Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G3uUeloM3pzGucDEQYbP_tKby74.roa
File: G3uUeloM3pzGucDEQYbP_tKby74.roa (raw, json)
Hash identifier: MdWtFkXs2RGqBTxFdwX+PuUzewFgy6kmbFnQ+fMdagw=
Subject key identifier: 1B:7B:94:7A:5A:0C:DE:9C:C6:B9:C0:C4:41:86:CF:FE:D2:9B:CB:BE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01878E584356207BF25E8E86FFE880B092B8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G3uUeloM3pzGucDEQYbP_tKby74.roa
Signing time: Mon 17 Apr 2023 08:32:41 +0000
ROA not before: Mon 17 Apr 2023 08:32:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 82.153.240.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.152.178.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Apr 2023 07:59:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:58:43:56:20:7b:f2:5e:8e:86:ff:e8:80:b0:92:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 17 08:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b7b947a5a0cde9cc6b9c0c44186cffed29bcbbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b5:25:3c:8a:92:21:b2:5c:45:20:70:20:ed:
52:87:df:9e:32:78:49:bd:7d:ea:47:17:21:ac:89:
5a:84:a0:06:be:d4:15:9e:b3:72:81:df:c4:a8:3d:
b2:e3:07:f3:e4:3d:c7:1c:65:98:b4:84:6e:db:ed:
c4:d1:c1:66:5c:cd:7e:5a:15:6d:6e:fd:c2:2e:01:
47:70:80:80:d6:47:cc:02:4f:53:ec:c7:c8:98:0d:
df:c6:56:1a:31:dd:b0:6b:86:a2:f4:f0:a2:0c:2d:
70:21:91:b9:61:bd:2d:1f:e4:c6:5a:a9:dc:ca:9b:
10:86:dc:09:10:5f:62:cd:63:af:93:f6:98:78:bb:
a6:c2:e2:73:8c:50:ce:6a:aa:59:ef:5f:2e:81:31:
b5:26:48:5b:25:05:0f:7d:66:65:0d:6e:d9:63:92:
ed:de:33:ad:ed:df:a4:e4:ed:69:3b:4a:ec:47:3a:
6a:cb:ed:ad:65:99:c1:37:ff:05:3b:2f:e2:2a:77:
c9:f6:b2:07:0b:ba:f3:89:72:1d:4e:c2:be:d6:7f:
46:1f:b7:d1:0f:39:7f:8f:f5:be:ab:9f:a6:67:92:
63:fc:03:06:bc:f0:33:ec:e3:f7:db:ed:0f:77:42:
d6:10:ec:69:62:0d:d4:93:8e:55:c9:09:44:1d:f5:
6b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7B:94:7A:5A:0C:DE:9C:C6:B9:C0:C4:41:86:CF:FE:D2:9B:CB:BE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G3uUeloM3pzGucDEQYbP_tKby74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
82.152.178.0/24
82.153.69.0/24
82.153.240.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:fe:dd:2c:55:0d:0f:59:04:29:85:6a:da:a6:7c:da:9f:79:
a9:2a:0d:b0:8f:d5:5b:2b:9d:d4:2f:ce:e8:14:0b:e1:3b:5d:
a1:1b:8e:89:0b:f0:7b:9e:22:5e:8c:23:a1:70:2e:4a:84:1e:
db:76:44:51:23:71:a6:c8:12:0c:44:ff:2e:00:c0:bf:da:5f:
ed:2a:4e:a2:dd:f5:16:57:27:c1:7c:e0:ba:7f:41:d9:b1:96:
30:1e:a5:2c:54:ec:d6:15:8e:ff:8a:3b:fc:98:0b:39:e4:67:
71:96:7e:61:bb:7a:84:96:d5:0c:08:78:68:05:5d:39:70:7b:
86:1b:03:3c:a7:70:4d:2a:c2:8c:00:d0:5e:6d:0a:0b:f0:84:
6f:cf:05:0a:cd:94:58:06:18:24:0d:57:85:9c:65:d7:b0:4d:
51:86:3c:90:ef:e9:d0:01:8c:f1:49:42:a0:ad:92:5d:d4:be:
05:34:ee:b1:0d:1c:5d:63:4a:e9:20:97:93:07:0d:9f:14:9c:
f6:f2:fd:d2:80:4f:07:ee:e0:97:8c:c6:4a:70:14:8e:db:e7:
4f:b7:76:a8:8e:85:fb:2b:61:a2:d1:9f:78:98:26:30:2f:2a:
82:23:b6:c6:63:42:3b:5f:7b:73:b6:56:25:15:d0:91:0a:b3:
b3:03:32:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYeOWENWIHvyXo6G/+iAsJK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDE3MDgzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdiOTQ3YTVhMGNkZTljYzZiOWMwYzQ0MTg2Y2ZmZWQyOWJjYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLUlPIqSIbJcRSBwIO1Sh9+eMnhJ
vX3qRxchrIlahKAGvtQVnrNygd/EqD2y4wfz5D3HHGWYtIRu2+3E0cFmXM1+WhVt
bv3CLgFHcICA1kfMAk9T7MfImA3fxlYaMd2wa4ai9PCiDC1wIZG5Yb0tH+TGWqnc
ypsQhtwJEF9izWOvk/aYeLumwuJzjFDOaqpZ718ugTG1JkhbJQUPfWZlDW7ZY5Lt
3jOt7d+k5O1pO0rsRzpqy+2tZZnBN/8FOy/iKnfJ9rIHC7rziXIdTsK+1n9GH7fR
Dzl/j/W+q5+mZ5Jj/AMGvPAz7OP32+0Pd0LWEOxpYg3Uk45VyQlEHfVrDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBt7lHpaDN6cxrnAxEGGz/7Sm8u+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRzN1VWVsb00zcHpHdWNERVFZYlBfdEtieTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUQW9AwQA
UagjAwQAUpiyAwQAUplFAwQAUpnwMA0GCSqGSIb3DQEBCwUAA4IBAQCf/t0sVQ0P
WQQphWrapnzan3mpKg2wj9VbK53UL87oFAvhO12hG46JC/B7niJejCOhcC5KhB7b
dkRRI3GmyBIMRP8uAMC/2l/tKk6i3fUWVyfBfOC6f0HZsZYwHqUsVOzWFY7/ijv8
mAs55Gdxln5hu3qEltUMCHhoBV05cHuGGwM8p3BNKsKMANBebQoL8IRvzwUKzZRY
BhgkDVeFnGXXsE1RhjyQ7+nQAYzxSUKgrZJd1L4FNO6xDRxdY0rpIJeTBw2fFJz2
8v3SgE8H7uCXjMZKcBSO2+dPt3aojoX7K2Gi0Z94mCYwLyqCI7bGY0I7X3tztlYl
FdCRCrOzAzLw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org