Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3Uw-7z2kMz7P2hTiFYuyjNoIC7M.roa
File: 3Uw-7z2kMz7P2hTiFYuyjNoIC7M.roa (raw, json)
Hash identifier: afekNJynpaO8TfvKa3AT97hHgiLCtRzfnqO9reTavxw=
Subject key identifier: DD:4C:3E:EF:3D:A4:33:3E:CF:DA:14:E2:15:8B:B2:8C:DA:08:0B:B3
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0194A6C3A312A2146F597EAF7C0A402FA7F9
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3Uw-7z2kMz7P2hTiFYuyjNoIC7M.roa
Signing time: Mon 27 Jan 2025 07:57:06 +0000
ROA not before: Mon 27 Jan 2025 07:57:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 62.171.230.0/24 maxlen: 24
194.238.78.0/24 maxlen: 24
194.238.79.0/24 maxlen: 24
213.18.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 07:56:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a6:c3:a3:12:a2:14:6f:59:7e:af:7c:0a:40:2f:a7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 27 07:57:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd4c3eef3da4333ecfda14e2158bb28cda080bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:2c:1a:a4:ee:c4:06:9d:5a:37:61:d5:86:
33:f0:20:47:19:df:a3:fe:6f:ce:4b:3e:07:d8:00:
9a:ca:91:cd:62:fe:36:f9:f2:bc:df:65:ac:e8:68:
93:a3:66:92:b5:5e:21:e7:ff:e4:72:2c:f8:4b:c9:
e2:f1:c2:a0:f3:c4:21:f9:06:94:62:12:78:c5:a4:
84:19:06:f6:7d:38:3d:83:3a:ee:b5:69:b3:67:5f:
64:1d:4d:e1:75:52:e1:ff:e6:dd:26:7d:e4:34:7a:
82:ed:b6:f1:67:7b:d3:82:51:ce:8a:3e:0f:c0:58:
93:80:eb:1e:bf:97:50:46:79:0b:87:10:dd:57:cf:
30:57:2a:7a:ba:b1:29:69:4f:e1:db:b9:88:b9:59:
67:81:a9:1f:ef:1f:c7:b7:13:81:8f:7f:31:ba:b3:
25:a6:d9:e6:06:b4:c1:53:e8:8b:5e:5d:ae:9b:1b:
8a:6b:9e:32:bc:b5:b9:b5:1f:ac:d2:36:31:68:11:
a6:59:44:5b:d5:11:43:38:90:88:a8:8a:f5:24:73:
54:bf:14:86:d5:32:78:79:ad:8c:4d:70:ae:45:56:
63:e2:0c:e4:f4:b0:71:6b:65:28:d5:06:f0:4a:fc:
b4:3c:cf:a6:ee:92:03:22:03:d2:9d:04:56:d6:10:
22:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4C:3E:EF:3D:A4:33:3E:CF:DA:14:E2:15:8B:B2:8C:DA:08:0B:B3
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3Uw-7z2kMz7P2hTiFYuyjNoIC7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.230.0/24
194.238.78.0/23
213.18.245.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e5:84:8b:cc:37:10:3a:9f:21:da:d4:75:0d:7f:4b:0f:53:
cb:73:f8:6f:96:0e:80:38:10:75:8c:92:35:61:7d:06:33:b1:
04:19:7c:ee:e5:30:32:f7:f6:1f:b7:df:9c:63:d2:23:9c:32:
9f:cc:5d:c6:75:b0:8b:12:e6:2c:62:30:2d:b4:b6:d2:d0:a4:
93:07:86:6d:fb:70:03:b5:83:29:19:4e:46:87:05:0b:16:b9:
b5:f4:31:54:62:70:16:c1:a5:56:61:2c:53:ae:13:0e:b0:65:
72:d3:8d:5d:5d:67:a1:e9:d8:30:4b:7f:f5:07:2b:48:ff:84:
e3:64:a4:0a:08:5d:95:98:f0:26:1c:7d:6a:8f:63:0d:e3:f3:
40:b0:79:7d:76:c1:cc:9c:2e:50:6d:e4:6f:de:21:ae:89:5e:
e0:f9:1e:a8:08:15:49:84:02:26:8c:13:2a:b8:2b:85:12:60:
6c:39:35:e2:5a:fc:7e:75:a7:46:54:c2:71:3b:b7:0d:6e:6f:
99:bd:38:96:9f:dc:23:0a:b1:e2:f2:23:56:f1:1e:86:e3:c9:
68:57:ea:9a:c2:8c:29:1c:4c:78:e7:1f:4c:18:3f:b7:bc:a0:
22:e0:16:11:e4:c9:67:28:7d:d4:13:5c:ee:7c:8f:ea:59:ce:
22:dc:27:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZSmw6MSohRvWX6vfApAL6f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTI3MDc1NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRjM2VlZjNkYTQzMzNlY2ZkYTE0ZTIxNThiYjI4Y2RhMDgwYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTIsGqTuxAadWjdh1YYz8CBHGd+j
/m/OSz4H2ACaypHNYv42+fK832Ws6GiTo2aStV4h5//kciz4S8ni8cKg88Qh+QaU
YhJ4xaSEGQb2fTg9gzrutWmzZ19kHU3hdVLh/+bdJn3kNHqC7bbxZ3vTglHOij4P
wFiTgOsev5dQRnkLhxDdV88wVyp6urEpaU/h27mIuVlngakf7x/HtxOBj38xurMl
ptnmBrTBU+iLXl2umxuKa54yvLW5tR+s0jYxaBGmWURb1RFDOJCIqIr1JHNUvxSG
1TJ4ea2MTXCuRVZj4gzk9LBxa2Uo1QbwSvy0PM+m7pIDIgPSnQRW1hAivQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN1MPu89pDM+z9oU4hWLsozaCAuzMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvM1V3LTd6MmtNejdQMmhUaUZZdXlqTm9JQzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPqvmAwQB
wu5OAwQA1RL1MA0GCSqGSIb3DQEBCwUAA4IBAQCb5YSLzDcQOp8h2tR1DX9LD1PL
c/hvlg6AOBB1jJI1YX0GM7EEGXzu5TAy9/Yft9+cY9IjnDKfzF3GdbCLEuYsYjAt
tLbS0KSTB4Zt+3ADtYMpGU5GhwULFrm19DFUYnAWwaVWYSxTrhMOsGVy041dXWeh
6dgwS3/1BytI/4TjZKQKCF2VmPAmHH1qj2MN4/NAsHl9dsHMnC5QbeRv3iGuiV7g
+R6oCBVJhAImjBMquCuFEmBsOTXiWvx+dadGVMJxO7cNbm+ZvTiWn9wjCrHi8iNW
8R6G48loV+qawowpHEx45x9MGD+3vKAi4BYR5MlnKH3UE1zufI/qWc4i3Ced
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:05:15 2025 by rpki-client