Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3gR1cxWSSOzVq42bnHkCHfp5m58.roa
File: 3gR1cxWSSOzVq42bnHkCHfp5m58.roa (raw, json)
Hash identifier: 9TFR3n7d5a4ZHpSW4vZ/84tES7MmCWQS4JAX5nG3XVk=
Subject key identifier: DE:04:75:73:15:92:48:EC:D5:AB:8D:9B:9C:79:02:1D:FA:79:9B:9F
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019049F903218420B581FB1DE5E9B2B5FDE7
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3gR1cxWSSOzVq42bnHkCHfp5m58.roa
Signing time: Mon 24 Jun 2024 11:19:34 +0000
ROA not before: Mon 24 Jun 2024 11:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201211
IP address blocks: 80.242.53.0/24 maxlen: 24
95.130.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 16:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:f9:03:21:84:20:b5:81:fb:1d:e5:e9:b2:b5:fd:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 24 11:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de047573159248ecd5ab8d9b9c79021dfa799b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:64:e1:36:51:a8:d8:a8:87:21:54:88:23:95:
2d:b4:8d:75:b8:6c:9d:d6:e5:fa:c4:7f:35:ae:5c:
5a:4c:bf:b3:e8:66:18:0a:43:96:b1:6e:5f:4b:b2:
65:49:93:f3:7b:ae:b7:6f:e6:44:f9:5a:20:f5:28:
4f:56:74:e7:3f:f1:5a:ad:32:84:4a:87:23:8d:44:
71:26:6d:06:4d:5b:e7:db:2f:26:c4:13:9e:60:8e:
dd:b2:6a:13:79:59:8a:ec:28:91:85:5b:06:8f:cf:
99:03:74:57:9f:de:2b:04:71:ab:87:8a:e8:f8:00:
7d:1f:9e:73:2f:d6:91:d3:76:15:1f:53:94:0b:d0:
c9:bb:9a:63:0b:48:db:3b:1f:e1:7f:d0:88:15:df:
6b:7d:4d:85:cd:9d:d5:a9:5d:9a:9b:0b:bb:8d:01:
83:bb:7b:2b:ad:09:f9:05:cc:7c:9e:bf:e1:4a:a7:
73:90:ff:96:a7:93:09:8c:61:bb:3c:ee:8f:be:03:
f8:f2:2a:ff:4a:c0:e4:61:e8:c3:4e:b7:02:bb:e9:
e7:51:6e:66:67:c8:e8:ac:c5:55:ea:6e:3b:fe:4d:
7c:e7:b0:6e:a2:24:ba:b9:70:65:a2:2b:91:ec:23:
94:5d:cc:c4:1a:07:bc:b8:3a:cb:bb:78:91:4f:5f:
da:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:04:75:73:15:92:48:EC:D5:AB:8D:9B:9C:79:02:1D:FA:79:9B:9F
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3gR1cxWSSOzVq42bnHkCHfp5m58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.242.53.0/24
95.130.224.0/24
Signature Algorithm: sha256WithRSAEncryption
27:36:61:b0:44:fd:f2:ea:6b:8a:bf:e1:b6:e6:78:89:80:a6:
a4:fe:18:e4:a4:71:c2:14:57:ea:99:7a:f3:2c:d4:0e:eb:12:
09:ef:64:84:19:34:30:e7:1e:44:08:ab:bc:43:a4:d1:14:f8:
a1:ec:ec:dd:be:8b:83:ae:8d:44:df:dc:2f:2c:f0:8a:4f:73:
75:f6:d2:b7:85:6d:d4:5d:b0:bc:9a:13:91:fe:e3:15:53:91:
ea:c3:75:89:41:1e:4a:c3:5e:ca:3e:de:36:e6:56:8e:0a:9c:
75:e6:56:87:43:c1:65:fe:99:28:99:7c:a2:32:40:4e:fe:16:
09:a3:cd:92:07:cf:56:03:8e:2e:23:e1:3e:5f:0d:92:35:af:
12:57:14:7d:01:88:70:a3:f4:f8:d2:fb:eb:d9:89:aa:e9:ec:
b6:8e:73:08:1d:3d:51:04:f2:76:f5:06:8a:74:ef:2c:20:0b:
64:e2:27:d8:42:bc:25:58:09:c5:fe:33:49:9c:db:8e:c4:c5:
82:21:f2:c4:8e:bf:47:fa:bf:c9:2a:70:f4:7d:9d:26:a3:70:
91:37:ed:c1:9e:cb:ae:48:cd:1c:a1:0e:eb:71:3a:a2:3f:0f:
61:97:39:ae:3e:b0:9c:33:ef:48:47:04:f9:88:ae:33:51:67:
c9:29:35:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBJ+QMhhCC1gfsd5emytf3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNjI0MTExOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTA0NzU3MzE1OTI0OGVjZDVhYjhkOWI5Yzc5MDIxZGZhNzk5YjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWThNlGo2KiHIVSII5UttI11uGyd
1uX6xH81rlxaTL+z6GYYCkOWsW5fS7JlSZPze663b+ZE+Vog9ShPVnTnP/FarTKE
SocjjURxJm0GTVvn2y8mxBOeYI7dsmoTeVmK7CiRhVsGj8+ZA3RXn94rBHGrh4ro
+AB9H55zL9aR03YVH1OUC9DJu5pjC0jbOx/hf9CIFd9rfU2FzZ3VqV2amwu7jQGD
u3srrQn5Bcx8nr/hSqdzkP+Wp5MJjGG7PO6PvgP48ir/SsDkYejDTrcCu+nnUW5m
Z8jorMVV6m47/k1857BuoiS6uXBloiuR7COUXczEGge8uDrLu3iRT1/avQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4EdXMVkkjs1auNm5x5Ah36eZufMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvM2dSMWN4V1NTT3pWcTQyYm5Ia0NIZnA1bTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPI1AwQA
X4LgMA0GCSqGSIb3DQEBCwUAA4IBAQAnNmGwRP3y6muKv+G25niJgKak/hjkpHHC
FFfqmXrzLNQO6xIJ72SEGTQw5x5ECKu8Q6TRFPih7OzdvouDro1E39wvLPCKT3N1
9tK3hW3UXbC8mhOR/uMVU5Hqw3WJQR5Kw17KPt425laOCpx15laHQ8Fl/pkomXyi
MkBO/hYJo82SB89WA44uI+E+Xw2SNa8SVxR9AYhwo/T40vvr2Ymq6ey2jnMIHT1R
BPJ29QaKdO8sIAtk4ifYQrwlWAnF/jNJnNuOxMWCIfLEjr9H+r/JKnD0fZ0mo3CR
N+3BnsuuSM0coQ7rcTqiPw9hlzmuPrCcM+9IRwT5iK4zUWfJKTVQ
-----END CERTIFICATE-----
Generated at Thu Aug 22 18:55:02 2024 by rpki-client on console-fra.rpki-client.org