Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/3MdtrhCKxrlBFaEDGrtkWeUz4qg.roa
File: 3MdtrhCKxrlBFaEDGrtkWeUz4qg.roa (raw, json)
Hash identifier: DUlngGww/TEB2qpBB8E8qVCWRkKgMyZDn4p6ad+18tY=
Subject key identifier: DC:C7:6D:AE:10:8A:C6:B9:41:15:A1:03:1A:BB:64:59:E5:33:E2:A8
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018AEF1364190B3419C84B74C315397391CB
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/3MdtrhCKxrlBFaEDGrtkWeUz4qg.roa
Signing time: Mon 02 Oct 2023 06:28:59 +0000
ROA not before: Mon 02 Oct 2023 06:28:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41911
IP address blocks: 91.241.120.0/21 maxlen: 22
176.110.32.0/19 maxlen: 19
46.250.96.0/19 maxlen: 20
91.243.0.0/19 maxlen: 20
176.110.0.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:13:64:19:0b:34:19:c8:4b:74:c3:15:39:73:91:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Oct 2 06:28:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcc76dae108ac6b94115a1031abb6459e533e2a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:51:39:59:ed:40:15:0c:0e:f4:10:91:f5:48:
b8:5c:58:48:87:96:dd:8e:fc:bd:6a:72:ff:4c:71:
62:e7:00:ce:f2:11:55:a5:d7:32:ef:81:6a:10:94:
31:b2:66:5e:f0:e3:4e:f0:57:0f:92:e0:b6:ae:3b:
7c:04:bf:2a:0b:34:c5:89:a7:ba:7a:30:47:34:2e:
81:36:3b:0e:c1:eb:c4:fa:3c:16:0b:82:8f:e2:ee:
b6:37:47:8e:d8:e2:73:20:4f:5d:91:52:e7:99:b5:
dd:b4:d2:e3:d6:56:c4:fd:fe:e6:cb:f2:d3:1e:7f:
2a:fd:4c:64:a6:2c:c5:73:61:ad:2f:f5:34:68:9c:
fc:4b:19:e9:0f:8f:d1:7d:65:91:6a:d6:d5:1e:8c:
d9:57:a3:fd:b4:68:b4:b5:84:76:f1:5e:ae:8e:40:
47:eb:fe:8d:83:70:81:a3:be:f4:1c:bf:09:85:f2:
a1:5e:30:64:de:4c:2c:fa:f5:a2:c5:c1:d9:b4:ce:
ff:89:be:c0:cf:f5:54:fc:93:d3:f6:44:5e:33:77:
52:89:7e:4e:c2:b9:24:53:ab:b4:95:29:0e:cb:4f:
42:97:2e:19:47:f8:5c:97:0c:1e:07:b3:f3:a6:ea:
1a:c2:3f:80:22:c4:1c:dd:fc:04:7d:d6:02:1d:f8:
32:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C7:6D:AE:10:8A:C6:B9:41:15:A1:03:1A:BB:64:59:E5:33:E2:A8
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/3MdtrhCKxrlBFaEDGrtkWeUz4qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.96.0/19
91.241.120.0/21
91.243.0.0/19
176.110.0.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:20:3b:73:2c:d5:47:b6:90:e3:d9:26:34:00:c2:aa:bb:60:
b4:3f:69:fc:88:b4:e8:59:cb:72:49:bd:94:2e:a4:ff:01:ce:
5c:b2:a5:30:82:ce:1d:5c:e6:33:c2:c7:11:bf:c2:93:30:cc:
47:60:7f:85:06:9c:cc:2d:f8:31:32:31:15:a7:ce:d0:06:1c:
88:8c:8d:58:b7:b1:3a:50:27:ba:8c:34:b0:f6:87:f0:db:86:
24:8a:df:d6:53:c4:c5:da:32:70:6c:9d:a6:69:2e:6d:39:ef:
fe:34:6f:1e:7e:46:7b:13:59:70:94:ca:38:26:7f:f1:5f:50:
45:81:e1:57:a4:bd:30:05:8e:60:1b:3b:a2:eb:fd:d5:74:2d:
12:b9:f0:b4:03:00:3a:44:1d:68:b8:9c:d3:77:ee:93:f0:80:
8c:f4:40:71:42:02:02:5c:df:eb:bc:5a:50:5d:5b:63:57:fa:
6e:55:8c:31:d1:ba:ef:3b:9a:8b:bf:4e:e2:32:f8:2f:96:72:
fa:36:cc:31:6f:61:28:f9:4f:41:76:4a:9a:bb:52:4a:6b:87:
df:76:61:e8:2f:19:22:a4:f6:1b:be:8a:dc:4c:b6:6c:7a:5a:
3d:d1:09:ab:d4:5c:a5:80:45:08:8d:9c:ad:50:36:26:68:b4:
29:36:61:f3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrvE2QZCzQZyEt0wxU5c5HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjMxMDAyMDYyODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M3NmRhZTEwOGFjNmI5NDExNWExMDMxYWJiNjQ1OWU1MzNlMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFE5We1AFQwO9BCR9Ui4XFhIh5bd
jvy9anL/THFi5wDO8hFVpdcy74FqEJQxsmZe8ONO8FcPkuC2rjt8BL8qCzTFiae6
ejBHNC6BNjsOwevE+jwWC4KP4u62N0eO2OJzIE9dkVLnmbXdtNLj1lbE/f7my/LT
Hn8q/UxkpizFc2GtL/U0aJz8SxnpD4/RfWWRatbVHozZV6P9tGi0tYR28V6ujkBH
6/6Ng3CBo770HL8JhfKhXjBk3kws+vWixcHZtM7/ib7Az/VU/JPT9kReM3dSiX5O
wrkkU6u0lSkOy09Cly4ZR/hclwweB7Pzpuoawj+AIsQc3fwEfdYCHfgycwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNzHba4Qisa5QRWhAxq7ZFnlM+KoMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xLzNNZHRyaENLeHJsQkZhRURHcnRrV2VVejRxZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAUu+mAD
BANb8XgDBAVb8wADBAawbgAwDQYJKoZIhvcNAQELBQADggEBAH8gO3Ms1Ue2kOPZ
JjQAwqq7YLQ/afyItOhZy3JJvZQupP8BzlyypTCCzh1c5jPCxxG/wpMwzEdgf4UG
nMwt+DEyMRWnztAGHIiMjVi3sTpQJ7qMNLD2h/DbhiSK39ZTxMXaMnBsnaZpLm05
7/40bx5+RnsTWXCUyjgmf/FfUEWB4VekvTAFjmAbO6Lr/dV0LRK58LQDADpEHWi4
nNN37pPwgIz0QHFCAgJc3+u8WlBdW2NX+m5VjDHRuu87mou/TuIy+C+Wcvo2zDFv
YSj5T0F2Spq7Ukprh992YegvGSKk9hu+itxMtmx6Wj3RCavUXKWARQiNnK1QNiZo
tCk2YfM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:12 2024 by rpki-client on console-ams.rpki-client.org