Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/3QaeeWLRph0pLlz2ZsugxiXsfck.roa
File: 3QaeeWLRph0pLlz2ZsugxiXsfck.roa (raw, json)
Hash identifier: fTdLRJl3G/+Z3YDO+lj9WwR29wtH8V5/cVRiDJSLmaU=
Subject key identifier: DD:06:9E:79:62:D1:A6:1D:29:2E:5C:F6:66:CB:A0:C6:25:EC:7D:C9
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 01857030702EEA8DB95A3961326F244B8F58
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/3QaeeWLRph0pLlz2ZsugxiXsfck.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200940
IP address blocks: 195.228.73.0/24 maxlen: 24
195.228.95.0/24 maxlen: 24
195.228.94.0/24 maxlen: 24
195.228.103.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:70:2e:ea:8d:b9:5a:39:61:32:6f:24:4b:8f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd069e7962d1a61d292e5cf666cba0c625ec7dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:08:66:c5:fe:06:6c:d1:46:d0:c5:5a:e5:47:
56:04:50:63:6d:88:e9:9a:22:56:6f:06:0b:57:20:
61:a8:18:cc:a7:fa:0a:f9:af:46:1c:ad:8d:d3:3f:
b8:56:ba:11:fa:22:02:b9:df:9d:56:9f:b9:98:55:
da:a8:a6:24:d2:6c:c8:73:fc:5f:f8:b3:1c:37:2e:
99:c8:5a:04:78:5a:dd:f7:2a:e6:84:da:f1:97:a6:
2f:a7:b5:6d:a5:c7:05:a6:02:2e:cb:0a:e8:b2:01:
63:ec:91:93:8a:f0:e8:b7:fc:4d:f4:35:1a:97:12:
77:d1:4f:e6:70:00:de:04:fe:99:17:39:46:fa:51:
dd:aa:2e:e0:40:63:0b:1e:90:25:4f:4c:35:ea:bd:
59:da:e8:fc:e4:15:6f:e9:d2:27:63:bf:3d:8f:ca:
60:fc:27:2d:4a:3b:43:0c:6c:e3:e6:e6:07:a6:8d:
ad:3b:15:0d:ad:b0:19:75:0b:a4:34:14:39:50:c3:
26:75:a1:45:b0:46:d8:28:6a:95:52:74:31:b7:5f:
7e:ee:b5:bf:a0:da:cb:df:5e:b5:09:c2:f1:51:4c:
58:3c:50:81:8b:16:01:95:d4:5b:06:1b:5e:46:0e:
68:49:0c:37:5d:de:cc:c3:17:33:07:59:34:5f:0e:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:06:9E:79:62:D1:A6:1D:29:2E:5C:F6:66:CB:A0:C6:25:EC:7D:C9
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/3QaeeWLRph0pLlz2ZsugxiXsfck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.228.73.0/24
195.228.94.0/23
195.228.103.0/24
Signature Algorithm: sha256WithRSAEncryption
41:7a:63:d4:e6:41:4a:7d:f5:1f:05:af:24:e6:9b:53:26:16:
87:96:8c:c2:a3:66:d3:a4:44:75:b4:d9:34:d2:59:b7:9e:07:
e3:48:a2:d9:c6:08:97:b9:6c:9d:20:18:6a:82:93:89:39:25:
8a:38:83:71:37:d6:70:ac:39:3a:0a:59:8f:8a:1a:49:3e:c7:
f3:fb:79:8b:ce:47:8b:4e:ce:cc:d1:44:8b:01:7b:8f:92:df:
d4:85:60:aa:31:2c:2c:39:7d:af:4b:cf:9f:05:b0:e9:b4:2d:
d4:74:e3:75:7c:ff:18:e8:c4:7a:c1:55:d9:6d:12:45:b2:80:
6b:d7:7e:17:77:20:a2:9f:89:e8:1d:61:6e:17:c7:c6:ef:82:
77:29:54:96:7e:41:08:19:a9:cf:f8:e8:d9:c0:62:88:eb:4d:
52:97:b4:66:63:a1:c5:78:a3:c9:a9:4d:59:0f:68:15:a5:fe:
cc:62:4c:0f:c1:5b:48:1a:20:23:21:8f:f9:55:06:b8:a6:cd:
7f:20:fe:4d:60:94:da:b6:a0:7d:ff:a5:38:b2:c3:f9:e2:dd:
13:56:f4:53:03:d7:9c:77:45:5d:84:51:f6:d3:5a:3a:6f:80:
d8:76:4f:52:86:ce:08:b5:45:b2:d4:87:a6:28:c2:3a:26:e7:
66:6a:09:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwMHAu6o25WjlhMm8kS49YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA2OWU3OTYyZDFhNjFkMjkyZTVjZjY2NmNiYTBjNjI1ZWM3ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAhmxf4GbNFG0MVa5UdWBFBjbYjp
miJWbwYLVyBhqBjMp/oK+a9GHK2N0z+4VroR+iICud+dVp+5mFXaqKYk0mzIc/xf
+LMcNy6ZyFoEeFrd9yrmhNrxl6Yvp7VtpccFpgIuywrosgFj7JGTivDot/xN9DUa
lxJ30U/mcADeBP6ZFzlG+lHdqi7gQGMLHpAlT0w16r1Z2uj85BVv6dInY789j8pg
/CctSjtDDGzj5uYHpo2tOxUNrbAZdQukNBQ5UMMmdaFFsEbYKGqVUnQxt19+7rW/
oNrL3161CcLxUUxYPFCBixYBldRbBhteRg5oSQw3Xd7MwxczB1k0Xw5mRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN0Gnnli0aYdKS5c9mbLoMYl7H3JMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvM1FhZWVXTFJwaDBwTGx6MlpzdWd4aVhzZmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw+RJAwQB
w+ReAwQAw+RnMA0GCSqGSIb3DQEBCwUAA4IBAQBBemPU5kFKffUfBa8k5ptTJhaH
lozCo2bTpER1tNk00lm3ngfjSKLZxgiXuWydIBhqgpOJOSWKOINxN9ZwrDk6ClmP
ihpJPsfz+3mLzkeLTs7M0USLAXuPkt/UhWCqMSwsOX2vS8+fBbDptC3UdON1fP8Y
6MR6wVXZbRJFsoBr134XdyCin4noHWFuF8fG74J3KVSWfkEIGanP+OjZwGKI601S
l7RmY6HFeKPJqU1ZD2gVpf7MYkwPwVtIGiAjIY/5VQa4ps1/IP5NYJTatqB9/6U4
ssP54t0TVvRTA9ecd0VdhFH201o6b4DYdk9Shs4ItUWy1IemKMI6JudmagkG
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:51 2024 by rpki-client on console-ams.rpki-client.org