Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/3NAgj4w1jp-sVHy-oPArGjfNehU.roa
File: 3NAgj4w1jp-sVHy-oPArGjfNehU.roa (raw, json)
Hash identifier: HtFhMDd6RxT+JM2sp9O4bY+COwvxFefHEk+EBKLSSOM=
Subject key identifier: DC:D0:20:8F:8C:35:8E:9F:AC:54:7C:BE:A0:F0:2B:1A:37:CD:7A:15
Certificate issuer: /CN=b40d849cc43b732dab6641fc6fd5a4db3a2db947
Certificate serial: 01863598BFA9658A306FEE82FBAEB1EEFB7A
Authority key identifier: B4:0D:84:9C:C4:3B:73:2D:AB:66:41:FC:6F:D5:A4:DB:3A:2D:B9:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/3NAgj4w1jp-sVHy-oPArGjfNehU.roa
Signing time: Thu 09 Feb 2023 09:54:08 +0000
ROA not before: Thu 09 Feb 2023 09:54:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49898
IP address blocks: 185.169.169.0/24 maxlen: 24
185.169.170.0/24 maxlen: 24
185.169.171.0/24 maxlen: 24
185.169.168.0/24 maxlen: 24
2a0a:5306::/32 maxlen: 32
2a0a:5301::/32 maxlen: 32
2a0a:5304::/32 maxlen: 32
2a0a:5303::/32 maxlen: 32
2a0a:5307::/32 maxlen: 32
2a0a:5302::/32 maxlen: 32
2a0a:5305::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:98:bf:a9:65:8a:30:6f:ee:82:fb:ae:b1:ee:fb:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40d849cc43b732dab6641fc6fd5a4db3a2db947
Validity
Not Before: Feb 9 09:54:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd0208f8c358e9fac547cbea0f02b1a37cd7a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:47:10:e1:19:34:8a:9c:d5:2d:5b:30:ff:4b:
9a:d0:4f:cb:bd:ee:79:ce:6d:e3:1d:f4:f2:28:b6:
03:8e:22:c1:60:e8:3d:37:b9:d3:51:2d:32:f0:d6:
0f:1a:b6:a3:33:02:e2:79:74:e8:3a:57:02:6c:ad:
17:39:d0:16:e9:13:61:4e:f3:66:f9:b5:ac:69:76:
fa:09:02:6f:74:d3:04:40:43:72:b5:ec:f8:af:3d:
10:ad:85:9a:84:3a:e2:c2:df:5e:3b:72:ab:17:a4:
ff:85:2e:6d:10:da:f9:6f:5d:10:2f:92:47:20:a0:
ea:8e:22:8d:93:ad:c0:9a:f1:b6:18:d0:6d:76:ea:
a2:ed:5d:0c:c8:77:c9:09:47:47:f2:5b:2f:73:12:
da:6c:5c:2f:30:ca:93:3a:74:5c:21:1c:19:a9:90:
7a:fd:4b:e8:c8:73:57:3f:4f:09:46:10:25:01:f0:
11:e4:75:90:d0:88:e3:62:01:e5:37:a4:10:ed:54:
3d:a1:de:b7:b2:c3:12:3f:c1:d5:41:69:0f:aa:b2:
56:38:f0:3c:97:4a:b2:50:d2:d7:49:df:1e:09:3b:
6d:1d:f5:1a:b4:75:ea:65:0f:5f:7b:74:89:e7:e5:
e4:c7:f7:eb:dd:c9:65:7c:34:1c:17:8c:87:af:d6:
5d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D0:20:8F:8C:35:8E:9F:AC:54:7C:BE:A0:F0:2B:1A:37:CD:7A:15
X509v3 Authority Key Identifier:
keyid:B4:0D:84:9C:C4:3B:73:2D:AB:66:41:FC:6F:D5:A4:DB:3A:2D:B9:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/3NAgj4w1jp-sVHy-oPArGjfNehU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.168.0/22
IPv6:
2a0a:5301::-2a0a:5307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4e:b8:b3:18:39:90:17:b6:3e:f2:24:46:55:48:a3:f3:d5:81:
25:a0:c5:c4:c9:4f:a4:07:56:21:a8:9c:42:8d:5a:02:67:6a:
42:09:34:d4:c4:69:c8:b5:cd:b1:97:be:48:72:6a:96:61:0e:
95:47:67:70:0b:b6:69:d8:14:3c:88:b8:2c:61:07:03:ff:94:
6a:5b:82:61:05:5b:af:4f:e5:97:e5:2c:af:58:1b:9d:33:e1:
37:7b:ef:ea:0e:e6:68:b3:2d:06:c2:52:51:05:d9:dd:fc:db:
c1:a2:39:9b:15:d2:ec:ad:55:5e:e7:a9:16:dd:81:d2:be:0a:
33:55:40:81:d8:6c:f6:00:da:5a:1b:82:56:e2:e8:84:f3:b4:
51:d1:73:eb:d6:ff:5d:8a:6a:61:40:d9:d6:e8:b8:9f:00:98:
81:50:cd:b2:7a:75:16:4b:ab:6d:be:4e:be:8b:f4:f2:32:8c:
1d:73:b8:1d:ff:34:4f:8a:60:c9:5e:ca:c8:af:3c:ec:a7:69:
1b:ed:00:85:bc:9d:37:42:ba:0a:f1:11:9b:ac:86:c2:16:dd:
65:c8:92:0c:03:02:77:54:33:ee:2a:20:7e:26:7a:44:20:5a:
48:3b:a4:4a:e0:11:1d:f2:93:5a:44:83:ed:25:26:0b:e6:7c:
6e:14:62:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYY1mL+pZYowb+6C+66x7vt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MGQ4NDljYzQzYjczMmRhYjY2NDFmYzZmZDVhNGRiM2Ey
ZGI5NDcwHhcNMjMwMjA5MDk1NDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2QwMjA4ZjhjMzU4ZTlmYWM1NDdjYmVhMGYwMmIxYTM3Y2Q3YTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0cQ4Rk0ipzVLVsw/0ua0E/Lve55
zm3jHfTyKLYDjiLBYOg9N7nTUS0y8NYPGrajMwLieXToOlcCbK0XOdAW6RNhTvNm
+bWsaXb6CQJvdNMEQENytez4rz0QrYWahDriwt9eO3KrF6T/hS5tENr5b10QL5JH
IKDqjiKNk63AmvG2GNBtduqi7V0MyHfJCUdH8lsvcxLabFwvMMqTOnRcIRwZqZB6
/UvoyHNXP08JRhAlAfAR5HWQ0IjjYgHlN6QQ7VQ9od63ssMSP8HVQWkPqrJWOPA8
l0qyUNLXSd8eCTttHfUatHXqZQ9fe3SJ5+Xkx/fr3cllfDQcF4yHr9Zd3QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNzQII+MNY6frFR8vqDwKxo3zXoVMB8GA1UdIwQY
MBaAFLQNhJzEO3Mtq2ZB/G/VpNs6LblHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEEyRW5NUTdjeTJyWmtIOGI5V2syem90dVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xMzRjY2ItYjBhYi00NDZiLTgxNzIt
NjJlMjdjZDFlOTc1LzEvM05BZ2o0dzFqcC1zVkh5LW9QQXJHamZOZWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xMzRjY2ItYjBhYi00NDZiLTgxNzItNjJlMjdjZDFlOTc1
LzEvdEEyRW5NUTdjeTJyWmtIOGI5V2syem90dVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuamoMBYE
AgACMBAwDgMFACoKUwEDBQMqClMAMA0GCSqGSIb3DQEBCwUAA4IBAQBOuLMYOZAX
tj7yJEZVSKPz1YEloMXEyU+kB1YhqJxCjVoCZ2pCCTTUxGnItc2xl75IcmqWYQ6V
R2dwC7Zp2BQ8iLgsYQcD/5RqW4JhBVuvT+WX5SyvWBudM+E3e+/qDuZosy0GwlJR
Bdnd/NvBojmbFdLsrVVe56kW3YHSvgozVUCB2Gz2ANpaG4JW4uiE87RR0XPr1v9d
imphQNnW6LifAJiBUM2yenUWS6ttvk6+i/TyMowdc7gd/zRPimDJXsrIrzzsp2kb
7QCFvJ03QroK8RGbrIbCFt1lyJIMAwJ3VDPuKiB+JnpEIFpIO6RK4BEd8pNaRIPt
JSYL5nxuFGLn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:20 2024 by rpki-client on console-fra.rpki-client.org