Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/3lWm-sW4vFB1geM2mNS50zeNI74.roa
File: 3lWm-sW4vFB1geM2mNS50zeNI74.roa (raw, json)
Hash identifier: 8v6oIBozBiqAjTbyMbs1EwE5HHLh3krNhuhSCKm+JHU=
Subject key identifier: DE:55:A6:FA:C5:B8:BC:50:75:81:E3:36:98:D4:B9:D3:37:8D:23:BE
Certificate issuer: /CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Certificate serial: 018712E8E95C6424E5C74B90250443A48D6F
Authority key identifier: E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/3lWm-sW4vFB1geM2mNS50zeNI74.roa
Signing time: Fri 24 Mar 2023 09:17:46 +0000
ROA not before: Fri 24 Mar 2023 09:17:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1836
IP address blocks: 195.234.43.0/24 maxlen: 24
185.221.40.0/24 maxlen: 24
2a09:f00:b::/48 maxlen: 48
2001:67c:690::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 May 2023 06:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:12:e8:e9:5c:64:24:e5:c7:4b:90:25:04:43:a4:8d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Validity
Not Before: Mar 24 09:17:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de55a6fac5b8bc507581e33698d4b9d3378d23be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:d0:c3:0e:b6:7b:16:53:2a:a6:48:b7:e7:
8b:70:e9:9b:03:0b:f6:15:d5:b6:e0:07:03:c6:51:
71:98:8f:e4:5f:a8:b3:4f:26:17:be:50:ae:3a:f1:
8a:93:2d:72:5b:88:0c:01:50:69:f2:b2:3b:a3:5e:
48:cb:f6:c1:4b:a7:98:44:a5:d0:b9:32:47:7e:bf:
bb:4b:ee:f6:a5:7b:40:35:ec:76:0a:95:54:69:fa:
f2:67:a0:ff:de:91:fb:c6:75:4a:45:9a:94:f1:82:
c8:31:77:e7:c9:66:f8:7a:67:fa:1f:d1:97:f0:20:
aa:aa:64:f7:e0:b0:99:96:a2:e1:6e:7d:a6:fa:d8:
0b:c7:58:43:1a:41:e3:c5:aa:61:3e:20:3d:7b:75:
1e:da:4e:e0:ff:e3:dd:2d:2a:76:a6:56:af:b6:12:
66:2e:16:06:e1:45:51:71:f2:79:7b:7c:57:f3:93:
76:25:e6:a9:03:3f:f3:76:45:b3:51:a5:3b:10:14:
53:b3:d5:fa:13:d5:73:ec:9a:5e:ae:22:52:74:a4:
82:bc:17:88:47:68:6b:59:19:d8:cb:86:ed:ea:9c:
2d:33:62:81:6a:df:70:4b:d2:00:a4:ad:5a:5d:b6:
04:97:d8:99:66:30:f9:98:4c:40:cc:63:74:0d:69:
bf:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:55:A6:FA:C5:B8:BC:50:75:81:E3:36:98:D4:B9:D3:37:8D:23:BE
X509v3 Authority Key Identifier:
keyid:E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/3lWm-sW4vFB1geM2mNS50zeNI74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.40.0/24
195.234.43.0/24
IPv6:
2001:67c:690::/48
2a09:f00:b::/48
Signature Algorithm: sha256WithRSAEncryption
3b:0f:82:16:13:de:be:a2:d9:d5:19:98:aa:9b:79:b5:71:7e:
ef:8a:92:2e:82:25:49:87:db:df:fa:5e:49:2d:a2:3b:0b:85:
d4:bd:f7:d4:b8:75:da:5b:03:87:15:26:f2:ca:7e:23:73:f0:
dc:48:a6:2e:e4:a3:ad:33:d8:ac:b1:ae:6a:b8:07:c8:79:46:
26:4c:39:ce:e4:a2:48:95:87:2e:66:ec:00:54:b1:4c:dd:ee:
f5:df:43:30:4d:22:b4:35:8d:57:98:45:40:e8:43:9c:0a:c0:
a8:55:8c:fc:c7:2c:58:b6:09:88:67:3a:b4:6e:66:59:e3:d5:
97:22:56:89:53:58:a7:ab:0d:02:b4:e5:3e:b4:5a:8e:86:f6:
8d:c0:ec:83:53:94:80:01:eb:b6:8b:60:48:48:f8:f9:dd:40:
9f:ff:86:64:66:ff:ab:73:dc:63:b3:62:cb:d7:c7:65:2f:2f:
b5:34:6a:a2:3e:75:cb:9c:3e:97:00:ce:01:76:19:cf:5f:48:
3d:02:e5:75:d2:4e:23:6c:6e:cd:43:e4:1e:04:32:05:d0:73:
72:59:d3:94:96:4b:cb:f8:bf:f3:63:8b:fc:ab:9d:a5:5d:f7:
02:37:d3:b6:99:70:9a:4a:1d:5b:e4:bc:c8:6f:e7:52:45:7a:
4d:08:b4:ba
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcS6OlcZCTlx0uQJQRDpI1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjU2ZjllZTE4ZmRiZmFmMzBhMGRhNTc5ODJlMjcyNzNk
YmNiNDIwHhcNMjMwMzI0MDkxNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU1YTZmYWM1YjhiYzUwNzU4MWUzMzY5OGQ0YjlkMzM3OGQyM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbHQww62exZTKqZIt+eLcOmbAwv2
FdW24AcDxlFxmI/kX6izTyYXvlCuOvGKky1yW4gMAVBp8rI7o15Iy/bBS6eYRKXQ
uTJHfr+7S+72pXtANex2CpVUafryZ6D/3pH7xnVKRZqU8YLIMXfnyWb4emf6H9GX
8CCqqmT34LCZlqLhbn2m+tgLx1hDGkHjxaphPiA9e3Ue2k7g/+PdLSp2plavthJm
LhYG4UVRcfJ5e3xX85N2JeapAz/zdkWzUaU7EBRTs9X6E9Vz7JperiJSdKSCvBeI
R2hrWRnYy4bt6pwtM2KBat9wS9IApK1aXbYEl9iZZjD5mExAzGN0DWm/IwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFN5VpvrFuLxQdYHjNpjUudM3jSO+MB8GA1UdIwQY
MBaAFOi1b57hj9v68woNpXmC4nJz28tCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYt
NzM1NWIyMDQzZTU0LzEvM2xXbS1zVzR2RkIxZ2VNMm1OUzUwemVOSTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYtNzM1NWIyMDQzZTU0
LzEvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAud0oAwQA
w+orMBgEAgACMBIDBwAgAQZ8BpADBwAqCQ8AAAswDQYJKoZIhvcNAQELBQADggEB
ADsPghYT3r6i2dUZmKqbebVxfu+Kki6CJUmH29/6XkktojsLhdS999S4ddpbA4cV
JvLKfiNz8NxIpi7ko60z2Kyxrmq4B8h5RiZMOc7kokiVhy5m7ABUsUzd7vXfQzBN
IrQ1jVeYRUDoQ5wKwKhVjPzHLFi2CYhnOrRuZlnj1ZciVolTWKerDQK05T60Wo6G
9o3A7INTlIAB67aLYEhI+PndQJ//hmRm/6tz3GOzYsvXx2UvL7U0aqI+dcucPpcA
zgF2Gc9fSD0C5XXSTiNsbs1D5B4EMgXQc3JZ05SWS8v4v/Nji/yrnaVd9wI307aZ
cJpKHVvkvMhv51JFek0ItLo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org