Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/3dhquPMXsdOSn93UO--YTGdklqA.roa
File: 3dhquPMXsdOSn93UO--YTGdklqA.roa (raw, json)
Hash identifier: ThN6qYtPQETFiGXA2u1iZhg/wtlgeE8xaolIiIzwiys=
Subject key identifier: DD:D8:6A:B8:F3:17:B1:D3:92:9F:DD:D4:3B:EF:98:4C:67:64:96:A0
Certificate issuer: /CN=dbb98010536c406ea8f3d665594c228d76eb10fd
Certificate serial: 018CC348A3DC8491105F8CCCF3F10D8804F0
Authority key identifier: DB:B9:80:10:53:6C:40:6E:A8:F3:D6:65:59:4C:22:8D:76:EB:10:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27mAEFNsQG6o89ZlWUwijXbrEP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/3dhquPMXsdOSn93UO--YTGdklqA.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47626
IP address blocks: 193.35.48.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a3:dc:84:91:10:5f:8c:cc:f3:f1:0d:88:04:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb98010536c406ea8f3d665594c228d76eb10fd
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddd86ab8f317b1d3929fddd43bef984c676496a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2c:ce:d1:a2:5c:31:7c:76:67:5a:13:53:ce:
84:4d:a1:e9:37:92:e1:29:98:e5:a9:04:01:08:d9:
71:71:b8:ef:35:ff:43:ea:d3:16:cc:3a:95:c0:f5:
7c:0b:a4:01:f2:24:8f:b1:f3:00:6a:35:f8:bb:a5:
17:38:8f:d0:c2:70:df:a9:10:08:43:60:43:99:87:
f2:a8:2e:a6:8f:91:78:25:db:8f:eb:94:dc:db:3b:
7a:b4:ab:82:25:d0:3b:1c:f5:65:92:7e:d1:6f:47:
95:4f:73:db:b1:56:ff:41:62:24:1d:d5:b4:74:c7:
8d:64:d8:91:b7:5c:66:5b:97:78:82:7d:37:94:12:
b6:51:ae:09:92:5d:74:db:fa:f0:52:c3:dd:85:87:
fb:22:7c:f7:ab:8c:9a:b3:23:75:4e:b2:7a:bf:ee:
e1:d8:21:df:fa:2b:99:a9:85:85:f9:f9:99:b2:4e:
e4:c0:81:da:27:fa:57:77:ff:dd:af:7a:22:db:a4:
2a:4b:79:8c:38:9c:3d:dd:90:ab:2a:a4:cc:cd:8a:
cf:dd:df:22:a7:c9:98:02:38:33:1a:50:82:4d:89:
30:17:39:8a:fd:3e:01:ab:fe:a7:3e:2d:99:e2:f0:
40:b8:56:21:2a:60:ee:4c:6a:9e:cf:20:65:5d:bc:
bc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D8:6A:B8:F3:17:B1:D3:92:9F:DD:D4:3B:EF:98:4C:67:64:96:A0
X509v3 Authority Key Identifier:
keyid:DB:B9:80:10:53:6C:40:6E:A8:F3:D6:65:59:4C:22:8D:76:EB:10:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27mAEFNsQG6o89ZlWUwijXbrEP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/3dhquPMXsdOSn93UO--YTGdklqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7f3d9-a501-46af-b9d8-72081bd4cd8d/1/27mAEFNsQG6o89ZlWUwijXbrEP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.48.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:61:ef:f6:14:23:7b:6b:bd:22:66:78:61:98:10:7e:f8:6c:
08:79:a7:8e:a4:e9:c3:d8:1f:fd:0a:97:90:a6:de:e6:7a:5c:
56:51:9a:ef:ef:73:a2:ca:82:ad:9e:2a:25:86:1f:4a:66:f5:
b6:2d:7b:3a:22:1b:b1:a2:2f:38:e4:ac:8c:c0:0c:5f:9e:b8:
d0:83:77:07:43:72:25:ff:aa:fd:90:c1:3c:06:71:21:e0:37:
ec:3f:c2:6e:c7:88:81:6e:98:67:57:0b:48:e7:85:71:a9:54:
b2:63:e6:00:7f:86:66:46:dd:72:fe:e2:cf:57:bf:7e:46:ad:
b8:5c:e7:94:20:b7:f7:b3:7e:0a:21:e0:b9:52:92:dc:8a:17:
92:00:66:ca:42:2a:f9:05:09:28:4e:2b:73:e7:57:47:34:43:
79:a3:92:27:82:5d:c6:70:b0:dd:ab:f7:35:0f:5d:18:14:69:
f1:20:60:3b:89:9b:19:30:3d:97:b4:86:10:ef:38:dd:50:09:
bc:1f:2c:f3:3f:8d:5b:20:fc:d7:9b:fb:15:08:2e:49:aa:a2:
e9:46:ce:84:65:99:f0:2f:a6:50:94:dd:2c:03:90:50:66:e2:
0e:b4:67:0c:fb:10:c5:90:9a:ac:e4:9a:70:dd:55:5e:81:97:
ea:8b:e0:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSKPchJEQX4zM8/ENiATwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjk4MDEwNTM2YzQwNmVhOGYzZDY2NTU5NGMyMjhkNzZl
YjEwZmQwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ4NmFiOGYzMTdiMWQzOTI5ZmRkZDQzYmVmOTg0YzY3NjQ5NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyzO0aJcMXx2Z1oTU86ETaHpN5Lh
KZjlqQQBCNlxcbjvNf9D6tMWzDqVwPV8C6QB8iSPsfMAajX4u6UXOI/QwnDfqRAI
Q2BDmYfyqC6mj5F4JduP65Tc2zt6tKuCJdA7HPVlkn7Rb0eVT3PbsVb/QWIkHdW0
dMeNZNiRt1xmW5d4gn03lBK2Ua4Jkl102/rwUsPdhYf7Inz3q4yasyN1TrJ6v+7h
2CHf+iuZqYWF+fmZsk7kwIHaJ/pXd//dr3oi26QqS3mMOJw93ZCrKqTMzYrP3d8i
p8mYAjgzGlCCTYkwFzmK/T4Bq/6nPi2Z4vBAuFYhKmDuTGqezyBlXby8gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3YarjzF7HTkp/d1DvvmExnZJagMB8GA1UdIwQY
MBaAFNu5gBBTbEBuqPPWZVlMIo126xD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdtQUVGTnNRRzZvODlabFdVd2lqWGJyRVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9jN2YzZDktYTUwMS00NmFmLWI5ZDgt
NzIwODFiZDRjZDhkLzEvM2RocXVQTVhzZE9TbjkzVU8tLVlUR2RrbHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9jN2YzZDktYTUwMS00NmFmLWI5ZDgtNzIwODFiZDRjZDhk
LzEvMjdtQUVGTnNRRzZvODlabFdVd2lqWGJyRVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSMwMA0G
CSqGSIb3DQEBCwUAA4IBAQB+Ye/2FCN7a70iZnhhmBB++GwIeaeOpOnD2B/9CpeQ
pt7melxWUZrv73OiyoKtniolhh9KZvW2LXs6Ihuxoi845KyMwAxfnrjQg3cHQ3Il
/6r9kME8BnEh4DfsP8Jux4iBbphnVwtI54VxqVSyY+YAf4ZmRt1y/uLPV79+Rq24
XOeUILf3s34KIeC5UpLciheSAGbKQir5BQkoTitz51dHNEN5o5Ingl3GcLDdq/c1
D10YFGnxIGA7iZsZMD2XtIYQ7zjdUAm8HyzzP41bIPzXm/sVCC5JqqLpRs6EZZnw
L6ZQlN0sA5BQZuIOtGcM+xDFkJqs5Jpw3VVegZfqi+CO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:52 2025 by rpki-client