Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/3flG6RG-ZcW-JeBwyDY8ciqHY5E.roa
File: 3flG6RG-ZcW-JeBwyDY8ciqHY5E.roa (raw, json)
Hash identifier: AvzI8/kidFk8THobHITepvUmbLkyArnIGGnc18h9oHw=
Subject key identifier: DD:F9:46:E9:11:BE:65:C5:BE:25:E0:70:C8:36:3C:72:2A:87:63:91
Certificate issuer: /CN=1716ebd40a744a0c84f2535457047808ad2f17c4
Certificate serial: 018570C2D7BB94C07E048EA76EBAD111F4B7
Authority key identifier: 17:16:EB:D4:0A:74:4A:0C:84:F2:53:54:57:04:78:08:AD:2F:17:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/3flG6RG-ZcW-JeBwyDY8ciqHY5E.roa
Signing time: Mon 02 Jan 2023 04:34:55 +0000
ROA not before: Mon 02 Jan 2023 04:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 193.108.118.0/24 maxlen: 24
193.108.117.0/24 maxlen: 24
193.108.116.0/24 maxlen: 24
193.108.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:d7:bb:94:c0:7e:04:8e:a7:6e:ba:d1:11:f4:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1716ebd40a744a0c84f2535457047808ad2f17c4
Validity
Not Before: Jan 2 04:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddf946e911be65c5be25e070c8363c722a876391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:98:08:03:86:20:e2:44:64:dd:38:85:74:80:
ed:29:13:42:e7:80:b7:e8:0e:ec:36:5d:dc:1a:23:
17:a7:f1:4b:6f:af:9c:18:9d:d9:bd:9e:fd:b1:a7:
82:bb:18:29:4c:0b:c1:e7:47:86:94:92:2c:a9:fb:
c8:d6:c0:ea:03:f7:2c:47:8b:be:6e:74:67:70:cd:
29:88:c4:d4:d3:35:b8:af:7a:58:92:6d:ef:36:13:
43:fe:87:27:b9:41:cd:1a:cd:16:48:1f:ed:95:8f:
f2:97:46:ee:07:d1:9a:da:9a:e8:8f:db:a7:67:af:
24:b5:08:dc:69:88:44:5a:0e:ec:44:32:05:67:a3:
ed:bb:43:eb:d2:1c:ab:e1:19:57:7f:db:1f:eb:f1:
48:0f:bb:ed:ea:23:90:2a:e2:34:52:f1:8b:4d:6f:
6a:b9:27:f3:3d:9a:4a:6f:ba:05:08:a9:ca:42:3b:
3d:df:a6:a1:af:dd:2f:c3:d0:b7:3c:7c:33:97:31:
51:89:a1:af:2d:49:2a:96:43:cd:17:ee:db:fe:2c:
ff:80:96:25:ee:13:d4:91:c5:7a:8e:a8:e6:30:34:
15:c0:65:5f:bd:61:43:d6:1b:ce:8f:33:b7:45:c8:
1b:55:28:83:a9:b7:b5:91:3e:5b:5f:2f:0e:0a:f6:
13:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F9:46:E9:11:BE:65:C5:BE:25:E0:70:C8:36:3C:72:2A:87:63:91
X509v3 Authority Key Identifier:
keyid:17:16:EB:D4:0A:74:4A:0C:84:F2:53:54:57:04:78:08:AD:2F:17:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/3flG6RG-ZcW-JeBwyDY8ciqHY5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:f6:5a:66:8e:6f:f2:e6:79:bc:6a:8f:a0:1a:aa:ee:58:08:
e7:5b:18:70:03:ef:8a:0e:f1:a0:eb:ea:2c:4f:a3:56:61:a9:
65:ed:eb:c3:fd:0a:f7:8c:18:61:c7:76:33:d5:14:55:e7:68:
4b:e0:70:45:e9:05:48:83:be:18:51:46:62:50:45:ae:5c:62:
85:09:95:2c:8b:1f:0d:a6:06:b2:2b:8d:5b:1c:94:41:37:6b:
f8:f9:a9:b9:20:ef:72:24:8a:9d:99:a6:8a:19:69:8b:19:c4:
16:7f:c9:8f:9f:96:1b:06:8e:5b:d7:dd:a9:64:c5:dd:cf:10:
a0:df:68:9b:24:46:43:22:67:de:98:01:a0:15:31:d4:fe:c3:
8d:66:e2:48:66:ec:2e:c6:57:3c:64:25:ce:e3:0b:4e:e4:f9:
f9:12:75:95:7a:96:56:b7:58:9c:d7:29:19:47:ad:4d:18:ef:
35:34:61:e7:f5:bf:6b:57:d8:0a:b3:c2:45:82:5b:3e:c7:b6:
3f:87:86:b9:ca:f2:f5:23:f6:f1:e1:44:85:17:39:bb:e3:25:
cd:d5:2c:d5:d8:10:c9:cc:b6:31:ad:db:65:b0:70:4f:91:fe:
60:cd:ca:47:8f:13:2c:bb:d7:ea:33:38:a9:ca:31:c4:72:02:
ea:44:c2:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwte7lMB+BI6nbrrREfS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MTZlYmQ0MGE3NDRhMGM4NGYyNTM1NDU3MDQ3ODA4YWQy
ZjE3YzQwHhcNMjMwMTAyMDQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGY5NDZlOTExYmU2NWM1YmUyNWUwNzBjODM2M2M3MjJhODc2MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5gIA4Yg4kRk3TiFdIDtKRNC54C3
6A7sNl3cGiMXp/FLb6+cGJ3ZvZ79saeCuxgpTAvB50eGlJIsqfvI1sDqA/csR4u+
bnRncM0piMTU0zW4r3pYkm3vNhND/ocnuUHNGs0WSB/tlY/yl0buB9Ga2proj9un
Z68ktQjcaYhEWg7sRDIFZ6Ptu0Pr0hyr4RlXf9sf6/FID7vt6iOQKuI0UvGLTW9q
uSfzPZpKb7oFCKnKQjs936ahr90vw9C3PHwzlzFRiaGvLUkqlkPNF+7b/iz/gJYl
7hPUkcV6jqjmMDQVwGVfvWFD1hvOjzO3RcgbVSiDqbe1kT5bXy8OCvYTlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN35RukRvmXFviXgcMg2PHIqh2ORMB8GA1UdIwQY
MBaAFBcW69QKdEoMhPJTVFcEeAitLxfEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnhicjFBcDBTZ3lFOGxOVVZ3UjRDSzB2RjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjU1ODktNGMzMi00OTNmLTkyNGUt
YmFlN2FhMGExOGEwLzEvM2ZsRzZSRy1aY1ctSmVCd3lEWThjaXFIWTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjU1ODktNGMzMi00OTNmLTkyNGUtYmFlN2FhMGExOGEw
LzEvRnhicjFBcDBTZ3lFOGxOVVZ3UjRDSzB2RjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWx0MA0G
CSqGSIb3DQEBCwUAA4IBAQCN9lpmjm/y5nm8ao+gGqruWAjnWxhwA++KDvGg6+os
T6NWYall7evD/Qr3jBhhx3Yz1RRV52hL4HBF6QVIg74YUUZiUEWuXGKFCZUsix8N
pgayK41bHJRBN2v4+am5IO9yJIqdmaaKGWmLGcQWf8mPn5YbBo5b192pZMXdzxCg
32ibJEZDImfemAGgFTHU/sONZuJIZuwuxlc8ZCXO4wtO5Pn5EnWVepZWt1ic1ykZ
R61NGO81NGHn9b9rV9gKs8JFgls+x7Y/h4a5yvL1I/bx4USFFzm74yXN1SzV2BDJ
zLYxrdtlsHBPkf5gzcpHjxMsu9fqMzipyjHEcgLqRMJW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:21 2024 by rpki-client on console-ams.rpki-client.org