Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/3EtMAdZ0DZ-pFnM0GloZw2GTy2M.roa
File: 3EtMAdZ0DZ-pFnM0GloZw2GTy2M.roa (raw, json)
Hash identifier: mbYxlAsQ9R2HVu5lGXrr/eCs+K0J7D0jRSLsqNI4L48=
Subject key identifier: DC:4B:4C:01:D6:74:0D:9F:A9:16:73:34:1A:5A:19:C3:61:93:CB:63
Certificate issuer: /CN=20b0da202d2c34a473a6d76af093e8de0311b95b
Certificate serial: 018571958A842AA4BA109FB6758430510CB2
Authority key identifier: 20:B0:DA:20:2D:2C:34:A4:73:A6:D7:6A:F0:93:E8:DE:03:11:B9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILDaIC0sNKRzptdq8JPo3gMRuVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/3EtMAdZ0DZ-pFnM0GloZw2GTy2M.roa
Signing time: Mon 02 Jan 2023 08:25:03 +0000
ROA not before: Mon 02 Jan 2023 08:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14717
IP address blocks: 5.133.72.0/22 maxlen: 24
94.125.192.0/21 maxlen: 24
91.199.136.0/24 maxlen: 24
2a02:2ba8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:8a:84:2a:a4:ba:10:9f:b6:75:84:30:51:0c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b0da202d2c34a473a6d76af093e8de0311b95b
Validity
Not Before: Jan 2 08:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc4b4c01d6740d9fa91673341a5a19c36193cb63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:62:b1:3f:3e:7f:97:07:5f:62:cd:e7:15:57:
56:3f:0d:5d:74:2e:80:c4:76:9e:24:a3:2d:69:0f:
39:c4:2f:18:1b:27:b9:13:ce:f6:01:3b:56:f0:a8:
d7:9d:46:64:45:0e:0c:39:43:79:29:4a:87:bf:de:
a5:92:fa:ef:eb:d7:1c:a6:74:81:69:9c:a1:82:ae:
1e:fb:0a:10:81:26:ec:9c:6b:bc:74:aa:93:3e:12:
8d:94:6e:e0:67:3b:d4:f1:6c:39:67:d6:91:95:91:
b5:d4:b3:8a:6b:c5:82:cf:a9:9a:32:76:9b:e0:62:
35:da:ba:56:7f:fe:7b:08:d9:e8:00:b8:f3:53:6c:
80:45:13:d4:c5:61:d2:ed:2c:e1:fe:25:a4:90:f1:
83:fe:11:b9:bc:b9:1b:a8:13:2e:d7:55:b6:4b:2a:
53:57:ac:a4:82:4c:13:46:bd:36:a2:56:ec:6b:57:
e4:1c:76:9b:59:79:a4:ef:7c:37:14:20:d9:c9:71:
b8:ba:9d:f3:ae:85:2a:30:6a:ea:33:aa:2c:25:28:
e2:0f:5b:fe:d1:26:17:ee:2c:b2:23:6b:f1:a2:cc:
6b:67:f7:cc:92:a2:2d:03:3f:ec:0f:c2:33:9d:e4:
cb:c0:59:a4:e4:fa:80:d5:6d:f5:16:4b:f1:68:16:
1f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4B:4C:01:D6:74:0D:9F:A9:16:73:34:1A:5A:19:C3:61:93:CB:63
X509v3 Authority Key Identifier:
keyid:20:B0:DA:20:2D:2C:34:A4:73:A6:D7:6A:F0:93:E8:DE:03:11:B9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILDaIC0sNKRzptdq8JPo3gMRuVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/3EtMAdZ0DZ-pFnM0GloZw2GTy2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/ILDaIC0sNKRzptdq8JPo3gMRuVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.72.0/22
91.199.136.0/24
94.125.192.0/21
IPv6:
2a02:2ba8::/32
Signature Algorithm: sha256WithRSAEncryption
a2:72:a4:18:31:e2:81:5d:40:e4:4b:87:a2:ef:53:00:e9:69:
31:3c:4f:d3:9a:18:ce:f7:b1:2f:0c:d5:46:90:31:8a:95:63:
9e:78:d4:23:20:a3:ca:2e:7a:2d:03:37:ae:81:1c:48:e3:57:
4a:3d:39:1c:3e:12:fc:ef:90:83:f1:ac:5e:69:bc:62:f9:2d:
8e:ce:71:f9:9f:7d:59:21:3f:b0:6a:5c:60:fc:0e:2b:80:53:
c2:69:cd:76:b1:b1:dc:35:76:87:a8:1d:9f:00:43:59:8d:d5:
8a:60:1b:83:77:aa:19:90:3c:a1:2c:ce:2f:b5:35:b6:24:a9:
e4:1b:07:92:1e:d9:b4:f7:cb:98:73:e4:05:c5:d5:6a:7f:7f:
62:eb:85:fc:cb:22:13:ce:98:bc:bc:b1:af:84:26:47:8a:79:
84:87:f6:dd:d3:99:60:45:83:34:9f:18:d1:b0:26:7f:a9:bd:
fd:88:99:d9:4a:6c:12:fa:4b:a6:2d:01:f6:bd:70:0e:a2:8a:
88:6e:1e:3f:34:0e:a7:da:e2:cc:7a:ab:10:88:c1:fc:2e:c1:
98:a8:17:6f:2d:e8:54:bb:9f:05:fd:65:1b:e9:10:32:ef:c0:
e1:eb:4e:87:9b:be:5c:4d:14:fe:6c:b6:9d:9d:ed:60:b0:b2:
9e:6f:e3:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxlYqEKqS6EJ+2dYQwUQyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjBkYTIwMmQyYzM0YTQ3M2E2ZDc2YWYwOTNlOGRlMDMx
MWI5NWIwHhcNMjMwMTAyMDgyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzRiNGMwMWQ2NzQwZDlmYTkxNjczMzQxYTVhMTljMzYxOTNjYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9mKxPz5/lwdfYs3nFVdWPw1ddC6A
xHaeJKMtaQ85xC8YGye5E872ATtW8KjXnUZkRQ4MOUN5KUqHv96lkvrv69ccpnSB
aZyhgq4e+woQgSbsnGu8dKqTPhKNlG7gZzvU8Ww5Z9aRlZG11LOKa8WCz6maMnab
4GI12rpWf/57CNnoALjzU2yARRPUxWHS7Szh/iWkkPGD/hG5vLkbqBMu11W2SypT
V6ykgkwTRr02olbsa1fkHHabWXmk73w3FCDZyXG4up3zroUqMGrqM6osJSjiD1v+
0SYX7iyyI2vxosxrZ/fMkqItAz/sD8IzneTLwFmk5PqA1W31FkvxaBYfrwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNxLTAHWdA2fqRZzNBpaGcNhk8tjMB8GA1UdIwQY
MBaAFCCw2iAtLDSkc6bXavCT6N4DEblbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxEYUlDMHNOS1J6cHRkcThKUG8zZ01SdVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kZWE5NzgtNWRhZS00YzhkLTliMmMt
ZDhlZmY1ZDZhNjNiLzEvM0V0TUFkWjBEWi1wRm5NMEdsb1p3MkdUeTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kZWE5NzgtNWRhZS00YzhkLTliMmMtZDhlZmY1ZDZhNjNi
LzEvSUxEYUlDMHNOS1J6cHRkcThKUG8zZ01SdVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBYVIAwQA
W8eIAwQDXn3AMA0EAgACMAcDBQAqAiuoMA0GCSqGSIb3DQEBCwUAA4IBAQCicqQY
MeKBXUDkS4ei71MA6WkxPE/TmhjO97EvDNVGkDGKlWOeeNQjIKPKLnotAzeugRxI
41dKPTkcPhL875CD8axeabxi+S2OznH5n31ZIT+walxg/A4rgFPCac12sbHcNXaH
qB2fAENZjdWKYBuDd6oZkDyhLM4vtTW2JKnkGweSHtm098uYc+QFxdVqf39i64X8
yyITzpi8vLGvhCZHinmEh/bd05lgRYM0nxjRsCZ/qb39iJnZSmwS+kumLQH2vXAO
ooqIbh4/NA6n2uLMeqsQiMH8LsGYqBdvLehUu58F/WUb6RAy78Dh606Hm75cTRT+
bLadne1gsLKeb+O/
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:23 2024 by rpki-client on console-ams.rpki-client.org