Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/3mERRw7E5XUgIBH_5pcwphPvXvk.roa
File: 3mERRw7E5XUgIBH_5pcwphPvXvk.roa (raw, json)
Hash identifier: r2r5lkOmQe2LFCismkyuTDNf9ACLsbZo52n6p6bb6Ho=
Subject key identifier: DE:61:11:47:0E:C4:E5:75:20:20:11:FF:E6:97:30:A6:13:EF:5E:F9
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 018CC26D2B48D3F121DF8CE433F0875965D5
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/3mERRw7E5XUgIBH_5pcwphPvXvk.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 217.119.142.0/24 maxlen: 24
146.19.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2b:48:d3:f1:21:df:8c:e4:33:f0:87:59:65:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de6111470ec4e575202011ffe69730a613ef5ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:17:e6:31:c5:81:44:ad:f1:ac:c5:56:dd:79:
6d:5d:22:9e:b3:eb:32:e8:45:90:4b:85:a5:13:90:
27:ba:ca:e9:5b:59:f1:da:e7:a7:88:f5:d6:f5:6c:
13:88:53:25:33:91:66:32:43:0c:0a:b5:0e:51:3c:
bc:6e:60:86:86:bd:19:d7:6e:fe:52:aa:4c:ef:c9:
ae:19:01:75:19:5c:e6:96:ba:39:23:34:99:02:5d:
61:9a:83:db:bc:95:6f:e7:b6:66:86:22:31:6e:22:
51:3e:ed:3d:30:50:b1:a3:69:d2:74:fb:d2:92:7c:
ac:1c:05:d7:c0:b8:0a:d0:6d:f9:63:9b:f2:f0:ab:
db:d2:44:72:71:77:04:7f:74:bd:4c:3b:35:f4:2a:
22:7e:35:80:21:8b:49:30:fe:d0:2e:b3:0c:1e:95:
46:f5:b8:0d:98:40:81:57:ee:00:1f:95:8e:26:af:
7d:f2:b4:94:5a:b4:7f:5e:bb:34:2a:bc:57:b2:74:
ff:5f:2c:c4:f2:3a:f6:4e:f3:2d:d1:09:72:68:6d:
47:67:82:50:21:97:01:6e:7c:4a:ba:70:50:44:e0:
dc:40:ef:f7:3d:a5:96:eb:4c:a0:b9:da:1f:23:26:
e3:0d:23:38:fc:56:9e:42:5c:a7:93:98:20:66:6e:
d5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:61:11:47:0E:C4:E5:75:20:20:11:FF:E6:97:30:A6:13:EF:5E:F9
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/3mERRw7E5XUgIBH_5pcwphPvXvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.26.0/24
217.119.142.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:08:3a:89:4c:2a:67:45:61:05:c4:dc:10:26:e6:2a:e6:c7:
cd:57:9c:d2:83:b4:07:41:4b:dc:e6:dc:fa:50:28:77:91:c5:
db:96:e1:59:c0:21:d1:85:9c:d5:91:bc:77:b8:4f:bb:2a:cd:
64:f3:d1:6f:c7:dd:0c:34:32:12:d5:84:37:12:a6:e5:b2:ef:
e1:4b:c8:66:72:1d:b0:81:54:e6:e3:03:8b:43:b1:12:16:62:
4f:e3:62:f0:bf:15:fe:20:7a:e8:41:73:66:58:95:6c:59:1e:
da:0b:1e:f7:9e:e6:31:e1:d6:e9:d9:f3:aa:09:51:ad:b8:35:
44:33:7c:d1:e2:17:ca:da:85:24:81:06:47:14:19:68:10:ca:
a7:5e:23:fe:88:c3:f2:11:61:54:1c:df:92:fe:9d:1c:2e:00:
83:d4:23:e0:fe:bc:b6:81:e0:a9:a5:11:63:f1:21:b5:7b:43:
84:e8:59:fc:12:27:d3:55:58:32:3f:3d:10:03:7e:8b:15:2f:
56:29:54:bc:0f:53:6a:0f:37:bb:69:84:39:43:d4:ed:8e:4a:
18:80:5c:84:1e:36:44:f1:90:7b:dd:f6:aa:1e:7e:b4:eb:5e:
af:61:d7:69:2b:e3:67:1a:ab:af:61:5f:57:db:3f:90:9f:8d:
dd:0a:f7:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbStI0/Eh34zkM/CHWWXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYxMTE0NzBlYzRlNTc1MjAyMDExZmZlNjk3MzBhNjEzZWY1ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxfmMcWBRK3xrMVW3XltXSKes+sy
6EWQS4WlE5AnusrpW1nx2ueniPXW9WwTiFMlM5FmMkMMCrUOUTy8bmCGhr0Z127+
UqpM78muGQF1GVzmlro5IzSZAl1hmoPbvJVv57ZmhiIxbiJRPu09MFCxo2nSdPvS
knysHAXXwLgK0G35Y5vy8Kvb0kRycXcEf3S9TDs19CoifjWAIYtJMP7QLrMMHpVG
9bgNmECBV+4AH5WOJq998rSUWrR/Xrs0KrxXsnT/XyzE8jr2TvMt0QlyaG1HZ4JQ
IZcBbnxKunBQRODcQO/3PaWW60ygudofIybjDSM4/FaeQlynk5ggZm7VBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN5hEUcOxOV1ICAR/+aXMKYT7175MB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvM21FUlJ3N0U1WFVnSUJIXzVwY3dwaFB2WHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhMaAwQA
2XeOMA0GCSqGSIb3DQEBCwUAA4IBAQCgCDqJTCpnRWEFxNwQJuYq5sfNV5zSg7QH
QUvc5tz6UCh3kcXbluFZwCHRhZzVkbx3uE+7Ks1k89Fvx90MNDIS1YQ3Eqblsu/h
S8hmch2wgVTm4wOLQ7ESFmJP42LwvxX+IHroQXNmWJVsWR7aCx73nuYx4dbp2fOq
CVGtuDVEM3zR4hfK2oUkgQZHFBloEMqnXiP+iMPyEWFUHN+S/p0cLgCD1CPg/ry2
geCppRFj8SG1e0OE6Fn8EifTVVgyPz0QA36LFS9WKVS8D1NqDze7aYQ5Q9TtjkoY
gFyEHjZE8ZB73faqHn60616vYddpK+NnGquvYV9X2z+Qn43dCvdf
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:35:33 2025 by rpki-client