Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3gWHm1LER9GOJQ_y3u6CM5NH3EE.roa
File: 3gWHm1LER9GOJQ_y3u6CM5NH3EE.roa (raw, json)
Hash identifier: XaCTvNWqs1Jthv4FNOzXkGjSSNYDu3FRgfSISMFTdh0=
Subject key identifier: DE:05:87:9B:52:C4:47:D1:8E:25:0F:F2:DE:EE:82:33:93:47:DC:41
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC349631DDBF3F39B9A5F29689D706718
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3gWHm1LER9GOJQ_y3u6CM5NH3EE.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212427
IP address blocks: 213.152.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:63:1d:db:f3:f3:9b:9a:5f:29:68:9d:70:67:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de05879b52c447d18e250ff2deee82339347dc41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f3:28:8b:a1:26:f0:83:07:22:4b:e3:6b:f4:
8d:2e:03:57:22:0a:e1:27:d5:13:96:fc:31:9d:09:
7c:b1:4d:13:de:d8:83:0d:ad:cd:0a:24:fe:4b:b5:
53:e0:77:f4:7b:d7:d5:fa:e7:62:11:82:80:5c:37:
fa:60:1c:2b:4d:40:56:f2:43:45:59:9a:2e:e1:c3:
99:25:be:ad:40:d1:75:d0:35:f2:59:2a:8c:b3:67:
66:92:5e:2d:0b:67:ac:31:5d:c0:94:e2:a9:ed:82:
66:5d:f4:f3:19:c7:0b:87:7f:41:a9:50:83:a1:b0:
c0:60:28:b4:1b:42:16:9e:f8:a9:da:50:88:a7:d5:
01:34:07:31:68:6d:78:23:1b:59:93:a5:e1:13:07:
2b:27:6f:cc:62:f1:1a:ca:de:35:c1:80:85:06:ab:
50:8a:ce:d9:8a:91:a1:62:97:8e:dc:35:ae:73:48:
52:65:df:be:e1:da:c4:60:8b:10:8c:34:30:1f:40:
26:7d:31:01:9f:5e:d1:2e:a7:8b:dc:e1:80:e1:c7:
47:5a:26:f0:4f:be:bd:2f:04:5d:a2:52:88:e6:bc:
5b:85:12:56:8d:58:55:c9:3a:c3:a5:c2:e2:d1:c0:
b4:0b:ee:9e:c8:30:73:33:24:63:27:2e:fe:39:fd:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:05:87:9B:52:C4:47:D1:8E:25:0F:F2:DE:EE:82:33:93:47:DC:41
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3gWHm1LER9GOJQ_y3u6CM5NH3EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:fe:64:e2:38:64:6b:2f:f7:57:c1:68:7a:50:39:f0:40:2a:
91:e2:02:f6:d6:5a:c1:62:6d:a0:f0:fe:00:6d:1e:a4:95:e3:
e3:c6:4d:5f:bb:51:6c:2b:19:5d:2d:74:ef:b8:b9:29:7d:02:
02:d1:34:33:68:4b:e1:7f:5c:de:b3:96:2f:8d:d9:09:3f:da:
d6:af:bf:92:8c:22:6f:19:65:70:df:b6:be:de:10:cf:59:1d:
f2:14:62:cd:cc:9c:f9:35:60:45:4b:2f:30:82:fb:2b:f3:1a:
cc:68:b6:4f:f2:81:69:84:3a:ac:1f:74:bc:8c:a5:0c:c1:3d:
0b:02:34:a6:ba:6b:50:0c:f3:08:40:a4:c6:86:09:36:f2:7d:
a9:25:96:22:83:bf:b4:08:3c:7e:88:a0:b3:8f:1e:e1:e0:e7:
86:8d:e7:1a:57:5b:33:4a:f6:23:ec:01:2a:62:8d:8f:37:5c:
1a:30:e0:ce:be:bb:ef:f4:43:c6:04:28:ac:3e:72:11:ef:8f:
ec:fb:bb:85:31:11:94:a4:61:2d:96:b1:7a:1f:97:9d:ae:b1:
05:48:eb:92:2f:f5:48:84:59:ce:f4:42:6b:3a:69:05:fa:3d:
57:2a:c5:26:68:42:68:14:7c:44:24:a9:70:70:eb:84:26:6f:
d8:32:2c:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWMd2/Pzm5pfKWidcGcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTA1ODc5YjUyYzQ0N2QxOGUyNTBmZjJkZWVlODIzMzkzNDdkYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/Moi6Em8IMHIkvja/SNLgNXIgrh
J9UTlvwxnQl8sU0T3tiDDa3NCiT+S7VT4Hf0e9fV+udiEYKAXDf6YBwrTUBW8kNF
WZou4cOZJb6tQNF10DXyWSqMs2dmkl4tC2esMV3AlOKp7YJmXfTzGccLh39BqVCD
obDAYCi0G0IWnvip2lCIp9UBNAcxaG14IxtZk6XhEwcrJ2/MYvEayt41wYCFBqtQ
is7ZipGhYpeO3DWuc0hSZd++4drEYIsQjDQwH0AmfTEBn17RLqeL3OGA4cdHWibw
T769LwRdolKI5rxbhRJWjVhVyTrDpcLi0cC0C+6eyDBzMyRjJy7+Of233QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4Fh5tSxEfRjiUP8t7ugjOTR9xBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM2dXSG0xTEVSOUdPSlFfeTN1NkNNNU5IM0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZgrMA0G
CSqGSIb3DQEBCwUAA4IBAQB//mTiOGRrL/dXwWh6UDnwQCqR4gL21lrBYm2g8P4A
bR6klePjxk1fu1FsKxldLXTvuLkpfQIC0TQzaEvhf1zes5YvjdkJP9rWr7+SjCJv
GWVw37a+3hDPWR3yFGLNzJz5NWBFSy8wgvsr8xrMaLZP8oFphDqsH3S8jKUMwT0L
AjSmumtQDPMIQKTGhgk28n2pJZYig7+0CDx+iKCzjx7h4OeGjecaV1szSvYj7AEq
Yo2PN1waMODOvrvv9EPGBCisPnIR74/s+7uFMRGUpGEtlrF6H5edrrEFSOuSL/VI
hFnO9EJrOmkF+j1XKsUmaEJoFHxEJKlwcOuEJm/YMix0
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:41 2025 by rpki-client