Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/3H5lrSvHkuny79Wul-CO9nubdX4.roa
File: 3H5lrSvHkuny79Wul-CO9nubdX4.roa (raw, json)
Hash identifier: MKUSyyDxGpXobBLzd+W0PHq4leVc0ttDvICCt6NdNVQ=
Subject key identifier: DC:7E:65:AD:2B:C7:92:E9:F2:EF:D5:AE:97:E0:8E:F6:7B:9B:75:7E
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 0186E480BC2277287EDCDC751E0BB3F7C070
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/3H5lrSvHkuny79Wul-CO9nubdX4.roa
Signing time: Wed 15 Mar 2023 09:01:27 +0000
ROA not before: Wed 15 Mar 2023 09:01:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20253
IP address blocks: 146.19.181.0/24 maxlen: 26
217.20.49.0/24 maxlen: 24
217.20.48.0/24 maxlen: 24
217.20.51.0/24 maxlen: 24
217.20.50.0/24 maxlen: 24
217.20.56.0/24 maxlen: 24
217.20.52.0/24 maxlen: 24
217.20.53.0/24 maxlen: 24
217.20.57.0/24 maxlen: 24
217.20.60.0/24 maxlen: 24
2a12:45c7:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 May 2023 03:10:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:80:bc:22:77:28:7e:dc:dc:75:1e:0b:b3:f7:c0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: Mar 15 09:01:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc7e65ad2bc792e9f2efd5ae97e08ef67b9b757e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e8:a3:5b:00:f1:62:91:5a:32:be:da:43:a0:
66:1f:9e:5d:51:27:eb:b1:ab:58:5b:0f:7f:4d:e9:
9a:5a:8e:b2:ec:1e:29:a4:45:bb:74:e7:11:d5:02:
99:86:03:df:ea:78:1f:d8:16:35:35:48:cb:9e:9e:
a5:8a:cb:8a:32:2f:c0:6e:4a:f7:f5:af:7c:03:4c:
08:3f:9d:bb:9e:df:e6:49:b0:66:c3:c7:00:3e:cd:
94:ed:36:35:cc:7e:d5:84:ac:9d:36:df:77:5b:17:
1c:7b:31:ce:51:47:91:e8:32:77:3e:38:87:5f:9c:
dc:34:cb:01:97:0c:6b:a8:54:bd:35:23:b1:b8:c8:
79:4a:c2:63:a4:e5:6c:4d:0e:92:be:c7:be:b0:80:
ec:b9:58:e9:9f:d6:aa:35:ab:1c:69:33:98:19:a9:
fa:f6:b9:4e:64:58:f8:13:48:b1:e5:3f:53:5a:bb:
11:1d:3b:44:10:99:20:24:b5:66:d0:2a:3a:e3:01:
8b:b5:c0:08:83:62:3b:ef:0c:f8:af:85:0c:49:09:
98:aa:28:99:96:9e:48:47:a8:aa:49:dc:c1:5c:b6:
f3:7c:bf:86:ec:d4:f2:1e:28:a2:ac:91:c9:ff:32:
51:58:2e:b9:03:93:1e:12:dc:5f:97:fe:8c:39:86:
46:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7E:65:AD:2B:C7:92:E9:F2:EF:D5:AE:97:E0:8E:F6:7B:9B:75:7E
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/3H5lrSvHkuny79Wul-CO9nubdX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.181.0/24
217.20.48.0-217.20.53.255
217.20.56.0/23
217.20.60.0/24
IPv6:
2a12:45c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
ba:64:f3:25:dd:f3:e5:21:76:ed:6c:7b:6f:3f:3c:f7:20:a6:
f4:c4:82:3c:88:fd:40:84:35:ba:ce:b8:18:97:e7:de:c8:a3:
83:f5:35:92:ce:2a:8c:de:c1:fa:fa:bc:2f:85:a5:11:4e:2e:
65:12:99:5f:a0:d0:c4:e3:ee:22:07:82:f7:23:1a:2a:e3:c9:
3b:6d:6f:6b:9c:3b:f8:bf:7b:d7:88:d8:48:4d:7c:4b:5a:01:
a7:12:a2:c9:7c:46:45:e7:d8:be:22:b9:77:33:2e:1d:65:7a:
bc:e3:ce:24:ed:87:1e:c8:6c:ad:93:da:2c:db:1f:14:04:81:
d5:45:db:42:d2:0f:21:ec:5f:07:67:d0:59:4a:72:ad:49:45:
02:62:28:df:7e:80:0f:c3:69:f3:d5:0c:cd:03:02:15:8b:ca:
00:34:b7:6e:d3:89:22:ad:83:dc:d4:c8:9d:ec:70:c6:08:c6:
47:38:da:4d:17:93:91:f5:bf:7c:ab:c5:48:bc:f3:20:ae:86:
5e:6f:48:78:77:30:2b:8e:f1:9a:79:e7:79:0f:a8:d3:a9:65:
94:64:81:dd:05:1b:36:ae:84:dc:21:16:b3:50:16:04:37:91:
45:ed:03:e5:78:da:98:64:2d:3b:4d:70:73:3c:d7:f9:86:9b:
4a:f7:54:cb
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYbkgLwidyh+3Nx1Hguz98BwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjMwMzE1MDkwMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdlNjVhZDJiYzc5MmU5ZjJlZmQ1YWU5N2UwOGVmNjdiOWI3NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuijWwDxYpFaMr7aQ6BmH55dUSfr
satYWw9/TemaWo6y7B4ppEW7dOcR1QKZhgPf6ngf2BY1NUjLnp6lisuKMi/Abkr3
9a98A0wIP527nt/mSbBmw8cAPs2U7TY1zH7VhKydNt93WxccezHOUUeR6DJ3PjiH
X5zcNMsBlwxrqFS9NSOxuMh5SsJjpOVsTQ6Svse+sIDsuVjpn9aqNascaTOYGan6
9rlOZFj4E0ix5T9TWrsRHTtEEJkgJLVm0Co64wGLtcAIg2I77wz4r4UMSQmYqiiZ
lp5IR6iqSdzBXLbzfL+G7NTyHiiirJHJ/zJRWC65A5MeEtxfl/6MOYZG8wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNx+Za0rx5Lp8u/VrpfgjvZ7m3V+MB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEvM0g1bHJTdkhrdW55NzlXdWwtQ085bnViZFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQAkhO1MAwD
BATZFDADBAHZFDQDBAHZFDgDBADZFDwwDwQCAAIwCQMHACoSRcf//zANBgkqhkiG
9w0BAQsFAAOCAQEAumTzJd3z5SF27Wx7bz889yCm9MSCPIj9QIQ1us64GJfn3sij
g/U1ks4qjN7B+vq8L4WlEU4uZRKZX6DQxOPuIgeC9yMaKuPJO21va5w7+L9714jY
SE18S1oBpxKiyXxGRefYviK5dzMuHWV6vOPOJO2HHshsrZPaLNsfFASB1UXbQtIP
IexfB2fQWUpyrUlFAmIo336AD8Np89UMzQMCFYvKADS3btOJIq2D3NTInexwxgjG
RzjaTReTkfW/fKvFSLzzIK6GXm9IeHcwK47xmnnneQ+o06lllGSB3QUbNq6E3CEW
s1AWBDeRRe0D5XjamGQtO01wczzX+YabSvdUyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:57 2024 by rpki-client on console-ams.rpki-client.org