Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/3tgWyIs4KygfRiLZwfOUd0IuDe4.roa
File: 3tgWyIs4KygfRiLZwfOUd0IuDe4.roa (raw, json)
Hash identifier: V6asBPlIaTDJS1p0nFMDmu8SSZrnbepVbCwW2Tm7Z8o=
Subject key identifier: DE:D8:16:C8:8B:38:2B:28:1F:46:22:D9:C1:F3:94:77:42:2E:0D:EE
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 019051B8F5E963A4899E941AE083AB521880
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/3tgWyIs4KygfRiLZwfOUd0IuDe4.roa
Signing time: Tue 25 Jun 2024 23:26:34 +0000
ROA not before: Tue 25 Jun 2024 23:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215287
IP address blocks: 206.245.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 11:17:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:51:b8:f5:e9:63:a4:89:9e:94:1a:e0:83:ab:52:18:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Jun 25 23:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ded816c88b382b281f4622d9c1f39477422e0dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:65:39:e5:67:e0:0d:ba:9c:fc:4b:93:63:c4:
2d:c4:5e:e7:bd:3f:6b:2b:7f:b9:d2:b5:41:85:f7:
41:65:79:e7:09:b4:70:ca:93:02:f1:c4:70:04:1e:
c1:6a:5e:ca:2d:22:94:8f:42:9d:da:8c:d0:b2:06:
dc:2d:8e:ef:3c:22:f2:31:62:8a:c7:e4:04:e7:1d:
6c:d0:bf:fc:4c:20:ad:f2:a0:29:59:0b:60:d2:83:
3c:54:11:8a:fa:38:10:6e:19:de:3b:73:f5:1d:25:
33:20:71:5d:48:6a:f6:63:e7:74:10:34:00:6d:f0:
44:69:b1:17:ad:e3:bf:01:c8:fb:cc:09:58:27:01:
ac:de:a6:c4:39:06:2f:c2:30:7b:71:4f:b3:1b:d0:
56:6e:c6:52:ae:6d:3a:49:42:2b:91:02:03:eb:2a:
2b:e4:a5:c7:40:40:6a:24:f5:a7:0c:df:bb:00:53:
6f:71:6d:8e:af:57:5f:65:ff:76:a5:36:33:3f:f6:
21:20:d3:8d:a2:65:40:ab:67:4a:32:0b:0b:7d:77:
09:71:56:8e:75:7f:12:dd:32:bd:7a:0f:56:0d:0d:
6c:d3:0a:e5:88:fe:e6:65:5c:34:f3:71:31:9a:e6:
1b:b0:36:47:12:c6:2e:52:07:35:2d:d6:9f:46:71:
ba:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D8:16:C8:8B:38:2B:28:1F:46:22:D9:C1:F3:94:77:42:2E:0D:EE
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/3tgWyIs4KygfRiLZwfOUd0IuDe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.245.209.0/24
Signature Algorithm: sha256WithRSAEncryption
80:40:3a:a0:90:c8:70:ac:23:06:dd:80:f8:dc:8a:a0:a4:e1:
bd:c4:ed:63:61:79:bf:64:ab:06:7c:b2:93:76:a5:f1:a7:02:
05:81:8e:0a:17:6b:7c:9b:e6:19:ad:1e:30:4b:2c:ee:92:3e:
8f:c7:40:2f:0a:df:a1:e8:f2:ac:35:a8:82:0a:f2:60:4a:20:
a7:e8:57:fd:c5:76:a3:8d:19:11:e6:a2:0c:c4:ca:fa:e4:44:
c6:1f:78:d4:a0:0f:c7:cd:db:14:2d:2b:9f:bb:46:bf:6c:a6:
16:bf:e5:4c:65:5e:98:e3:29:f9:93:bb:30:96:53:65:80:ac:
07:b3:8b:75:8e:66:17:f8:b9:6d:90:27:1f:9e:4b:59:22:21:
1e:a2:a9:64:0b:15:11:4b:23:32:2d:01:20:25:5a:69:4d:7f:
18:8b:b3:9c:5e:88:03:7e:cc:a2:78:5f:d2:7b:e3:9f:2a:04:
87:1e:9c:3e:15:34:24:24:76:73:f5:a5:c4:c1:a1:a7:74:1e:
88:00:03:a3:e4:09:7e:40:97:c1:fc:28:a6:7e:c3:07:6d:e4:
78:9c:83:a7:1d:aa:3e:0d:4a:d1:c9:fb:8c:f0:7d:2a:b9:52:
31:83:74:bd:4d:85:eb:a3:cb:df:ba:8a:e7:36:fe:7b:f3:61:
1b:da:52:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBRuPXpY6SJnpQa4IOrUhiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjQwNjI1MjMyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ4MTZjODhiMzgyYjI4MWY0NjIyZDljMWYzOTQ3NzQyMmUwZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmU55WfgDbqc/EuTY8QtxF7nvT9r
K3+50rVBhfdBZXnnCbRwypMC8cRwBB7Bal7KLSKUj0Kd2ozQsgbcLY7vPCLyMWKK
x+QE5x1s0L/8TCCt8qApWQtg0oM8VBGK+jgQbhneO3P1HSUzIHFdSGr2Y+d0EDQA
bfBEabEXreO/Acj7zAlYJwGs3qbEOQYvwjB7cU+zG9BWbsZSrm06SUIrkQID6yor
5KXHQEBqJPWnDN+7AFNvcW2Or1dfZf92pTYzP/YhINONomVAq2dKMgsLfXcJcVaO
dX8S3TK9eg9WDQ1s0wrliP7mZVw083ExmuYbsDZHEsYuUgc1LdafRnG62wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7YFsiLOCsoH0Yi2cHzlHdCLg3uMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvM3RnV3lJczRLeWdmUmlMWndmT1VkMEl1RGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzvXRMA0G
CSqGSIb3DQEBCwUAA4IBAQCAQDqgkMhwrCMG3YD43IqgpOG9xO1jYXm/ZKsGfLKT
dqXxpwIFgY4KF2t8m+YZrR4wSyzukj6Px0AvCt+h6PKsNaiCCvJgSiCn6Ff9xXaj
jRkR5qIMxMr65ETGH3jUoA/HzdsULSufu0a/bKYWv+VMZV6Y4yn5k7swllNlgKwH
s4t1jmYX+LltkCcfnktZIiEeoqlkCxURSyMyLQEgJVppTX8Yi7OcXogDfsyieF/S
e+OfKgSHHpw+FTQkJHZz9aXEwaGndB6IAAOj5Al+QJfB/CimfsMHbeR4nIOnHao+
DUrRyfuM8H0quVIxg3S9TYXro8vfuornNv5782Eb2lKv
-----END CERTIFICATE-----
Generated at Thu Jun 27 16:07:26 2024 by rpki-client on console-ams.rpki-client.org