Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/o3B0javgGr6nkfgyob5LiyH1dT8.roa
File: o3B0javgGr6nkfgyob5LiyH1dT8.roa (raw, json)
Hash identifier: o/ItEThZq9T0t0ITK7tA6Mi2/fxuSrQeHtMz43dks3I=
Subject key identifier: A3:70:74:8D:AB:E0:1A:BE:A7:91:F8:32:A1:BE:4B:8B:21:F5:75:3F
Certificate issuer: /CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Certificate serial: 0185724C8B0CB445D7D86B900CE28D693E7E
Authority key identifier: C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/o3B0javgGr6nkfgyob5LiyH1dT8.roa
Signing time: Mon 02 Jan 2023 11:44:56 +0000
ROA not before: Mon 02 Jan 2023 11:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59518
IP address blocks: 185.131.3.0/24 maxlen: 24
2a02:6f00:ec0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:8b:0c:b4:45:d7:d8:6b:90:0c:e2:8d:69:3e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Validity
Not Before: Jan 2 11:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a370748dabe01abea791f832a1be4b8b21f5753f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c0:8a:3c:b9:e0:e3:69:ba:28:75:e6:8a:dd:
ed:3b:a8:98:af:38:1a:75:6c:3e:22:40:43:9b:b9:
df:b4:62:c7:4c:81:3d:53:a3:7b:26:15:2d:02:3b:
4c:7b:91:ac:f3:04:3d:1f:32:99:0a:8a:bd:90:ed:
0b:02:f5:08:21:d2:0c:3d:82:8e:61:ce:6a:d9:38:
c3:22:82:0f:af:9f:d1:6f:a2:dc:a9:fa:ce:27:91:
56:c8:76:ed:90:da:96:db:c9:08:08:2c:8d:34:de:
37:12:4f:29:e2:fe:90:ef:29:56:5a:4d:b3:b2:67:
38:69:33:7b:aa:57:61:e9:e7:fc:ab:02:5c:57:a1:
fe:47:86:e5:05:41:ec:21:25:bf:c9:03:ac:c9:e2:
c6:4f:68:16:72:ea:cd:75:c4:ef:48:fc:fe:6e:02:
b9:f2:ad:c4:33:40:5b:71:91:5e:29:a2:a6:52:d8:
98:b0:04:66:ea:d1:a7:98:7b:20:92:50:48:c5:5a:
c0:60:20:be:69:06:73:9e:92:a8:2a:ca:a3:f9:00:
53:48:13:c1:40:e3:6b:d6:b9:70:17:43:f4:31:6c:
ae:d9:a1:9f:57:07:d4:60:7b:78:b2:2f:13:da:c1:
58:27:e4:2b:5f:dd:98:67:30:bc:df:95:57:0a:0f:
df:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:70:74:8D:AB:E0:1A:BE:A7:91:F8:32:A1:BE:4B:8B:21:F5:75:3F
X509v3 Authority Key Identifier:
keyid:C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/o3B0javgGr6nkfgyob5LiyH1dT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/xOuh_fbE3hksHT7fioAMpZf5fWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.3.0/24
IPv6:
2a02:6f00:ec0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:c2:be:71:f6:c5:5d:aa:bd:d4:1a:c1:95:bd:de:bc:4c:26:
6f:50:16:46:bc:a4:b4:17:1f:b9:e6:f6:69:b0:ca:8c:d8:5e:
7d:5b:0d:e0:37:f0:fe:a0:5f:e2:8a:25:4f:67:2f:35:7f:15:
13:c4:e4:ec:f5:68:84:94:67:98:85:c0:f3:72:98:32:55:79:
1f:8d:19:48:97:8c:0e:99:bc:ce:eb:e4:9c:22:84:f6:f2:70:
cf:20:3b:48:98:e0:2a:9c:43:2e:02:8b:07:24:d4:49:9f:1b:
26:ca:7a:ca:be:4f:3d:3e:8b:03:3e:a2:19:77:7b:bd:fc:69:
a6:1c:67:12:8f:a7:84:3c:be:73:b5:b4:02:dd:96:ae:94:8f:
d6:22:f6:09:61:46:16:fa:c7:12:6b:af:6a:62:ea:b0:e0:ff:
dd:9e:da:91:9b:c5:32:0d:24:ac:b6:08:59:71:a1:85:59:70:
b0:0a:79:53:3e:7b:c3:d4:20:f3:5f:cf:1c:00:1f:a5:f8:19:
22:e4:ee:af:65:8f:f9:47:22:00:01:14:b7:34:00:13:b7:cd:
98:76:21:a5:cc:2d:fb:25:1c:9d:b0:ae:cf:1f:89:b1:57:ef:
bc:7a:60:a4:91:14:d4:72:22:9e:f6:71:a5:3f:f4:cb:d6:47:
b4:03:c9:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyTIsMtEXX2GuQDOKNaT5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWJhMWZkZjZjNGRlMTkyYzFkM2VkZjhhODAwY2E1OTdm
OTdkNjgwHhcNMjMwMTAyMTE0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcwNzQ4ZGFiZTAxYWJlYTc5MWY4MzJhMWJlNGI4YjIxZjU3NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8CKPLng42m6KHXmit3tO6iYrzga
dWw+IkBDm7nftGLHTIE9U6N7JhUtAjtMe5Gs8wQ9HzKZCoq9kO0LAvUIIdIMPYKO
Yc5q2TjDIoIPr5/Rb6LcqfrOJ5FWyHbtkNqW28kICCyNNN43Ek8p4v6Q7ylWWk2z
smc4aTN7qldh6ef8qwJcV6H+R4blBUHsISW/yQOsyeLGT2gWcurNdcTvSPz+bgK5
8q3EM0BbcZFeKaKmUtiYsARm6tGnmHsgklBIxVrAYCC+aQZznpKoKsqj+QBTSBPB
QONr1rlwF0P0MWyu2aGfVwfUYHt4si8T2sFYJ+QrX92YZzC835VXCg/fpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKNwdI2r4Bq+p5H4MqG+S4sh9XU/MB8GA1UdIwQY
MBaAFMTrof32xN4ZLB0+34qADKWX+X1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYt
NTEyODU2MGRiZGZjLzEvbzNCMGphdmdHcjZua2ZneW9iNUxpeUgxZFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYtNTEyODU2MGRiZGZj
LzEveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYMDMA8E
AgACMAkDBwAqAm8ADsAwDQYJKoZIhvcNAQELBQADggEBALXCvnH2xV2qvdQawZW9
3rxMJm9QFka8pLQXH7nm9mmwyozYXn1bDeA38P6gX+KKJU9nLzV/FRPE5Oz1aISU
Z5iFwPNymDJVeR+NGUiXjA6ZvM7r5JwihPbycM8gO0iY4CqcQy4Ciwck1EmfGybK
esq+Tz0+iwM+ohl3e738aaYcZxKPp4Q8vnO1tALdlq6Uj9Yi9glhRhb6xxJrr2pi
6rDg/92e2pGbxTINJKy2CFlxoYVZcLAKeVM+e8PUIPNfzxwAH6X4GSLk7q9lj/lH
IgABFLc0ABO3zZh2IaXMLfslHJ2wrs8fibFX77x6YKSRFNRyIp72caU/9MvWR7QD
yXA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:54 2024 by rpki-client on console-fra.rpki-client.org