Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/3KS3o6RQQz830hAQopyQ0wsLL_U.roa
File: 3KS3o6RQQz830hAQopyQ0wsLL_U.roa (raw, json)
Hash identifier: sAFXlzUy9bgVI+F/GzcHxk+joXkwgK6T0pzDh2/RPcU=
Subject key identifier: DC:A4:B7:A3:A4:50:43:3F:37:D2:10:10:A2:9C:90:D3:0B:0B:2F:F5
Certificate issuer: /CN=1e11f8a6b283b52604d932a25893b86404121e8b
Certificate serial: 018CCA2BC1D78DA23DA44D523A8467DDAB05
Authority key identifier: 1E:11:F8:A6:B2:83:B5:26:04:D9:32:A2:58:93:B8:64:04:12:1E:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhH4prKDtSYE2TKiWJO4ZAQSHos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/3KS3o6RQQz830hAQopyQ0wsLL_U.roa
Signing time: Tue 02 Jan 2024 12:35:14 +0000
ROA not before: Tue 02 Jan 2024 12:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43966
IP address blocks: 91.227.44.0/22 maxlen: 22
193.111.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c1:d7:8d:a2:3d:a4:4d:52:3a:84:67:dd:ab:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e11f8a6b283b52604d932a25893b86404121e8b
Validity
Not Before: Jan 2 12:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dca4b7a3a450433f37d21010a29c90d30b0b2ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ec:f8:b1:50:02:c1:ad:d9:69:bb:f3:8e:6b:
0d:99:f4:60:0e:b0:b1:72:de:6f:3c:c1:3e:d7:d8:
20:5d:d0:ff:48:cc:69:46:cb:10:c0:de:da:70:0c:
f1:65:64:7e:9e:c4:07:0f:40:bf:c3:c6:4d:c0:c7:
f8:e7:5d:a2:b1:df:ae:cd:00:f9:11:bf:74:a6:df:
16:c3:25:0c:cd:69:ef:2b:0b:33:b0:b3:92:6f:f6:
91:eb:67:e7:4c:aa:7a:05:5a:93:17:8c:b9:d8:45:
49:11:5c:b3:ab:e6:ab:27:9a:9c:a5:5b:ae:17:9c:
10:44:b1:d2:27:06:4e:ed:03:43:11:0c:39:9e:af:
2a:dc:c5:1b:a0:3c:56:65:6a:2f:e3:e3:43:09:01:
4d:dc:97:2f:23:d4:e6:8b:0d:3f:4f:50:68:ab:17:
11:34:c3:75:9f:66:4a:fa:ab:bf:45:e3:26:da:d7:
f2:ea:5d:68:5b:7a:85:7a:b3:0d:36:ba:82:12:4c:
2b:f7:0a:ac:3a:47:a0:e8:4e:5a:0a:36:48:18:8e:
e6:a9:41:07:9b:81:15:30:54:54:49:8b:62:7e:2e:
63:0f:15:54:db:5d:be:1d:7e:52:6b:0b:9b:56:f5:
26:05:f6:3d:9f:2b:cc:43:19:73:e8:eb:95:aa:05:
c3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A4:B7:A3:A4:50:43:3F:37:D2:10:10:A2:9C:90:D3:0B:0B:2F:F5
X509v3 Authority Key Identifier:
keyid:1E:11:F8:A6:B2:83:B5:26:04:D9:32:A2:58:93:B8:64:04:12:1E:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhH4prKDtSYE2TKiWJO4ZAQSHos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/3KS3o6RQQz830hAQopyQ0wsLL_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c9eb55-e593-4cd7-8714-1a593194c798/1/HhH4prKDtSYE2TKiWJO4ZAQSHos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.44.0/22
193.111.252.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:7b:b3:95:a5:30:63:c7:7d:b4:d6:e3:4d:6b:43:eb:f1:98:
4e:cf:4f:05:ac:0f:98:7f:62:dc:2a:16:af:79:dd:1f:6c:69:
c0:00:0a:15:d5:03:d1:74:d9:22:c7:a3:d4:76:c1:8d:3b:81:
28:02:c6:ba:6a:5a:0b:84:02:ea:0b:4b:d3:55:2f:ba:f9:af:
6a:d6:3b:5e:ff:b0:e3:cb:11:50:df:5c:0c:a0:95:66:37:ac:
72:71:79:56:3e:7a:0b:d6:a6:4a:86:ab:37:1d:b4:03:d7:f7:
86:80:3f:4b:f8:6b:2c:f9:99:60:c2:0e:0a:d1:a4:da:57:96:
cb:e5:1e:ba:f7:c2:6b:dd:ae:75:36:4e:99:f6:03:55:2f:5e:
5e:1e:85:c2:88:99:d2:25:94:fd:ff:7f:47:6b:c6:f9:6e:67:
21:ec:d2:7e:2e:5f:53:a7:76:87:ec:2c:8f:9e:79:cf:2c:85:
32:ef:47:74:9e:80:c9:73:d3:4b:89:df:e6:8b:ab:9a:ae:30:
22:3c:2a:a1:7e:66:35:83:1c:14:08:92:75:b1:b7:19:b1:ca:
1e:cc:aa:94:f4:35:4d:e4:05:61:7c:2c:70:00:bd:55:30:01:
ba:ae:63:b2:a9:f6:45:40:31:ca:e5:e9:eb:e8:3b:75:7e:6f:
09:19:b2:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK8HXjaI9pE1SOoRn3asFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTFmOGE2YjI4M2I1MjYwNGQ5MzJhMjU4OTNiODY0MDQx
MjFlOGIwHhcNMjQwMTAyMTIzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E0YjdhM2E0NTA0MzNmMzdkMjEwMTBhMjljOTBkMzBiMGIyZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+z4sVACwa3ZabvzjmsNmfRgDrCx
ct5vPME+19ggXdD/SMxpRssQwN7acAzxZWR+nsQHD0C/w8ZNwMf4512isd+uzQD5
Eb90pt8WwyUMzWnvKwszsLOSb/aR62fnTKp6BVqTF4y52EVJEVyzq+arJ5qcpVuu
F5wQRLHSJwZO7QNDEQw5nq8q3MUboDxWZWov4+NDCQFN3JcvI9Tmiw0/T1BoqxcR
NMN1n2ZK+qu/ReMm2tfy6l1oW3qFerMNNrqCEkwr9wqsOkeg6E5aCjZIGI7mqUEH
m4EVMFRUSYtifi5jDxVU212+HX5SawubVvUmBfY9nyvMQxlz6OuVqgXDMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNykt6OkUEM/N9IQEKKckNMLCy/1MB8GA1UdIwQY
MBaAFB4R+Kayg7UmBNkyoliTuGQEEh6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhINHByS0R0U1lFMlRLaVdKTzRaQVFTSG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jOWViNTUtZTU5My00Y2Q3LTg3MTQt
MWE1OTMxOTRjNzk4LzEvM0tTM282UlFRejgzMGhBUW9weVEwd3NMTF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jOWViNTUtZTU5My00Y2Q3LTg3MTQtMWE1OTMxOTRjNzk4
LzEvSGhINHByS0R0U1lFMlRLaVdKTzRaQVFTSG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+MsAwQC
wW/8MA0GCSqGSIb3DQEBCwUAA4IBAQBre7OVpTBjx3201uNNa0Pr8ZhOz08FrA+Y
f2LcKhaved0fbGnAAAoV1QPRdNkix6PUdsGNO4EoAsa6aloLhALqC0vTVS+6+a9q
1jte/7DjyxFQ31wMoJVmN6xycXlWPnoL1qZKhqs3HbQD1/eGgD9L+Gss+Zlgwg4K
0aTaV5bL5R6698Jr3a51Nk6Z9gNVL15eHoXCiJnSJZT9/39Ha8b5bmch7NJ+Ll9T
p3aH7CyPnnnPLIUy70d0noDJc9NLid/mi6uarjAiPCqhfmY1gxwUCJJ1sbcZscoe
zKqU9DVN5AVhfCxwAL1VMAG6rmOyqfZFQDHK5enr6Dt1fm8JGbJh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:49 2025 by rpki-client