Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/j3zSOY_W_vbZH6ttv9crH7A9lGA.roa
File: j3zSOY_W_vbZH6ttv9crH7A9lGA.roa (raw, json)
Hash identifier: n7oQujws+XyFQffIcfubg1P9A5i5Ip6qFYPP2sdkMlw=
Subject key identifier: 8F:7C:D2:39:8F:D6:FE:F6:D9:1F:AB:6D:BF:D7:2B:1F:B0:3D:94:60
Certificate issuer: /CN=3e6c4520759f3a4ef8b9a9a27e2533ce732c5411
Certificate serial: 01856C1CB38A673AD08DDF355FD183A0B1DB
Authority key identifier: 3E:6C:45:20:75:9F:3A:4E:F8:B9:A9:A2:7E:25:33:CE:73:2C:54:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmxFIHWfOk74uamifiUzznMsVBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/j3zSOY_W_vbZH6ttv9crH7A9lGA.roa
Signing time: Sun 01 Jan 2023 06:54:58 +0000
ROA not before: Sun 01 Jan 2023 06:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49688
IP address blocks: 195.35.98.0/24 maxlen: 24
195.35.102.0/24 maxlen: 24
195.35.108.0/24 maxlen: 24
195.38.21.0/24 maxlen: 24
2a0f:b7c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:b3:8a:67:3a:d0:8d:df:35:5f:d1:83:a0:b1:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6c4520759f3a4ef8b9a9a27e2533ce732c5411
Validity
Not Before: Jan 1 06:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f7cd2398fd6fef6d91fab6dbfd72b1fb03d9460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:60:13:7d:fe:6f:ba:8b:d5:3b:97:51:cd:26:
0f:d7:47:d8:1e:62:7e:33:ad:5c:a2:93:06:01:08:
b2:c1:e8:51:6c:58:a5:2d:ea:ac:bd:cb:1f:53:90:
9e:36:be:4f:15:02:02:a8:eb:ad:14:a5:11:00:57:
a4:25:7c:54:cf:7d:c6:9f:87:60:e7:ef:15:96:fd:
19:54:a5:eb:7f:a9:62:b4:65:7d:31:b9:f9:3f:94:
3a:96:33:e1:9a:fc:98:cb:3a:2f:64:ab:c7:62:b6:
7a:d9:5e:7b:06:91:8a:75:a6:b0:a9:9f:0a:bc:56:
96:65:7e:a1:28:ac:cd:a5:9b:8b:95:f9:61:c8:c8:
ad:28:91:18:03:24:00:1b:89:de:9d:c2:de:b6:2f:
21:b4:e4:09:a8:32:b1:76:ad:86:0f:ef:59:a3:d1:
ff:55:a0:88:c6:24:c3:b7:27:43:27:f8:8a:31:cb:
1e:2c:b2:66:bb:ef:62:9b:39:45:fd:22:35:d4:2b:
af:cc:ad:72:ed:77:bb:62:73:21:f4:3d:be:82:d6:
29:26:d7:1c:b1:1e:43:13:17:80:d4:96:0f:37:95:
e5:60:67:34:a2:88:b8:96:26:02:78:1a:9d:71:45:
f7:29:b7:10:dc:05:0f:d7:08:b1:87:6a:ef:fc:f6:
1a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7C:D2:39:8F:D6:FE:F6:D9:1F:AB:6D:BF:D7:2B:1F:B0:3D:94:60
X509v3 Authority Key Identifier:
keyid:3E:6C:45:20:75:9F:3A:4E:F8:B9:A9:A2:7E:25:33:CE:73:2C:54:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmxFIHWfOk74uamifiUzznMsVBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/j3zSOY_W_vbZH6ttv9crH7A9lGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/483e33-c767-46b7-8f3a-9c0a0e2767aa/1/PmxFIHWfOk74uamifiUzznMsVBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.98.0/24
195.35.102.0/24
195.35.108.0/24
195.38.21.0/24
IPv6:
2a0f:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:68:fa:96:b9:51:ff:a6:2b:b1:f7:49:d9:be:17:29:eb:c5:
61:79:4d:31:e3:c0:09:06:3f:73:7f:c8:0d:e3:ad:be:be:63:
fd:35:e9:dd:3c:2d:0b:bc:2c:2d:2d:96:44:33:81:e4:23:3f:
ff:39:8f:0b:ab:c5:b4:3c:69:07:de:6c:69:64:8c:35:04:9e:
4f:69:0d:dd:24:aa:b1:2d:d5:9e:3d:5a:3a:4d:f1:71:9a:0f:
d1:3f:7f:2b:f3:07:38:41:c1:30:e6:ce:4f:a1:5b:ee:58:59:
e9:21:11:2e:68:7f:f7:ad:f0:f9:9d:a0:0f:e6:8e:a2:23:ec:
69:e8:c0:49:65:0f:f2:35:d9:92:a2:07:24:4f:d2:71:ca:a7:
66:f0:e3:e1:16:95:57:af:e2:7e:e8:8e:a8:a2:a2:5a:55:d2:
ab:7b:e2:d7:77:66:aa:84:aa:17:06:db:9d:b6:c9:fb:d5:44:
1f:0c:ce:d1:91:60:81:c5:2a:7b:1f:32:bd:52:56:11:e6:0d:
1a:81:00:09:59:7c:51:55:6f:35:81:4b:6f:c7:d3:da:05:f8:
cf:bc:d3:e9:c1:40:f8:45:29:39:ae:22:c2:c7:43:e7:8d:43:
8e:f6:24:f0:87:1c:97:3c:5c:38:1b:35:bc:ba:c9:d2:9a:0f:
99:02:d2:d1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsHLOKZzrQjd81X9GDoLHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNmM0NTIwNzU5ZjNhNGVmOGI5YTlhMjdlMjUzM2NlNzMy
YzU0MTEwHhcNMjMwMTAxMDY1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdjZDIzOThmZDZmZWY2ZDkxZmFiNmRiZmQ3MmIxZmIwM2Q5NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmATff5vuovVO5dRzSYP10fYHmJ+
M61copMGAQiywehRbFilLeqsvcsfU5CeNr5PFQICqOutFKURAFekJXxUz33Gn4dg
5+8Vlv0ZVKXrf6litGV9Mbn5P5Q6ljPhmvyYyzovZKvHYrZ62V57BpGKdaawqZ8K
vFaWZX6hKKzNpZuLlflhyMitKJEYAyQAG4nencLeti8htOQJqDKxdq2GD+9Zo9H/
VaCIxiTDtydDJ/iKMcseLLJmu+9imzlF/SI11CuvzK1y7Xe7YnMh9D2+gtYpJtcc
sR5DExeA1JYPN5XlYGc0ooi4liYCeBqdcUX3KbcQ3AUP1wixh2rv/PYaDwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI980jmP1v722R+rbb/XKx+wPZRgMB8GA1UdIwQY
MBaAFD5sRSB1nzpO+Lmpon4lM85zLFQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG14RklIV2ZPazc0dWFtaWZpVXp6bk1zVkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80ODNlMzMtYzc2Ny00NmI3LThmM2Et
OWMwYTBlMjc2N2FhLzEvajN6U09ZX1dfdmJaSDZ0dHY5Y3JIN0E5bEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80ODNlMzMtYzc2Ny00NmI3LThmM2EtOWMwYTBlMjc2N2Fh
LzEvUG14RklIV2ZPazc0dWFtaWZpVXp6bk1zVkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwyNiAwQA
wyNmAwQAwyNsAwQAwyYVMA0EAgACMAcDBQMqD7fAMA0GCSqGSIb3DQEBCwUAA4IB
AQB2aPqWuVH/piux90nZvhcp68VheU0x48AJBj9zf8gN462+vmP9NendPC0LvCwt
LZZEM4HkIz//OY8Lq8W0PGkH3mxpZIw1BJ5PaQ3dJKqxLdWePVo6TfFxmg/RP38r
8wc4QcEw5s5PoVvuWFnpIREuaH/3rfD5naAP5o6iI+xp6MBJZQ/yNdmSogckT9Jx
yqdm8OPhFpVXr+J+6I6ooqJaVdKre+LXd2aqhKoXBtudtsn71UQfDM7RkWCBxSp7
HzK9UlYR5g0agQAJWXxRVW81gUtvx9PaBfjPvNPpwUD4RSk5riLCx0PnjUOO9iTw
hxyXPFw4GzW8usnSmg+ZAtLR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:37 2024 by rpki-client on console-fra.rpki-client.org