Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/3UhIYloDSpk8dJTKAfAtUvLSiuA.roa
File: 3UhIYloDSpk8dJTKAfAtUvLSiuA.roa (raw, json)
Hash identifier: oaxZ3gVeByLZk1O+M9Ez1DBrpqMJV8+MdAsR3Hve7wE=
Subject key identifier: DD:48:48:62:5A:03:4A:99:3C:74:94:CA:01:F0:2D:52:F2:D2:8A:E0
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018A9C6615C5557678192FA7CB9896B42BAD
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/3UhIYloDSpk8dJTKAfAtUvLSiuA.roa
Signing time: Sat 16 Sep 2023 05:10:50 +0000
ROA not before: Sat 16 Sep 2023 05:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210110
IP address blocks: 185.145.244.0/24 maxlen: 24
2a0e:aa07:e02f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9c:66:15:c5:55:76:78:19:2f:a7:cb:98:96:b4:2b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Sep 16 05:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd4848625a034a993c7494ca01f02d52f2d28ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:73:9f:15:92:d4:e2:c8:82:d9:4f:4e:4f:b6:
66:4c:01:ad:90:c0:01:e9:d1:88:43:93:3c:ad:75:
c0:61:3a:84:3b:37:d0:5c:36:91:75:76:e0:a9:5c:
79:68:2d:91:b0:18:01:68:b5:9f:ff:c0:dc:51:d3:
d9:7c:6d:6a:52:04:68:c7:34:a2:e3:89:c2:66:e7:
c9:bf:01:61:50:14:47:ad:bf:13:09:81:62:a7:86:
c9:73:be:66:4b:0b:90:b8:c0:cb:57:e8:10:52:1e:
82:47:4f:a6:97:90:34:11:76:e0:91:72:0b:ca:2c:
d0:33:d3:2a:7d:73:93:ac:da:2e:fe:94:4a:b9:75:
f1:f7:2e:bb:17:ea:66:d7:69:df:9a:af:51:bc:06:
2f:ca:ea:3a:d8:d3:c7:80:fc:27:28:81:65:b0:7a:
ab:c2:36:68:9e:2b:4a:cb:fb:f3:ba:89:a4:84:fc:
b0:d7:31:47:d5:8a:be:68:c8:b8:f3:e8:93:b3:08:
81:90:5c:c0:93:d9:a2:4f:1d:2b:64:b1:60:b9:80:
14:66:ca:2e:ad:49:80:09:9b:17:dc:d9:ad:8b:08:
85:33:34:a2:6b:bb:46:7d:ad:a5:0c:57:f4:98:a7:
da:09:69:1c:fd:7c:97:eb:45:f5:ca:c8:52:07:e2:
07:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:48:48:62:5A:03:4A:99:3C:74:94:CA:01:F0:2D:52:F2:D2:8A:E0
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/3UhIYloDSpk8dJTKAfAtUvLSiuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.244.0/24
IPv6:
2a0e:aa07:e02f::/48
Signature Algorithm: sha256WithRSAEncryption
45:2a:d1:0e:f5:2c:b8:2b:de:36:e0:6a:1f:94:ce:68:84:80:
0e:58:b0:5c:2c:c4:3b:ff:41:62:c9:f9:d1:2c:82:69:45:c6:
41:e8:76:ed:10:5d:0b:6a:d3:79:c5:48:62:13:ee:15:f9:04:
95:50:65:13:50:12:aa:24:fd:00:30:9b:c7:4a:b2:44:c9:7a:
12:04:01:53:7d:eb:8a:83:b9:53:a7:29:dd:48:a8:25:d0:bd:
c5:ec:88:03:58:7c:32:0c:12:82:b5:67:63:39:b8:d2:ae:a3:
54:d3:01:ae:9c:b5:d5:37:41:70:16:50:e9:4f:57:e8:7d:34:
59:56:52:3f:bf:48:c3:24:bd:fc:77:21:6c:b5:91:25:76:b1:
46:de:45:b0:9b:d6:4a:97:a5:31:7c:2d:ae:77:04:5e:5a:52:
9f:25:a6:80:fc:b5:7f:48:c0:17:02:36:69:b2:8e:33:2f:45:
5d:90:98:79:89:57:ae:31:66:42:6d:ad:94:44:3a:7f:b8:f9:
95:7a:f5:45:dc:6f:28:a4:3e:5e:f6:e4:78:e4:2e:4e:0d:aa:
2f:96:c5:cd:51:f5:b6:b0:0c:b8:71:54:68:ac:ca:fd:eb:7b:
6d:db:e6:24:53:e4:f4:f9:35:e5:68:fb:b4:53:de:14:19:4a:
a3:98:b6:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqcZhXFVXZ4GS+ny5iWtCutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwOTE2MDUxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ4NDg2MjVhMDM0YTk5M2M3NDk0Y2EwMWYwMmQ1MmYyZDI4YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHOfFZLU4siC2U9OT7ZmTAGtkMAB
6dGIQ5M8rXXAYTqEOzfQXDaRdXbgqVx5aC2RsBgBaLWf/8DcUdPZfG1qUgRoxzSi
44nCZufJvwFhUBRHrb8TCYFip4bJc75mSwuQuMDLV+gQUh6CR0+ml5A0EXbgkXIL
yizQM9MqfXOTrNou/pRKuXXx9y67F+pm12nfmq9RvAYvyuo62NPHgPwnKIFlsHqr
wjZonitKy/vzuomkhPyw1zFH1Yq+aMi48+iTswiBkFzAk9miTx0rZLFguYAUZsou
rUmACZsX3NmtiwiFMzSia7tGfa2lDFf0mKfaCWkc/XyX60X1yshSB+IHpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN1ISGJaA0qZPHSUygHwLVLy0orgMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvM1VoSVlsb0RTcGs4ZEpUS0FmQXRVdkxTaXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZH0MA8E
AgACMAkDBwAqDqoH4C8wDQYJKoZIhvcNAQELBQADggEBAEUq0Q71LLgr3jbgah+U
zmiEgA5YsFwsxDv/QWLJ+dEsgmlFxkHodu0QXQtq03nFSGIT7hX5BJVQZRNQEqok
/QAwm8dKskTJehIEAVN964qDuVOnKd1IqCXQvcXsiANYfDIMEoK1Z2M5uNKuo1TT
Aa6ctdU3QXAWUOlPV+h9NFlWUj+/SMMkvfx3IWy1kSV2sUbeRbCb1kqXpTF8La53
BF5aUp8lpoD8tX9IwBcCNmmyjjMvRV2QmHmJV64xZkJtrZREOn+4+ZV69UXcbyik
Pl725HjkLk4Nqi+Wxc1R9bawDLhxVGisyv3re23b5iRT5PT5NeVo+7RT3hQZSqOY
toc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:10 2024 by rpki-client on console-ams.rpki-client.org