Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/3C2hHVA1uO3MJatOu0JXtnS1pXI.roa
File: 3C2hHVA1uO3MJatOu0JXtnS1pXI.roa (raw, json)
Hash identifier: I0uSv2hmunlxKZY/StvTVLmd+PAl+pQx24LWmyJ+HtY=
Subject key identifier: DC:2D:A1:1D:50:35:B8:ED:CC:25:AB:4E:BB:42:57:B6:74:B5:A5:72
Certificate issuer: /CN=e10fbb9b3cd1c216adc699e5edad5f531d9afcb6
Certificate serial: 018573284BB5C18EAF8AE9F3C734D115B163
Authority key identifier: E1:0F:BB:9B:3C:D1:C2:16:AD:C6:99:E5:ED:AD:5F:53:1D:9A:FC:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q-7mzzRwhatxpnl7a1fUx2a_LY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/3C2hHVA1uO3MJatOu0JXtnS1pXI.roa
Signing time: Mon 02 Jan 2023 15:44:58 +0000
ROA not before: Mon 02 Jan 2023 15:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43530
IP address blocks: 176.62.240.0/20 maxlen: 20
78.110.144.0/20 maxlen: 20
37.75.192.0/21 maxlen: 21
46.245.128.0/21 maxlen: 21
5.35.128.0/19 maxlen: 19
185.222.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:4b:b5:c1:8e:af:8a:e9:f3:c7:34:d1:15:b1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10fbb9b3cd1c216adc699e5edad5f531d9afcb6
Validity
Not Before: Jan 2 15:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc2da11d5035b8edcc25ab4ebb4257b674b5a572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b5:a5:08:46:25:6d:5d:81:f1:79:11:b4:be:
f3:e7:69:ec:b1:ab:8a:3b:07:0e:66:ac:c0:8f:2d:
41:41:c5:68:86:71:5a:87:57:02:27:a0:58:52:fb:
c7:44:05:32:df:df:c5:aa:ab:6f:41:6a:4c:22:27:
85:ac:b3:69:32:62:56:0c:c9:15:16:32:51:c6:68:
02:f9:de:78:6e:32:b3:ee:97:f4:8c:34:7f:4e:84:
78:0c:5f:85:a4:29:4f:3a:44:bd:b5:58:e6:a1:a4:
ba:64:3e:c1:29:a5:51:18:6e:71:a6:52:f5:17:57:
6a:7b:40:1b:ea:52:9f:25:b3:99:96:b0:e5:da:fc:
f1:2d:76:15:b4:05:c8:e5:fe:c7:f8:ee:ae:92:df:
d1:93:99:fc:8a:3d:bd:b5:ff:28:82:87:71:39:4a:
c0:7c:4f:33:f7:8a:13:aa:fa:f1:b0:71:06:48:e1:
f4:d9:43:8a:cf:2d:a2:7f:43:b3:d4:bf:b1:84:69:
18:da:39:ca:2a:84:b0:2e:67:05:b3:3d:3f:31:3f:
16:f9:62:6e:ab:ce:0d:8f:d9:87:10:af:09:4d:89:
d0:b2:73:60:e4:9b:c7:3c:57:dc:04:da:7e:b7:61:
eb:75:54:05:dc:44:d8:82:35:d1:f0:3c:08:a7:b1:
71:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2D:A1:1D:50:35:B8:ED:CC:25:AB:4E:BB:42:57:B6:74:B5:A5:72
X509v3 Authority Key Identifier:
keyid:E1:0F:BB:9B:3C:D1:C2:16:AD:C6:99:E5:ED:AD:5F:53:1D:9A:FC:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q-7mzzRwhatxpnl7a1fUx2a_LY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/3C2hHVA1uO3MJatOu0JXtnS1pXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/4Q-7mzzRwhatxpnl7a1fUx2a_LY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.128.0/19
37.75.192.0/21
46.245.128.0/21
78.110.144.0/20
176.62.240.0/20
185.222.236.0/22
Signature Algorithm: sha256WithRSAEncryption
dc:2b:88:25:8a:06:e6:9b:20:18:81:be:a6:fd:b0:3c:4f:37:
20:63:b9:76:e7:54:db:3d:35:c3:3e:9b:a8:09:15:53:9d:fb:
c8:a0:10:4f:40:5f:a5:b6:e0:3a:f7:9f:d6:0a:b0:7a:6b:29:
11:3d:db:bf:54:9f:da:da:e1:be:7b:ed:f6:c6:84:71:20:ce:
64:c9:bb:50:c8:48:1d:2c:0e:fa:6c:80:70:71:a2:5a:46:01:
a4:bb:a7:bb:ce:30:52:82:a1:27:79:bb:92:a2:89:54:66:5d:
a1:c0:4c:a1:42:3d:80:28:f4:9e:64:c2:d8:d1:16:6b:1a:ad:
40:8f:8d:a7:f0:1d:9b:5f:bf:46:a0:19:71:68:89:11:46:47:
8a:4d:d9:b5:1a:6b:00:55:4b:a7:77:ed:31:00:c9:c1:6b:1a:
8a:93:14:20:d9:8b:ec:80:59:99:c4:04:55:79:34:f2:1f:a0:
0a:33:71:ef:62:16:ad:96:6e:8a:55:38:ce:d6:f3:5d:6e:f1:
c4:fb:65:aa:ea:0d:2a:fc:63:f1:fc:e3:13:47:ef:44:fb:e4:
c2:e3:bf:6d:12:2e:c9:58:e4:0c:06:ab:92:ee:22:26:20:ec:
a0:f8:d7:20:4d:41:2f:d9:b3:c1:cb:13:5b:a3:7b:c0:de:36:
3e:f0:6f:1d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVzKEu1wY6viunzxzTRFbFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGZiYjliM2NkMWMyMTZhZGM2OTllNWVkYWQ1ZjUzMWQ5
YWZjYjYwHhcNMjMwMTAyMTU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzJkYTExZDUwMzViOGVkY2MyNWFiNGViYjQyNTdiNjc0YjVhNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLWlCEYlbV2B8XkRtL7z52nssauK
OwcOZqzAjy1BQcVohnFah1cCJ6BYUvvHRAUy39/FqqtvQWpMIieFrLNpMmJWDMkV
FjJRxmgC+d54bjKz7pf0jDR/ToR4DF+FpClPOkS9tVjmoaS6ZD7BKaVRGG5xplL1
F1dqe0Ab6lKfJbOZlrDl2vzxLXYVtAXI5f7H+O6ukt/Rk5n8ij29tf8ogodxOUrA
fE8z94oTqvrxsHEGSOH02UOKzy2if0Oz1L+xhGkY2jnKKoSwLmcFsz0/MT8W+WJu
q84Nj9mHEK8JTYnQsnNg5JvHPFfcBNp+t2HrdVQF3ETYgjXR8DwIp7FxZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNwtoR1QNbjtzCWrTrtCV7Z0taVyMB8GA1UdIwQY
MBaAFOEPu5s80cIWrcaZ5e2tX1Mdmvy2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFEtN216elJ3aGF0eHBubDdhMWZVeDJhX0xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84M2ZmOGYtMTZjYS00MjQ5LWI3NzQt
NjJhMjhmM2UwMDFjLzEvM0MyaEhWQTF1TzNNSmF0T3UwSlh0blMxcFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84M2ZmOGYtMTZjYS00MjQ5LWI3NzQtNjJhMjhmM2UwMDFj
LzEvNFEtN216elJ3aGF0eHBubDdhMWZVeDJhX0xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFBSOAAwQD
JUvAAwQDLvWAAwQETm6QAwQEsD7wAwQCud7sMA0GCSqGSIb3DQEBCwUAA4IBAQDc
K4gligbmmyAYgb6m/bA8TzcgY7l251TbPTXDPpuoCRVTnfvIoBBPQF+ltuA695/W
CrB6aykRPdu/VJ/a2uG+e+32xoRxIM5kybtQyEgdLA76bIBwcaJaRgGku6e7zjBS
gqEnebuSoolUZl2hwEyhQj2AKPSeZMLY0RZrGq1Aj42n8B2bX79GoBlxaIkRRkeK
Tdm1GmsAVUund+0xAMnBaxqKkxQg2YvsgFmZxARVeTTyH6AKM3HvYhatlm6KVTjO
1vNdbvHE+2Wq6g0q/GPx/OMTR+9E++TC479tEi7JWOQMBquS7iImIOyg+NcgTUEv
2bPByxNbo3vA3jY+8G8d
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:55 2024 by rpki-client on console-fra.rpki-client.org