Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/3vAfb-dtpDlO-zfNBt7lekE_qqc.roa
File: 3vAfb-dtpDlO-zfNBt7lekE_qqc.roa (raw, json)
Hash identifier: pY2boyvJ7jFddqp3j9C+wC5JWGDgOxKOdG+ny7iyfeU=
Subject key identifier: DE:F0:1F:6F:E7:6D:A4:39:4E:FB:37:CD:06:DE:E5:7A:41:3F:AA:A7
Certificate issuer: /CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Certificate serial: 0185AAEE64FA5AB9985BF616ABFCB316A7E1
Authority key identifier: 29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/3vAfb-dtpDlO-zfNBt7lekE_qqc.roa
Signing time: Fri 13 Jan 2023 11:40:28 +0000
ROA not before: Fri 13 Jan 2023 11:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209114
IP address blocks: 193.33.120.0/24 maxlen: 24
194.31.130.0/24 maxlen: 24
2a12:6e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Nov 2023 15:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:ee:64:fa:5a:b9:98:5b:f6:16:ab:fc:b3:16:a7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Validity
Not Before: Jan 13 11:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=def01f6fe76da4394efb37cd06dee57a413faaa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9b:2b:92:8c:05:37:48:09:38:bb:4d:3c:76:
8c:ca:67:55:b6:f1:57:b9:be:4a:b0:5f:87:92:ff:
bc:5c:ac:83:9d:5f:f3:58:a9:dd:df:b1:c0:b9:ac:
4e:2d:0b:70:c0:eb:5f:7a:46:a0:55:f9:f5:a5:87:
f1:32:dc:f1:7d:28:e8:d8:50:f7:c9:98:e4:07:b7:
ef:e5:78:cb:41:2c:3d:a4:06:11:ce:c6:20:47:03:
94:a6:15:9a:2a:da:89:1d:4a:52:61:ef:72:2a:f3:
f4:5a:c4:d4:5d:4d:6e:c4:1b:ac:11:a0:40:b9:2a:
25:b6:9f:5e:e0:d9:08:d4:39:5f:fe:f1:bd:4e:9a:
f7:20:48:4b:f5:64:0b:34:50:06:e7:1a:5e:13:39:
31:a6:db:24:5b:7d:f7:6f:49:24:f1:8b:18:2e:d5:
35:ba:f4:26:35:67:1c:74:77:83:e3:45:8d:c6:c8:
90:bc:71:de:25:d9:35:34:89:6d:08:57:d9:da:19:
c0:c0:f9:6b:b0:0b:0c:2a:56:e8:78:b2:cd:20:d5:
7e:91:c7:bc:ac:d5:ea:c6:fc:ba:de:c9:d1:0d:b4:
fb:a1:38:cb:53:60:ed:b6:5a:7b:bf:3b:d2:82:f0:
ec:05:bd:80:9f:d4:7f:d8:7b:f2:f0:7f:35:da:47:
77:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F0:1F:6F:E7:6D:A4:39:4E:FB:37:CD:06:DE:E5:7A:41:3F:AA:A7
X509v3 Authority Key Identifier:
keyid:29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/3vAfb-dtpDlO-zfNBt7lekE_qqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/KflnDuKjDqyMCjncR_96jNJHOwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.120.0/24
194.31.130.0/24
IPv6:
2a12:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:f2:98:2b:7e:06:1d:fb:76:c4:32:f4:0e:66:52:c9:93:bb:
2b:0f:43:a1:38:a2:db:4d:27:8d:d5:9f:4c:2c:53:69:68:8f:
ea:b1:61:9e:cf:e1:19:c8:ba:ec:3e:24:1a:95:ff:43:3f:32:
09:6d:48:23:d3:b7:e2:61:f6:95:0f:a5:a1:9e:23:5c:e0:9e:
84:f8:87:02:e9:bd:9a:3f:63:e9:09:3c:db:3b:69:63:8f:81:
fb:80:6c:19:48:4c:53:cf:b5:6f:97:c4:64:f4:60:90:2e:d4:
c8:d9:b0:dc:9c:15:85:ee:86:73:d8:b2:f7:10:72:37:37:05:
d7:0b:7c:02:46:cf:6b:75:0f:a1:4e:17:14:f7:4f:a8:e9:e1:
6d:fa:9d:25:74:3c:ae:b9:30:0e:57:f9:31:d5:28:c3:ec:ca:
11:83:68:46:89:38:67:cf:71:12:2b:03:03:ed:27:f9:a9:38:
70:6f:8c:7c:a0:7c:8b:00:65:76:c9:53:a9:0b:dc:32:b3:2f:
09:82:6a:27:ad:0d:69:c3:3e:cd:88:c0:20:42:2c:37:bd:12:
9f:18:0b:47:74:88:66:01:9c:15:fb:1a:c8:76:0f:8c:02:03:
df:d9:3c:86:9c:ba:aa:28:7e:02:b7:b1:6d:1d:9c:95:da:79:
23:68:17:ee
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWq7mT6WrmYW/YWq/yzFqfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Zjk2NzBlZTJhMzBlYWM4YzBhMzlkYzQ3ZmY3YThjZDI0
NzNiMDAwHhcNMjMwMTEzMTE0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWYwMWY2ZmU3NmRhNDM5NGVmYjM3Y2QwNmRlZTU3YTQxM2ZhYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZsrkowFN0gJOLtNPHaMymdVtvFX
ub5KsF+Hkv+8XKyDnV/zWKnd37HAuaxOLQtwwOtfekagVfn1pYfxMtzxfSjo2FD3
yZjkB7fv5XjLQSw9pAYRzsYgRwOUphWaKtqJHUpSYe9yKvP0WsTUXU1uxBusEaBA
uSoltp9e4NkI1Dlf/vG9Tpr3IEhL9WQLNFAG5xpeEzkxptskW333b0kk8YsYLtU1
uvQmNWccdHeD40WNxsiQvHHeJdk1NIltCFfZ2hnAwPlrsAsMKlboeLLNINV+kce8
rNXqxvy63snRDbT7oTjLU2Dttlp7vzvSgvDsBb2An9R/2Hvy8H812kd3SwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN7wH2/nbaQ5Tvs3zQbe5XpBP6qnMB8GA1UdIwQY
MBaAFCn5Zw7iow6sjAo53Ef/eozSRzsAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDct
NmUyOWVmZGZkNGUzLzEvM3ZBZmItZHRwRGxPLXpmTkJ0N2xla0VfcXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDctNmUyOWVmZGZkNGUz
LzEvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwSF4AwQA
wh+CMA0EAgACMAcDBQMqEm5AMA0GCSqGSIb3DQEBCwUAA4IBAQA+8pgrfgYd+3bE
MvQOZlLJk7srD0OhOKLbTSeN1Z9MLFNpaI/qsWGez+EZyLrsPiQalf9DPzIJbUgj
07fiYfaVD6WhniNc4J6E+IcC6b2aP2PpCTzbO2ljj4H7gGwZSExTz7Vvl8Rk9GCQ
LtTI2bDcnBWF7oZz2LL3EHI3NwXXC3wCRs9rdQ+hThcU90+o6eFt+p0ldDyuuTAO
V/kx1SjD7MoRg2hGiThnz3ESKwMD7Sf5qThwb4x8oHyLAGV2yVOpC9wysy8Jgmon
rQ1pwz7NiMAgQiw3vRKfGAtHdIhmAZwV+xrIdg+MAgPf2TyGnLqqKH4Ct7FtHZyV
2nkjaBfu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:36 2024 by rpki-client on console-fra.rpki-client.org