Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3kWRt8eFGbUTN3sBBeWjWpa7Kt0.roa
File: 3kWRt8eFGbUTN3sBBeWjWpa7Kt0.roa (raw, json)
Hash identifier: 5y/cZSho+5IjlQl4WBhbXQE4LD3N3zGsgq5rs/JCK8E=
Subject key identifier: DE:45:91:B7:C7:85:19:B5:13:37:7B:01:05:E5:A3:5A:96:BB:2A:DD
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018BFCF82BDC654FD96D42E20388FA990C73
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3kWRt8eFGbUTN3sBBeWjWpa7Kt0.roa
Signing time: Thu 23 Nov 2023 16:16:44 +0000
ROA not before: Thu 23 Nov 2023 16:16:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked on Tue 19 Dec 2023 21:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:f8:2b:dc:65:4f:d9:6d:42:e2:03:88:fa:99:0c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Nov 23 16:16:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de4591b7c78519b513377b0105e5a35a96bb2add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:90:e7:48:6e:ee:0d:49:ec:39:7b:d6:f2:10:
67:4d:7a:ca:e3:a4:b7:e7:b1:5c:8e:eb:6e:82:79:
5f:4a:48:1d:39:1a:b9:73:3d:91:c5:dd:ed:cc:49:
3f:c8:60:9b:9e:40:8d:e2:02:9a:cc:4e:a8:00:d4:
79:18:d0:b5:2e:c2:ba:4d:c1:22:35:a0:03:97:09:
4c:af:6a:39:3c:17:89:7c:19:9d:ce:6c:26:0a:75:
ee:34:14:44:8d:51:9d:7f:c9:b5:a3:13:eb:b6:19:
44:9e:2a:c2:9a:5c:68:54:cc:ef:87:14:d4:80:3a:
12:4f:df:81:0f:bb:3c:2e:e3:f3:6c:74:a4:e0:fc:
f6:7b:0a:c5:0d:8d:fb:92:ed:70:ea:f4:e1:4e:3a:
88:ff:54:63:b1:e0:d2:46:03:65:5e:3b:c8:24:a9:
2d:7f:23:ed:5c:05:54:8f:e4:21:b5:59:a6:7d:4b:
fd:40:7d:ba:39:02:1a:45:8b:fd:65:0c:29:4d:fe:
5b:a1:2d:8c:d6:a7:86:68:4c:8b:67:96:b3:43:84:
41:1e:bb:72:96:52:ad:e4:23:07:23:35:56:4d:a1:
c3:c5:3d:cc:3c:30:3d:57:1f:d7:e6:66:aa:70:2a:
73:8d:45:a7:42:37:ce:0d:88:cb:d4:a2:a5:6d:21:
9b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:45:91:B7:C7:85:19:B5:13:37:7B:01:05:E5:A3:5A:96:BB:2A:DD
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3kWRt8eFGbUTN3sBBeWjWpa7Kt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
aa:b0:3c:90:f7:09:45:39:55:a6:51:a3:4d:c8:68:e3:c5:6b:
e6:56:82:9b:fe:80:73:4e:d0:ed:4d:f5:40:91:51:03:75:3a:
8c:36:17:d4:c2:35:35:d0:f5:d8:9a:26:89:63:57:85:82:60:
06:4c:10:5b:83:bb:85:e8:22:c7:2a:cb:88:30:7d:a1:c5:0e:
ae:95:77:f9:da:e6:f3:92:b1:30:2c:17:e1:9e:31:8a:08:09:
f8:48:00:fc:c2:1b:24:61:f3:c7:73:d5:0d:69:3c:57:02:1c:
81:5e:04:d2:49:ce:be:50:6e:2c:89:7f:b0:f6:43:b6:b1:12:
b0:d3:42:7f:f5:cc:41:60:55:5b:99:f3:38:d2:13:34:70:5e:
dd:0d:f0:15:ae:dd:ce:88:9c:18:2a:2c:5e:05:77:5d:bd:76:
50:4a:8f:8b:4d:25:1e:96:76:fc:2d:d7:d5:07:3b:d8:6d:24:
e8:a5:2f:ed:e0:b7:e3:b4:ea:e9:a4:f4:f1:9b:ba:72:05:0b:
2c:02:10:44:b2:78:96:77:57:6a:02:4f:3e:0c:71:2d:8b:58:
f0:b3:c1:6c:8b:b8:9b:4d:6d:4b:3a:7b:ea:38:1d:cb:c5:2c:
c8:b1:c9:37:2c:5c:71:6f:d1:8a:7c:cc:e6:e6:08:50:9e:4e:
d6:63:9a:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYv8+CvcZU/ZbULiA4j6mQxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMxMTIzMTYxNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ1OTFiN2M3ODUxOWI1MTMzNzdiMDEwNWU1YTM1YTk2YmIyYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5DnSG7uDUnsOXvW8hBnTXrK46S3
57FcjutugnlfSkgdORq5cz2Rxd3tzEk/yGCbnkCN4gKazE6oANR5GNC1LsK6TcEi
NaADlwlMr2o5PBeJfBmdzmwmCnXuNBREjVGdf8m1oxPrthlEnirCmlxoVMzvhxTU
gDoST9+BD7s8LuPzbHSk4Pz2ewrFDY37ku1w6vThTjqI/1RjseDSRgNlXjvIJKkt
fyPtXAVUj+QhtVmmfUv9QH26OQIaRYv9ZQwpTf5boS2M1qeGaEyLZ5azQ4RBHrty
llKt5CMHIzVWTaHDxT3MPDA9Vx/X5maqcCpzjUWnQjfODYjL1KKlbSGbPwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN5FkbfHhRm1Ezd7AQXlo1qWuyrdMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvM2tXUnQ4ZUZHYlVUTjNzQkJlV2pXcGE3S3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQA
w9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCqsDyQ9wlFOVWm
UaNNyGjjxWvmVoKb/oBzTtDtTfVAkVEDdTqMNhfUwjU10PXYmiaJY1eFgmAGTBBb
g7uF6CLHKsuIMH2hxQ6ulXf52ubzkrEwLBfhnjGKCAn4SAD8whskYfPHc9UNaTxX
AhyBXgTSSc6+UG4siX+w9kO2sRKw00J/9cxBYFVbmfM40hM0cF7dDfAVrt3OiJwY
KixeBXddvXZQSo+LTSUelnb8LdfVBzvYbSTopS/t4LfjtOrppPTxm7pyBQssAhBE
sniWd1dqAk8+DHEti1jws8Fsi7ibTW1LOnvqOB3LxSzIsck3LFxxb9GKfMzm5ghQ
nk7WY5oC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org