Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/3vgIJSQ_5RJhs-nmUyi0RSg9S6s.roa
File: 3vgIJSQ_5RJhs-nmUyi0RSg9S6s.roa (raw, json)
Hash identifier: 0c4YePl7MD0AsrMAD3T+hTtUTzFfLY1RFWtsckYsRgk=
Subject key identifier: DE:F8:08:25:24:3F:E5:12:61:B3:E9:E6:53:28:B4:45:28:3D:4B:AB
Certificate issuer: /CN=0db3c3164d3d8c2644cf29b3236761a571ee58ba
Certificate serial: 01856C781FF254F143E1A924758EFB4CC7D3
Authority key identifier: 0D:B3:C3:16:4D:3D:8C:26:44:CF:29:B3:23:67:61:A5:71:EE:58:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/3vgIJSQ_5RJhs-nmUyi0RSg9S6s.roa
Signing time: Sun 01 Jan 2023 08:34:49 +0000
ROA not before: Sun 01 Jan 2023 08:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8758
IP address blocks: 194.35.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:1f:f2:54:f1:43:e1:a9:24:75:8e:fb:4c:c7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db3c3164d3d8c2644cf29b3236761a571ee58ba
Validity
Not Before: Jan 1 08:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=def80825243fe51261b3e9e65328b445283d4bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:89:08:73:dc:e8:75:e5:00:f1:c0:ac:7d:e5:
27:c1:11:03:46:cf:c5:90:82:3f:41:89:3a:fc:3d:
72:87:e7:fe:c9:db:00:37:9d:50:1f:d0:3f:bb:ed:
8e:9d:09:d0:3f:e6:7a:fd:14:c2:0d:e6:7f:79:a5:
9a:86:e1:16:7f:72:11:69:af:2d:fa:a7:cd:94:72:
72:bf:a4:4d:ce:c0:f3:bc:4e:9d:53:89:93:4f:45:
24:fd:2a:3d:14:cf:83:5e:af:40:03:9d:94:19:5b:
cf:24:10:13:6b:73:2d:d4:e6:04:b5:d0:b5:93:54:
95:dc:1d:36:f5:f6:12:ef:6d:e8:75:e5:f6:46:41:
33:d0:62:09:d3:49:be:6a:81:93:e9:02:b6:f7:f9:
f2:c2:98:29:e4:75:55:21:01:92:dd:e5:4f:0b:e5:
f1:e6:f3:0b:d6:44:66:0c:68:c2:a8:63:68:d7:7e:
61:30:19:40:39:66:6c:a3:2b:1b:00:7c:cf:7c:83:
b3:06:bc:2c:07:27:b4:2a:21:6d:fa:38:de:51:ae:
ff:b6:bd:9c:ba:18:ee:23:91:3f:3d:b6:32:b3:3e:
b4:6b:6e:5f:5b:12:18:57:fc:30:af:5f:30:ba:24:
8a:13:02:b1:3a:3e:07:8f:73:38:51:1b:e2:31:aa:
96:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F8:08:25:24:3F:E5:12:61:B3:E9:E6:53:28:B4:45:28:3D:4B:AB
X509v3 Authority Key Identifier:
keyid:0D:B3:C3:16:4D:3D:8C:26:44:CF:29:B3:23:67:61:A5:71:EE:58:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/3vgIJSQ_5RJhs-nmUyi0RSg9S6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.252.0/22
Signature Algorithm: sha256WithRSAEncryption
58:df:1f:cb:da:fa:c7:82:63:02:37:3a:73:d3:15:48:01:3f:
33:36:eb:f2:f6:fd:7b:d3:02:21:f6:dc:6a:fc:ec:c0:20:5b:
95:7b:1f:2c:56:98:dd:cb:f9:b0:c7:40:02:4c:22:f6:ae:b1:
c3:a5:da:6a:7f:86:55:b9:38:03:30:16:06:34:57:38:23:11:
82:81:56:8c:0f:a9:c0:55:92:0c:7b:48:45:c3:ff:7a:7b:c0:
ab:df:3d:d7:1a:ab:af:2d:ee:18:54:65:d2:50:ee:d9:f9:9e:
23:42:11:f9:93:cc:bb:4d:b3:33:6e:86:33:3c:57:dc:73:66:
c3:db:f4:60:50:08:ca:79:ca:65:2f:ea:a6:b0:55:ce:4d:32:
f9:b8:68:09:8d:81:51:9d:54:22:f0:e7:ec:44:70:2b:5a:c0:
34:8e:80:22:f3:12:c3:c0:93:9c:22:d6:0b:b3:0a:ed:a8:40:
ad:86:28:02:2e:fd:be:ba:7d:de:0a:3b:9e:8e:60:4e:82:96:
1f:60:3b:8f:5b:66:73:bf:d8:c4:24:32:03:f4:43:c3:94:d1:
b6:8f:10:1e:ee:77:fe:5c:b2:7b:04:c7:3c:ae:e6:60:10:50:
19:31:34:ef:f9:fb:b3:47:6c:26:57:e3:67:d1:b3:6f:60:bd:
ae:aa:3b:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseB/yVPFD4akkdY77TMfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjNjMzE2NGQzZDhjMjY0NGNmMjliMzIzNjc2MWE1NzFl
ZTU4YmEwHhcNMjMwMTAxMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY4MDgyNTI0M2ZlNTEyNjFiM2U5ZTY1MzI4YjQ0NTI4M2Q0YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYkIc9zodeUA8cCsfeUnwREDRs/F
kII/QYk6/D1yh+f+ydsAN51QH9A/u+2OnQnQP+Z6/RTCDeZ/eaWahuEWf3IRaa8t
+qfNlHJyv6RNzsDzvE6dU4mTT0Uk/So9FM+DXq9AA52UGVvPJBATa3Mt1OYEtdC1
k1SV3B029fYS723odeX2RkEz0GIJ00m+aoGT6QK29/nywpgp5HVVIQGS3eVPC+Xx
5vML1kRmDGjCqGNo135hMBlAOWZsoysbAHzPfIOzBrwsBye0KiFt+jjeUa7/tr2c
uhjuI5E/PbYysz60a25fWxIYV/wwr18wuiSKEwKxOj4Hj3M4URviMaqWowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN74CCUkP+USYbPp5lMotEUoPUurMB8GA1UdIwQY
MBaAFA2zwxZNPYwmRM8psyNnYaVx7li6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82Y2QzNjYtMzU1Ny00MmIyLTg4NWIt
M2Q0NjQzOWFhNDFjLzEvM3ZnSUpTUV81Ukpocy1ubVV5aTBSU2c5UzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82Y2QzNjYtMzU1Ny00MmIyLTg4NWItM2Q0NjQzOWFhNDFj
LzEvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiP8MA0G
CSqGSIb3DQEBCwUAA4IBAQBY3x/L2vrHgmMCNzpz0xVIAT8zNuvy9v170wIh9txq
/OzAIFuVex8sVpjdy/mwx0ACTCL2rrHDpdpqf4ZVuTgDMBYGNFc4IxGCgVaMD6nA
VZIMe0hFw/96e8Cr3z3XGquvLe4YVGXSUO7Z+Z4jQhH5k8y7TbMzboYzPFfcc2bD
2/RgUAjKecplL+qmsFXOTTL5uGgJjYFRnVQi8OfsRHArWsA0joAi8xLDwJOcItYL
swrtqECthigCLv2+un3eCjuejmBOgpYfYDuPW2Zzv9jEJDID9EPDlNG2jxAe7nf+
XLJ7BMc8ruZgEFAZMTTv+fuzR2wmV+Nn0bNvYL2uqjs6
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:13 2024 by rpki-client on console-ams.rpki-client.org