Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/3qFELA8BdAQd-tggYDqFi4pPLsE.roa
File: 3qFELA8BdAQd-tggYDqFi4pPLsE.roa (raw, json)
Hash identifier: yWnjNSU3xTzOVb+pR1lpZ1KROBH/qeLfvuxiaGNfEwU=
Subject key identifier: DE:A1:44:2C:0F:01:74:04:1D:FA:D8:20:60:3A:85:8B:8A:4F:2E:C1
Certificate issuer: /CN=c334a35abfa82d549e490704d68bbe658005d63c
Certificate serial: 018ABD53242E5DA48C38AD70664084FDC2EC
Authority key identifier: C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/3qFELA8BdAQd-tggYDqFi4pPLsE.roa
Signing time: Fri 22 Sep 2023 14:37:37 +0000
ROA not before: Fri 22 Sep 2023 14:37:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 80.69.0.0/19 maxlen: 19
89.187.96.0/19 maxlen: 19
195.234.244.0/22 maxlen: 24
37.46.0.0/21 maxlen: 21
185.2.164.0/22 maxlen: 22
2001:1a0b::/32 maxlen: 32
2001:1a0a::/32 maxlen: 32
2001:1a08::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:53:24:2e:5d:a4:8c:38:ad:70:66:40:84:fd:c2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c334a35abfa82d549e490704d68bbe658005d63c
Validity
Not Before: Sep 22 14:37:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dea1442c0f0174041dfad820603a858b8a4f2ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:ae:3a:10:db:b0:46:53:c6:12:ec:95:90:
cf:43:4b:02:8f:e7:50:42:26:57:ee:03:f4:c0:a3:
36:d3:72:02:68:f3:36:8b:32:88:e1:d9:ae:68:8c:
b8:3c:84:fe:2d:93:d7:86:8f:6b:66:07:b5:21:e6:
aa:d0:31:a1:07:d1:8d:73:ab:aa:45:10:82:27:b5:
c2:26:61:10:06:87:6a:63:3b:86:b5:d6:8c:33:ee:
a3:ad:e3:d3:3b:dc:5d:0d:4c:0b:65:47:d3:e1:e2:
19:8c:59:6a:61:d2:64:09:c1:17:9b:0b:63:5d:69:
99:7f:54:47:68:62:67:9e:10:29:a5:81:3f:7e:37:
86:c1:1d:fa:5d:a0:be:5a:85:fd:d2:ed:3d:f1:52:
2f:e1:c7:11:c0:0b:bf:bb:57:bb:77:15:12:df:97:
a9:cc:f2:7e:d0:9a:6b:af:e6:ea:c1:cb:61:fd:3e:
bb:13:ea:a4:80:cd:b7:1d:7a:55:2c:bd:2b:0d:35:
d5:13:5d:52:35:bd:a6:a9:8a:ba:fd:f5:e9:73:d3:
9f:84:db:e6:e4:8a:c1:ef:0f:fe:94:97:06:34:48:
83:d8:eb:65:b6:ea:54:bd:50:68:b3:83:25:91:8e:
60:a1:9f:13:75:ac:24:91:d0:5f:2b:06:94:4a:0b:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A1:44:2C:0F:01:74:04:1D:FA:D8:20:60:3A:85:8B:8A:4F:2E:C1
X509v3 Authority Key Identifier:
keyid:C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/3qFELA8BdAQd-tggYDqFi4pPLsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.0.0/21
80.69.0.0/19
89.187.96.0/19
185.2.164.0/22
195.234.244.0/22
IPv6:
2001:1a08::/32
2001:1a0a::/31
Signature Algorithm: sha256WithRSAEncryption
43:38:09:fa:06:5b:23:fc:14:4e:f5:1d:b8:50:48:b4:df:a7:
f8:5d:b5:46:13:13:ce:3c:60:d7:19:ab:84:ae:20:a3:4d:e8:
ff:11:e3:ac:c3:53:e8:ed:44:f3:90:be:2f:ba:c3:65:fc:6a:
5f:5c:a4:14:0e:02:83:12:a7:71:2a:47:28:c7:dc:65:6b:ce:
fe:91:89:26:3f:b9:60:55:40:b7:c6:75:e0:2f:08:68:af:17:
25:41:d2:09:d0:2b:7a:41:ef:36:97:02:b9:22:19:42:0b:c1:
f5:30:5e:eb:af:9e:24:89:de:72:34:52:4a:0e:4a:43:54:23:
f1:8b:cd:a8:ba:b2:88:cf:54:d4:82:23:91:9e:7c:e0:7a:62:
bf:4c:13:1c:c9:55:f6:67:00:43:9d:5a:cf:6a:47:5f:9b:42:
2c:f9:83:14:06:85:c9:9a:e8:fc:99:56:2f:11:53:2b:ac:aa:
f6:c6:96:00:b3:8e:83:f0:69:e1:4a:b2:87:26:15:4a:f8:48:
a5:5e:e1:04:6d:27:8a:a7:e0:b1:c1:de:a0:46:9d:7b:8e:3c:
7a:8d:06:2c:c0:54:e8:be:76:a4:80:32:f8:19:30:6a:b0:ee:
6f:65:ba:3b:88:aa:6f:a4:9c:ef:67:10:8f:35:a4:cc:4b:59:
62:99:0e:23
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYq9UyQuXaSMOK1wZkCE/cLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzRhMzVhYmZhODJkNTQ5ZTQ5MDcwNGQ2OGJiZTY1ODAw
NWQ2M2MwHhcNMjMwOTIyMTQzNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWExNDQyYzBmMDE3NDA0MWRmYWQ4MjA2MDNhODU4YjhhNGYyZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVKuOhDbsEZTxhLslZDPQ0sCj+dQ
QiZX7gP0wKM203ICaPM2izKI4dmuaIy4PIT+LZPXho9rZge1Ieaq0DGhB9GNc6uq
RRCCJ7XCJmEQBodqYzuGtdaMM+6jrePTO9xdDUwLZUfT4eIZjFlqYdJkCcEXmwtj
XWmZf1RHaGJnnhAppYE/fjeGwR36XaC+WoX90u098VIv4ccRwAu/u1e7dxUS35ep
zPJ+0Jprr+bqwcth/T67E+qkgM23HXpVLL0rDTXVE11SNb2mqYq6/fXpc9OfhNvm
5IrB7w/+lJcGNEiD2OtltupUvVBos4MlkY5goZ8TdawkkdBfKwaUSgvJFwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFN6hRCwPAXQEHfrYIGA6hYuKTy7BMB8GA1UdIwQY
MBaAFMM0o1q/qC1UnkkHBNaLvmWABdY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMt
MjczODg0YjUzYzZlLzEvM3FGRUxBOEJkQVFkLXRnZ1lEcUZpNHBQTHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMtMjczODg0YjUzYzZl
LzEvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJS4AAwQF
UEUAAwQFWbtgAwQCuQKkAwQCw+r0MBQEAgACMA4DBQAgARoIAwUBIAEaCjANBgkq
hkiG9w0BAQsFAAOCAQEAQzgJ+gZbI/wUTvUduFBItN+n+F21RhMTzjxg1xmrhK4g
o03o/xHjrMNT6O1E85C+L7rDZfxqX1ykFA4CgxKncSpHKMfcZWvO/pGJJj+5YFVA
t8Z14C8IaK8XJUHSCdArekHvNpcCuSIZQgvB9TBe66+eJInecjRSSg5KQ1Qj8YvN
qLqyiM9U1IIjkZ584Hpiv0wTHMlV9mcAQ51az2pHX5tCLPmDFAaFyZro/JlWLxFT
K6yq9saWALOOg/Bp4UqyhyYVSvhIpV7hBG0niqfgscHeoEade448eo0GLMBU6L52
pIAy+BkwarDub2W6O4iqb6Sc72cQjzWkzEtZYpkOIw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:30 2024 by rpki-client on console-ams.rpki-client.org