Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/3PJeSVlDbajprXxT3WbT-DSTfZM.roa
File: 3PJeSVlDbajprXxT3WbT-DSTfZM.roa (raw, json)
Hash identifier: bEaqENhiwV7qvA0uckSNoO4xK/Q4UhLGeZsx852E+y4=
Subject key identifier: DC:F2:5E:49:59:43:6D:A8:E9:AD:7C:53:DD:66:D3:F8:34:93:7D:93
Certificate issuer: /CN=8ddc04351c858a6a7fe0f90812bb10655e5af8ca
Certificate serial: 01856EAFEB8E7C18D1EF8A96058D089E2912
Authority key identifier: 8D:DC:04:35:1C:85:8A:6A:7F:E0:F9:08:12:BB:10:65:5E:5A:F8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jdwENRyFimp_4PkIErsQZV5a-Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/3PJeSVlDbajprXxT3WbT-DSTfZM.roa
Signing time: Sun 01 Jan 2023 18:55:00 +0000
ROA not before: Sun 01 Jan 2023 18:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51560
IP address blocks: 185.139.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:eb:8e:7c:18:d1:ef:8a:96:05:8d:08:9e:29:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ddc04351c858a6a7fe0f90812bb10655e5af8ca
Validity
Not Before: Jan 1 18:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf25e4959436da8e9ad7c53dd66d3f834937d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1a:60:9a:2f:92:b9:27:dc:6f:0d:cd:5a:10:
de:af:fd:7e:c2:51:92:76:39:66:61:3e:34:99:4b:
ae:69:f2:88:5d:bf:79:9f:e1:9f:3e:38:87:6b:0d:
d5:9a:78:0a:11:6d:d4:31:c4:70:78:cb:43:a3:c2:
fa:e6:ae:e5:cf:ba:ad:34:4e:f5:1d:f0:86:3e:ca:
be:c1:9c:0c:24:3f:ab:40:b7:1e:e8:82:df:1b:0a:
25:6b:c4:14:20:be:19:85:a3:77:a1:4d:a5:2c:01:
a3:5f:58:1f:fc:5d:9f:bd:85:c3:a6:4c:d1:54:6e:
c8:b6:74:47:4d:ea:f3:e3:f6:d6:74:c2:65:3b:c8:
1c:ad:9a:4f:c3:5e:31:c7:9a:2d:52:ca:bb:ea:9a:
f9:e3:bd:f9:58:8a:47:5e:19:45:36:09:16:99:17:
f0:c5:44:12:97:94:ae:e5:5a:ca:e9:5c:e2:c0:68:
70:22:bf:c6:a8:62:0a:81:bb:01:98:e1:94:9c:6a:
9f:a6:17:4b:64:5d:ec:f2:28:35:7b:af:c7:07:41:
82:80:6a:27:ab:f9:a3:dd:02:c8:10:97:f4:23:a6:
a8:9a:7a:ef:6f:21:a9:37:0b:11:13:c1:57:40:03:
d4:f1:47:56:7a:51:48:3f:40:ce:73:13:73:fa:88:
71:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F2:5E:49:59:43:6D:A8:E9:AD:7C:53:DD:66:D3:F8:34:93:7D:93
X509v3 Authority Key Identifier:
keyid:8D:DC:04:35:1C:85:8A:6A:7F:E0:F9:08:12:BB:10:65:5E:5A:F8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jdwENRyFimp_4PkIErsQZV5a-Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/3PJeSVlDbajprXxT3WbT-DSTfZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/jdwENRyFimp_4PkIErsQZV5a-Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.208.0/22
Signature Algorithm: sha256WithRSAEncryption
29:c3:05:d8:90:b1:4c:5c:1d:ab:5e:c7:13:ac:df:36:05:48:
b2:05:d0:86:92:da:e0:77:e0:eb:01:18:42:be:8b:a2:fe:94:
0d:b0:67:82:eb:ae:76:dd:d9:1a:c9:e2:b2:d5:b6:6c:c1:43:
78:9c:53:5c:e9:c0:7e:ed:13:5d:96:fb:4f:f9:b0:77:2f:af:
1d:5b:a5:38:87:d7:85:f6:1b:54:cd:5e:65:6d:cb:2b:0c:c8:
e5:70:fc:b4:0a:b9:30:e6:8a:b3:f0:9b:09:4e:94:9b:c8:23:
55:25:0a:5e:03:e0:ba:48:42:dc:e0:37:87:9e:fe:a9:c4:5b:
8a:2c:10:7a:ab:ff:4e:49:f6:ef:e2:b9:61:eb:04:f2:a6:46:
48:9d:c2:84:8c:90:ca:9d:1e:bb:53:d4:a6:4a:75:8d:c1:f9:
9b:76:83:bf:94:92:a2:44:ae:97:11:a0:d7:46:8b:57:c9:30:
a0:b6:0f:b5:30:f1:94:5a:6e:46:85:72:08:da:8b:3e:90:31:
7a:2c:f2:4f:e0:62:15:d0:64:ba:e4:94:98:81:18:22:6d:55:
18:cf:b6:d6:dc:05:10:5e:46:da:ff:26:63:57:a9:23:f0:28:
66:e8:df:ab:46:c9:14:c3:d9:ab:f1:fb:f3:f8:90:41:59:f7:
b0:b5:e4:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur+uOfBjR74qWBY0InikSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZGMwNDM1MWM4NThhNmE3ZmUwZjkwODEyYmIxMDY1NWU1
YWY4Y2EwHhcNMjMwMTAxMTg1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YyNWU0OTU5NDM2ZGE4ZTlhZDdjNTNkZDY2ZDNmODM0OTM3ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRpgmi+SuSfcbw3NWhDer/1+wlGS
djlmYT40mUuuafKIXb95n+GfPjiHaw3VmngKEW3UMcRweMtDo8L65q7lz7qtNE71
HfCGPsq+wZwMJD+rQLce6ILfGwola8QUIL4ZhaN3oU2lLAGjX1gf/F2fvYXDpkzR
VG7ItnRHTerz4/bWdMJlO8gcrZpPw14xx5otUsq76pr54735WIpHXhlFNgkWmRfw
xUQSl5Su5VrK6VziwGhwIr/GqGIKgbsBmOGUnGqfphdLZF3s8ig1e6/HB0GCgGon
q/mj3QLIEJf0I6aomnrvbyGpNwsRE8FXQAPU8UdWelFIP0DOcxNz+ohxcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzyXklZQ22o6a18U91m0/g0k32TMB8GA1UdIwQY
MBaAFI3cBDUchYpqf+D5CBK7EGVeWvjKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamR3RU5SeUZpbXBfNFBrSUVyc1FaVjVhLU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iOTg0ZDYtMTY3YS00YzBkLWI1NDQt
NThkNWJiNzFjMmExLzEvM1BKZVNWbERiYWpwclh4VDNXYlQtRFNUZlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iOTg0ZDYtMTY3YS00YzBkLWI1NDQtNThkNWJiNzFjMmEx
LzEvamR3RU5SeUZpbXBfNFBrSUVyc1FaVjVhLU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYvQMA0G
CSqGSIb3DQEBCwUAA4IBAQApwwXYkLFMXB2rXscTrN82BUiyBdCGktrgd+DrARhC
voui/pQNsGeC66523dkayeKy1bZswUN4nFNc6cB+7RNdlvtP+bB3L68dW6U4h9eF
9htUzV5lbcsrDMjlcPy0Crkw5oqz8JsJTpSbyCNVJQpeA+C6SELc4DeHnv6pxFuK
LBB6q/9OSfbv4rlh6wTypkZIncKEjJDKnR67U9SmSnWNwfmbdoO/lJKiRK6XEaDX
RotXyTCgtg+1MPGUWm5GhXII2os+kDF6LPJP4GIV0GS65JSYgRgibVUYz7bW3AUQ
Xkba/yZjV6kj8Chm6N+rRskUw9mr8fvz+JBBWfewteQC
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:04 2024 by rpki-client on console-ams.rpki-client.org