Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3EvA3356C4D3HW-2Uc5IuXWxzV0.roa
File: 3EvA3356C4D3HW-2Uc5IuXWxzV0.roa (raw, json)
Hash identifier: Y75wrPRL96XMvpYgw4p83DmlzH9mP279MALvFp1UG2k=
Subject key identifier: DC:4B:C0:DF:7E:7A:0B:80:F7:1D:6F:B6:51:CE:48:B9:75:B1:CD:5D
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01860C2ABB6A138B653C0D9E8A1C7E141C19
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3EvA3356C4D3HW-2Uc5IuXWxzV0.roa
Signing time: Wed 01 Feb 2023 08:49:32 +0000
ROA not before: Wed 01 Feb 2023 08:49:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.136.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
93.114.244.0/24 maxlen: 24
185.112.249.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 04:58:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:2a:bb:6a:13:8b:65:3c:0d:9e:8a:1c:7e:14:1c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 1 08:49:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc4bc0df7e7a0b80f71d6fb651ce48b975b1cd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f9:74:d4:98:d7:5d:e3:44:b3:81:df:84:99:
d5:3d:90:41:20:97:1a:b7:95:13:f1:33:17:19:83:
c5:7f:d1:ea:b5:c2:c1:99:5c:79:19:4b:4a:96:5e:
62:a5:88:97:bc:44:b3:1b:8a:5d:62:2a:6d:82:04:
34:71:1d:ba:b2:c7:e3:46:18:52:4a:b7:35:11:ac:
f5:6b:01:ee:62:52:63:94:41:93:4b:38:08:ad:14:
31:20:93:31:4f:4e:11:37:92:42:67:91:9d:fc:86:
2a:14:1c:2a:75:67:c4:0c:04:e3:1a:b2:d0:fc:99:
d7:58:e6:57:c9:13:2d:03:0e:bc:93:25:69:82:a8:
80:5f:86:54:8a:d3:41:82:c1:56:19:d5:c9:32:25:
50:20:3a:d8:fc:d4:4f:29:02:dd:db:47:6c:1b:85:
c9:a8:6a:3b:f0:08:74:fd:b8:66:ef:0f:67:81:7e:
2b:16:1b:de:99:c1:3b:62:b0:f9:a8:4b:71:b1:9d:
b6:59:3e:93:19:d7:fe:9f:ed:ca:14:6d:fc:04:4a:
e7:69:8e:a0:66:71:6c:d8:ad:64:dc:f2:68:b6:4b:
d3:2e:61:c5:5f:72:d7:39:f6:c4:12:a1:24:bf:ac:
fc:66:53:6e:2b:58:7c:af:12:9a:51:55:2f:6d:e0:
fb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4B:C0:DF:7E:7A:0B:80:F7:1D:6F:B6:51:CE:48:B9:75:B1:CD:5D
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3EvA3356C4D3HW-2Uc5IuXWxzV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
89.34.219.0/24
89.35.129.0/24
93.114.244.0/24
185.112.249.0/24
188.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
81:2e:da:cb:ab:1e:4d:3d:ed:c5:aa:93:2c:89:30:fa:fb:07:
75:b6:79:e1:01:93:89:ba:1c:08:ac:ea:5c:79:40:d2:e4:22:
af:6b:bd:07:3e:be:60:c2:da:73:05:d7:53:69:01:d4:7c:21:
a1:58:f6:28:26:b5:93:d6:0c:d2:8d:9f:92:65:69:15:f9:66:
72:b7:1b:df:ad:68:3d:71:7b:b9:99:f4:4c:a8:27:7b:32:f0:
04:74:d1:1c:ec:24:09:3f:38:86:51:27:8f:18:79:16:d1:32:
45:27:68:c2:5a:20:dd:f5:91:73:8e:0a:2e:93:44:dd:cb:95:
52:10:f8:eb:3a:4c:aa:1e:01:f7:5d:9b:c2:46:74:ec:a4:00:
03:91:07:48:0b:2b:21:ff:b4:70:dc:cf:68:e7:4f:2f:63:54:
dd:9e:8a:2b:8e:c8:d2:fc:c1:ee:d6:ab:6b:23:da:10:b8:b9:
f5:73:85:9f:91:e9:54:71:af:7d:6b:ca:28:9e:60:ad:8f:0d:
ab:e8:9b:b8:aa:44:6b:39:47:d2:58:0b:b7:02:82:2b:ce:a6:
3a:6e:03:37:82:8d:3a:c0:77:a2:27:e7:9c:22:29:8b:65:70:
3a:fe:07:6d:eb:97:4b:fd:c6:ae:f5:11:c6:b0:a4:f3:7a:27:
18:f3:40:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYMKrtqE4tlPA2eihx+FBwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMjAxMDg0OTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzRiYzBkZjdlN2EwYjgwZjcxZDZmYjY1MWNlNDhiOTc1YjFjZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPl01JjXXeNEs4HfhJnVPZBBIJca
t5UT8TMXGYPFf9HqtcLBmVx5GUtKll5ipYiXvESzG4pdYiptggQ0cR26ssfjRhhS
Src1Eaz1awHuYlJjlEGTSzgIrRQxIJMxT04RN5JCZ5Gd/IYqFBwqdWfEDATjGrLQ
/JnXWOZXyRMtAw68kyVpgqiAX4ZUitNBgsFWGdXJMiVQIDrY/NRPKQLd20dsG4XJ
qGo78Ah0/bhm7w9ngX4rFhvemcE7YrD5qEtxsZ22WT6TGdf+n+3KFG38BErnaY6g
ZnFs2K1k3PJotkvTLmHFX3LXOfbEEqEkv6z8ZlNuK1h8rxKaUVUvbeD73wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNxLwN9+eguA9x1vtlHOSLl1sc1dMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM0V2QTMzNTZDNEQzSFctMlVjNUl1WFd4elYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPsCYAwQA
WSLbAwQAWSOBAwQAXXL0AwQAuXD5AwQBvPGIMA0GCSqGSIb3DQEBCwUAA4IBAQCB
LtrLqx5NPe3FqpMsiTD6+wd1tnnhAZOJuhwIrOpceUDS5CKva70HPr5gwtpzBddT
aQHUfCGhWPYoJrWT1gzSjZ+SZWkV+WZytxvfrWg9cXu5mfRMqCd7MvAEdNEc7CQJ
PziGUSePGHkW0TJFJ2jCWiDd9ZFzjgouk0Tdy5VSEPjrOkyqHgH3XZvCRnTspAAD
kQdICysh/7Rw3M9o508vY1TdnoorjsjS/MHu1qtrI9oQuLn1c4WfkelUca99a8oo
nmCtjw2r6Ju4qkRrOUfSWAu3AoIrzqY6bgM3go06wHeiJ+ecIimLZXA6/gdt65dL
/cau9RHGsKTzeicY80D3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org