Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wJ3HOj3OnYsZKt8ALnefUhAMKtQ.roa
File: wJ3HOj3OnYsZKt8ALnefUhAMKtQ.roa (raw, json)
Hash identifier: ef7fRkyPwif3Enr5FVHxvWdyR/iKkUiH6Yf/HkFdF6o=
Subject key identifier: C0:9D:C7:3A:3D:CE:9D:8B:19:2A:DF:00:2E:77:9F:52:10:0C:2A:D4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018655EA6FE19A6881C4068E5DCDC42BF05C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wJ3HOj3OnYsZKt8ALnefUhAMKtQ.roa
Signing time: Wed 15 Feb 2023 16:31:12 +0000
ROA not before: Wed 15 Feb 2023 16:31:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212953
IP address blocks: 82.153.70.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 09:06:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:ea:6f:e1:9a:68:81:c4:06:8e:5d:cd:c4:2b:f0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 15 16:31:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c09dc73a3dce9d8b192adf002e779f52100c2ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c1:45:7c:6a:20:bd:da:a4:9a:84:38:ab:ef:
72:2b:ff:0c:87:72:7d:d3:f7:3c:cc:1d:27:4e:e4:
82:87:48:08:ef:75:ca:e0:84:0a:8b:e4:dd:47:a8:
e7:22:7b:23:9f:3b:42:67:58:98:9a:29:84:c5:85:
b3:f9:84:53:d2:4b:16:87:5b:54:12:0b:d7:0a:52:
1a:76:4d:c9:ae:81:c4:eb:ff:9b:ac:0a:53:36:76:
f4:ed:7a:bf:fb:c9:15:ee:35:8f:87:8e:1f:53:f5:
c0:96:70:6f:25:92:d1:d7:32:a0:ab:b0:20:7b:13:
d6:51:f9:05:34:47:fd:74:6b:e0:d0:92:65:9a:e0:
86:f6:b7:79:94:57:99:2f:de:9c:fd:12:06:5d:e3:
2a:a6:a1:3e:04:6c:9c:38:49:26:d2:de:f4:56:57:
de:ab:03:82:7a:13:69:ad:07:d7:73:80:4d:33:35:
75:bc:a6:93:77:12:2e:3e:c4:7e:db:57:9c:fa:12:
26:c3:9a:82:58:f1:70:b0:8b:fa:52:9d:3b:5d:c7:
d5:3d:19:2c:92:e5:d8:cc:42:b8:0a:46:5c:f2:76:
a0:c9:51:0b:fa:6e:bf:ac:e3:14:49:ee:ab:9c:da:
01:5c:e2:c4:0d:3e:dc:b3:01:47:37:05:a4:c0:2a:
38:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9D:C7:3A:3D:CE:9D:8B:19:2A:DF:00:2E:77:9F:52:10:0C:2A:D4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wJ3HOj3OnYsZKt8ALnefUhAMKtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.251.0/24
82.152.255.0/24
82.153.70.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:f0:4c:e3:37:d8:d4:fa:04:47:be:37:47:38:24:f3:51:e4:
27:ef:7b:fa:a2:9a:b4:7d:06:f4:12:09:61:d9:b6:e5:e5:a6:
cb:23:c5:49:f5:71:40:36:d0:7e:d4:07:44:4c:b1:0d:a9:5f:
88:ce:13:59:44:cc:4a:77:56:47:db:2b:df:ef:74:d8:42:dd:
35:f9:c3:1e:24:07:c8:dc:23:01:32:da:68:4c:65:10:22:e9:
f8:cc:f5:65:75:e5:d4:c7:c9:6d:ed:6f:61:49:d9:7a:a0:b4:
3c:02:b4:81:9d:16:f2:77:43:a2:c8:52:62:d0:df:91:ad:84:
0d:85:8d:99:a2:4d:0d:93:6f:d2:e2:c9:7a:50:46:a4:95:21:
0b:a5:41:df:59:f5:c5:51:49:26:2e:95:ed:c8:f6:de:25:15:
36:53:0d:00:84:ff:18:ad:9a:da:aa:f4:64:ad:3e:ab:2e:88:
41:35:80:82:11:fd:61:14:32:7b:49:38:f1:3b:30:82:fd:2b:
d6:2c:72:31:d2:94:7b:e9:c5:84:44:c4:23:76:29:e7:a1:22:
15:ac:d9:0e:e0:9e:78:c8:c7:15:84:20:3a:f9:da:96:cc:e8:
d7:70:32:5b:e2:10:56:34:b7:ec:81:b3:a8:83:0f:7a:0b:6a:
9c:04:70:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZV6m/hmmiBxAaOXc3EK/BcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjE1MTYzMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDlkYzczYTNkY2U5ZDhiMTkyYWRmMDAyZTc3OWY1MjEwMGMyYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8FFfGogvdqkmoQ4q+9yK/8Mh3J9
0/c8zB0nTuSCh0gI73XK4IQKi+TdR6jnInsjnztCZ1iYmimExYWz+YRT0ksWh1tU
EgvXClIadk3JroHE6/+brApTNnb07Xq/+8kV7jWPh44fU/XAlnBvJZLR1zKgq7Ag
exPWUfkFNEf9dGvg0JJlmuCG9rd5lFeZL96c/RIGXeMqpqE+BGycOEkm0t70Vlfe
qwOCehNprQfXc4BNMzV1vKaTdxIuPsR+21ec+hImw5qCWPFwsIv6Up07XcfVPRks
kuXYzEK4CkZc8nagyVEL+m6/rOMUSe6rnNoBXOLEDT7cswFHNwWkwCo4AwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMCdxzo9zp2LGSrfAC53n1IQDCrUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd0ozSE9qM09uWXNaS3Q4QUxuZWZVaEFNS3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpj7AwQA
Upj/AwQBUplGMA0GCSqGSIb3DQEBCwUAA4IBAQBr8EzjN9jU+gRHvjdHOCTzUeQn
73v6opq0fQb0Eglh2bbl5abLI8VJ9XFANtB+1AdETLENqV+IzhNZRMxKd1ZH2yvf
73TYQt01+cMeJAfI3CMBMtpoTGUQIun4zPVldeXUx8lt7W9hSdl6oLQ8ArSBnRby
d0OiyFJi0N+RrYQNhY2Zok0Nk2/S4sl6UEaklSELpUHfWfXFUUkmLpXtyPbeJRU2
Uw0AhP8YrZraqvRkrT6rLohBNYCCEf1hFDJ7STjxOzCC/SvWLHIx0pR76cWERMQj
dinnoSIVrNkO4J54yMcVhCA6+dqWzOjXcDJb4hBWNLfsgbOogw96C2qcBHCZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org