e:f3:55:e7:99:5a:24:6d:e2:a1:1f:11:e6:a7:57:
f3:45:70:6a:08:c5:35:3d:2f:60:d3:f4:d0:17:0f:
35:a1:03:54:92:93:a7:b3:3d:6f:1c:5f:76:fb:1c:
9c:7f:6d:b4:15:f3:5f:ed:32:06:a3:a2:2a:28:91:
d5:55:13:b2:bb:10:cd:2f:ac:75:bf:ef:0d:c6:c7:
ca:dd:fd:f8:80:23:62:7a:d8:01:eb:25:44:ed:1f:
af:94:d3:36:78:a4:26:75:ca:dc:cb:33:0d:05:77:
60:ae:28:a7:81:d5:fa:45:c1:17:8e:35:dd:71:f8:
1e:e0:14:bb:3d:a0:8a:9d:39:4c:8c:8b:50:50:ec:
e9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0F:51:2F:FE:B1:01:A7:2D:F9:DE:7E:FC:2C:54:74:C3:9A:7B:78
X509v3 Authority Key Identifier:
keyid:6F:93:06:98:73:3B:AD:33:C0:81:71:9C:7B:68:BD:19:72:3A:5A:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/3g9RL_6xAact-d5-_CxUdMOae3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/b5MGmHM7rTPAgXGce2i9GXI6Wnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.76.0/23
194.153.103.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:e6:b0:b0:5b:1e:17:74:1b:89:8b:16:b3:26:04:01:4f:83:
cf:48:70:49:12:ec:5f:cc:6e:0c:c3:ba:22:55:0f:58:c8:75:
58:84:7c:63:69:63:66:2d:48:b3:ef:ea:4a:49:67:04:d1:25:
f8:a6:74:d8:70:8e:82:8a:68:2e:ca:82:24:f1:07:9e:47:d0:
fb:4a:72:50:2e:e2:27:d8:b5:2d:73:b8:3e:86:a3:ba:5d:40:
74:19:62:b7:05:53:f9:47:88:de:a1:c7:3e:bc:8d:06:02:46:
b3:38:00:ec:9d:42:b6:32:7e:34:d4:cf:bc:e9:96:ae:88:6e:
ae:a9:ad:aa:39:39:27:62:46:64:ce:61:fa:49:24:e1:62:3d:
ad:13:9c:f8:c4:7c:77:e3:89:1e:c3:9e:c1:66:a6:5f:80:81:
61:02:e5:79:aa:a0:b0:b6:6a:ce:77:4f:77:90:72:b6:65:32:
69:de:78:c0:1e:f5:a7:0e:ad:ee:2c:a3:36:f7:44:66:97:9a:
11:09:02:a7:69:84:8e:c4:7c:4d:83:90:18:18:13:57:04:bf:
ec:98:be:58:08:34:77:4f:54:13:f9:34:80:90:0a:de:a9:4d:
84:ef:94:a4:0f:97:19:a7:35:02:4a:a3:2a:6c:8e:4d:35:f2:
be:89:22:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1Vudmnok06c0HEFtArgclkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOTMwNjk4NzMzYmFkMzNjMDgxNzE5YzdiNjhiZDE5NzIz
YTVhNzcwHhcNMjQwMTI5MTQ1NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTBmNTEyZmZlYjEwMWE3MmRmOWRlN2VmYzJjNTQ3NGMzOWE3Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeJvfw3vZNcn5Vf8BUz3fuae4JeW
bm1o2WlB1nh2Eyvhhc61LHTHw1rgT8+fF1g1odO/Q8emHHAxLL04G4vPJCQH5140
L90+XkWX6ArSSktYOCnTHUntZ5mEzyRFrwnsZLOjg3Bm4WSSZl9F9JY0PJPEY+XF
+lte81XnmVokbeKhHxHmp1fzRXBqCMU1PS9g0/TQFw81oQNUkpOnsz1vHF92+xyc
f220FfNf7TIGo6IqKJHVVROyuxDNL6x1v+8NxsfK3f34gCNietgB6yVE7R+vlNM2
eKQmdcrcyzMNBXdgriingdX6RcEXjjXdcfge4BS7PaCKnTlMjItQUOzpUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4PUS/+sQGnLfnefvwsVHTDmnt4MB8GA1UdIwQY
MBaAFG+TBphzO60zwIFxnHtovRlyOlp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjVNR21ITTdyVFBBZ1hHY2UyaTlHWEk2V25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS81ZTYxZjctODM2My00YWNjLWI4YTQt
ZmUxMDNmZDM4NTdjLzEvM2c5UkxfNnhBYWN0LWQ1LV9DeFVkTU9hZTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS81ZTYxZjctODM2My00YWNjLWI4YTQtZmUxMDNmZDM4NTdj
LzEvYjVNR21ITTdyVFBBZ1hHY2UyaTlHWEk2V25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwplMAwQA
wplnMA0GCSqGSIb3DQEBCwUAA4IBAQAe5rCwWx4XdBuJixazJgQBT4PPSHBJEuxf
zG4Mw7oiVQ9YyHVYhHxjaWNmLUiz7+pKSWcE0SX4pnTYcI6CimguyoIk8QeeR9D7
SnJQLuIn2LUtc7g+hqO6XUB0GWK3BVP5R4jeocc+vI0GAkazOADsnUK2Mn401M+8
6ZauiG6uqa2qOTknYkZkzmH6SSThYj2tE5z4xHx344kew57BZqZfgIFhAuV5qqCw
tmrOd093kHK2ZTJp3njAHvWnDq3uLKM290Rml5oRCQKnaYSOxHxNg5AYGBNXBL/s
mL5YCDR3T1QT+TSAkAreqU2E75SkD5cZpzUCSqMqbI5NNfK+iSLz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:19 2024 by rpki-client on console-ams.rpki-client.org