Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/3bw-BezubDMEEfbylxpxfVA7XSg.roa
File: 3bw-BezubDMEEfbylxpxfVA7XSg.roa (raw, json)
Hash identifier: VG9eImtqcsJKxrsevSircuUqA+viWj0OoIlVIfE9G/M=
Subject key identifier: DD:BC:3E:05:EC:EE:6C:33:04:11:F6:F2:97:1A:71:7D:50:3B:5D:28
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 019136CB162B571062DB7580D610AE7A406C
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/3bw-BezubDMEEfbylxpxfVA7XSg.roa
Signing time: Fri 09 Aug 2024 10:59:24 +0000
ROA not before: Fri 09 Aug 2024 10:59:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 185.65.202.0/24 maxlen: 24
185.120.59.0/24 maxlen: 24
185.255.178.0/24 maxlen: 24
185.255.179.0/24 maxlen: 24
212.22.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 10:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:cb:16:2b:57:10:62:db:75:80:d6:10:ae:7a:40:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Aug 9 10:59:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddbc3e05ecee6c330411f6f2971a717d503b5d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bd:31:c3:ab:ad:43:b9:c3:21:15:0f:99:98:
b5:a5:a8:52:e1:dc:1d:c4:9d:9e:c2:d1:29:08:8b:
d1:0d:20:07:d3:c9:5b:97:5e:98:e5:5a:c1:1b:dc:
ef:f6:69:a9:37:86:6a:00:45:b8:1f:76:8c:db:71:
f4:72:79:df:f8:6e:bb:e2:2f:e4:10:a2:04:00:06:
9c:db:9f:d6:9a:79:d0:d8:77:19:13:5b:86:06:05:
9a:b0:c0:f0:a2:70:dc:8c:ce:f0:b9:40:49:aa:df:
15:e4:3e:bc:a4:a5:58:84:d5:b7:7a:82:cc:8f:dc:
e2:35:4c:51:8f:09:f1:f5:5e:35:59:21:28:da:c6:
36:7e:b2:cc:85:aa:a2:d6:30:d0:1e:74:fb:c9:fb:
c5:a7:bc:17:48:60:d7:ae:5b:51:b5:af:9b:0f:c7:
c3:06:ea:79:20:67:68:b8:6b:bf:6f:b6:c2:47:e4:
45:5f:dc:df:ee:d2:96:ea:04:3f:b8:22:d7:1c:bc:
1d:47:91:d0:af:45:a0:a1:02:4e:4b:f7:f0:dd:38:
db:d8:a7:93:25:ec:fb:be:a2:33:85:e0:0a:26:c1:
44:f3:0c:c6:ee:6c:c4:0a:d1:67:9f:d7:0c:3b:7f:
20:f6:f2:39:c7:bb:f7:90:42:39:4b:d6:8d:69:56:
52:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BC:3E:05:EC:EE:6C:33:04:11:F6:F2:97:1A:71:7D:50:3B:5D:28
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/3bw-BezubDMEEfbylxpxfVA7XSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.202.0/24
185.120.59.0/24
185.255.178.0/23
212.22.74.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:a4:a2:1b:03:36:1f:38:06:88:9c:41:72:d5:22:66:e7:3e:
49:3b:de:75:8c:46:e9:34:a7:16:eb:bb:5c:3e:c8:8a:e3:7d:
5a:5c:17:7d:66:7d:94:1a:a5:83:e6:b7:31:18:90:18:24:c5:
a3:7d:85:80:29:da:79:78:a3:43:25:a5:db:72:04:09:55:28:
13:99:dc:6b:b2:71:1a:54:4c:48:1b:65:e8:84:28:78:f4:93:
e3:9f:d2:fa:56:c7:25:a2:08:9e:d7:72:2b:ff:72:bc:99:8e:
a2:64:45:f0:81:9b:e1:3c:c2:05:f3:12:e6:4c:10:89:38:aa:
37:c5:0b:0f:8f:23:91:53:14:4e:67:ed:4f:c5:a7:74:56:4c:
73:49:cb:37:d8:be:10:bf:fc:29:9a:f1:6e:23:39:8f:68:db:
a0:bf:3b:48:93:f6:e1:54:c3:aa:bf:74:65:05:9a:a2:94:d8:
73:f5:8d:ef:22:18:c5:89:59:a0:75:af:b5:77:a8:51:fc:d9:
f7:91:70:3c:d5:e9:e5:30:c1:ca:d4:15:e0:80:cd:90:c2:cb:
28:31:f4:48:7c:59:e3:23:09:ce:eb:68:4e:47:fb:71:22:df:
16:48:9b:2e:e9:8d:4c:a5:4c:6b:69:35:27:ab:21:cd:36:94:
e6:ce:7b:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZE2yxYrVxBi23WA1hCuekBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwODA5MTA1OTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJjM2UwNWVjZWU2YzMzMDQxMWY2ZjI5NzFhNzE3ZDUwM2I1ZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb0xw6utQ7nDIRUPmZi1pahS4dwd
xJ2ewtEpCIvRDSAH08lbl16Y5VrBG9zv9mmpN4ZqAEW4H3aM23H0cnnf+G674i/k
EKIEAAac25/WmnnQ2HcZE1uGBgWasMDwonDcjM7wuUBJqt8V5D68pKVYhNW3eoLM
j9ziNUxRjwnx9V41WSEo2sY2frLMhaqi1jDQHnT7yfvFp7wXSGDXrltRta+bD8fD
Bup5IGdouGu/b7bCR+RFX9zf7tKW6gQ/uCLXHLwdR5HQr0WgoQJOS/fw3Tjb2KeT
Jez7vqIzheAKJsFE8wzG7mzECtFnn9cMO38g9vI5x7v3kEI5S9aNaVZS5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN28PgXs7mwzBBH28pcacX1QO10oMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvM2J3LUJlenViRE1FRWZieWx4cHhmVkE3WFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUHKAwQA
uXg7AwQBuf+yAwQA1BZKMA0GCSqGSIb3DQEBCwUAA4IBAQBtpKIbAzYfOAaInEFy
1SJm5z5JO951jEbpNKcW67tcPsiK431aXBd9Zn2UGqWD5rcxGJAYJMWjfYWAKdp5
eKNDJaXbcgQJVSgTmdxrsnEaVExIG2XohCh49JPjn9L6Vsclogie13Ir/3K8mY6i
ZEXwgZvhPMIF8xLmTBCJOKo3xQsPjyORUxROZ+1Pxad0VkxzScs32L4Qv/wpmvFu
IzmPaNugvztIk/bhVMOqv3RlBZqilNhz9Y3vIhjFiVmgda+1d6hR/Nn3kXA81enl
MMHK1BXggM2QwssoMfRIfFnjIwnO62hOR/txIt8WSJsu6Y1MpUxraTUnqyHNNpTm
znv/
-----END CERTIFICATE-----
Generated at Wed Sep 4 13:10:43 2024 by rpki-client on console-ams.rpki-client.org