Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3uSVK9NKpd2RqFLyseBGjory7A8.roa
File: 3uSVK9NKpd2RqFLyseBGjory7A8.roa (raw, json)
Hash identifier: 1gVJptpxc+TM7RYyMa9DVFLp/Ep9RsQB8ReQvuOXQBs=
Subject key identifier: DE:E4:95:2B:D3:4A:A5:DD:91:A8:52:F2:B1:E0:46:8E:8A:F2:EC:0F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01879E2B78110323803C234745DC9679F445
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3uSVK9NKpd2RqFLyseBGjory7A8.roa
Signing time: Thu 20 Apr 2023 10:17:41 +0000
ROA not before: Thu 20 Apr 2023 10:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 89.37.192.0/23 maxlen: 23
2.57.242.0/23 maxlen: 23
94.177.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 09:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:2b:78:11:03:23:80:3c:23:47:45:dc:96:79:f4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 20 10:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dee4952bd34aa5dd91a852f2b1e0468e8af2ec0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:77:f8:64:e0:45:ba:f3:82:cb:ed:16:0d:59:
ea:3e:44:76:92:d4:aa:c7:13:19:de:15:c0:09:43:
05:75:43:41:3d:1c:fd:32:2d:22:65:09:2c:95:e4:
81:d0:98:0c:bc:1f:1d:df:74:1c:fa:84:b0:d0:6c:
2e:4d:df:4b:70:3e:96:58:35:b0:be:88:62:41:66:
a4:e7:83:46:54:77:2a:8d:69:88:ed:7e:32:f8:77:
27:83:38:f8:e8:ac:12:4e:4c:f4:d5:55:41:8a:6f:
9f:61:55:06:42:16:6a:20:07:ae:59:61:57:c4:a5:
85:1c:2c:44:c6:66:20:72:56:8f:ff:44:71:ff:c0:
1f:8d:f7:45:b3:2e:b5:fb:27:6e:0e:44:5c:c0:09:
0c:4c:ba:d4:17:28:ef:75:da:0d:f5:ae:07:29:d5:
43:0b:85:d3:77:9f:a9:78:ff:59:75:ff:65:0b:67:
65:1c:3c:b5:ce:88:3a:b0:ac:b3:33:1f:06:97:a2:
02:c0:9c:04:7f:ad:6b:b1:32:03:32:4d:0f:2b:1b:
1a:3a:c4:36:6e:1c:c4:c1:aa:3d:bf:4d:cb:c7:ed:
e0:c6:18:81:ef:ab:23:c0:e7:c9:18:67:11:75:ca:
c7:bf:82:32:98:42:09:86:d9:68:8d:54:68:91:b8:
20:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E4:95:2B:D3:4A:A5:DD:91:A8:52:F2:B1:E0:46:8E:8A:F2:EC:0F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3uSVK9NKpd2RqFLyseBGjory7A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/23
89.37.192.0/23
94.177.145.0/24
Signature Algorithm: sha256WithRSAEncryption
23:50:2b:60:f4:68:b1:d4:03:9b:10:67:b7:da:26:5b:59:ee:
0e:c8:b3:39:a9:e3:43:33:23:75:3d:20:0e:87:30:27:35:bc:
dd:93:9a:a0:bf:8a:0a:56:42:17:9f:b8:f3:c2:32:21:c0:a8:
4d:c8:12:74:63:9d:4a:6c:81:d8:2d:52:1e:13:05:2a:4d:d6:
fd:a1:95:16:8d:cd:2f:82:55:79:4d:83:92:8e:06:b1:db:95:
20:6a:d1:91:a2:9a:d3:20:94:46:a9:fe:c1:99:b9:78:fb:9e:
b2:5e:4e:62:82:ce:f8:59:0c:05:93:84:04:f3:68:44:97:36:
0f:43:4c:36:2f:a8:1a:8e:ad:f4:b8:65:89:f9:d1:8e:9b:e7:
6d:83:2b:22:27:06:ba:0d:47:be:99:44:fd:81:a3:2b:04:1f:
41:c5:f9:81:79:e5:09:33:a7:2e:58:b6:4d:64:77:25:95:3d:
45:74:dd:8a:b4:6b:9a:a7:26:c7:1b:60:72:5d:64:e8:e4:a4:
48:c3:96:cc:83:2f:16:59:35:d8:78:55:3a:14:39:f0:ab:9f:
54:c8:1e:e6:88:b6:0f:cd:40:7a:4a:30:ee:f1:ff:9e:48:d0:
87:bc:59:c3:57:9d:f3:79:58:ee:08:0b:53:e3:d0:1a:0a:57:
b6:69:66:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeeK3gRAyOAPCNHRdyWefRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNDIwMTAxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWU0OTUyYmQzNGFhNWRkOTFhODUyZjJiMWUwNDY4ZThhZjJlYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnf4ZOBFuvOCy+0WDVnqPkR2ktSq
xxMZ3hXACUMFdUNBPRz9Mi0iZQksleSB0JgMvB8d33Qc+oSw0GwuTd9LcD6WWDWw
vohiQWak54NGVHcqjWmI7X4y+Hcngzj46KwSTkz01VVBim+fYVUGQhZqIAeuWWFX
xKWFHCxExmYgclaP/0Rx/8AfjfdFsy61+yduDkRcwAkMTLrUFyjvddoN9a4HKdVD
C4XTd5+peP9Zdf9lC2dlHDy1zog6sKyzMx8Gl6ICwJwEf61rsTIDMk0PKxsaOsQ2
bhzEwao9v03Lx+3gxhiB76sjwOfJGGcRdcrHv4IymEIJhtlojVRokbggFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN7klSvTSqXdkahS8rHgRo6K8uwPMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM3VTVks5TktwZDJScUZMeXNlQkdqb3J5N0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBAjnyAwQB
WSXAAwQAXrGRMA0GCSqGSIb3DQEBCwUAA4IBAQAjUCtg9Gix1AObEGe32iZbWe4O
yLM5qeNDMyN1PSAOhzAnNbzdk5qgv4oKVkIXn7jzwjIhwKhNyBJ0Y51KbIHYLVIe
EwUqTdb9oZUWjc0vglV5TYOSjgax25UgatGRoprTIJRGqf7Bmbl4+56yXk5igs74
WQwFk4QE82hElzYPQ0w2L6gajq30uGWJ+dGOm+dtgysiJwa6DUe+mUT9gaMrBB9B
xfmBeeUJM6cuWLZNZHcllT1FdN2KtGuapybHG2ByXWTo5KRIw5bMgy8WWTXYeFU6
FDnwq59UyB7miLYPzUB6SjDu8f+eSNCHvFnDV53zeVjuCAtT49AaCle2aWYZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:11 2024 by rpki-client on console-ams.rpki-client.org