Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/PrCg0mpbQv1o6-Q-s9H9qyNq_UE.roa
File: PrCg0mpbQv1o6-Q-s9H9qyNq_UE.roa (raw, json)
Hash identifier: FdSV1USq+WBbEoPxodlZFOIojPjLBSzEO0m8azD1EaU=
Subject key identifier: 3E:B0:A0:D2:6A:5B:42:FD:68:EB:E4:3E:B3:D1:FD:AB:23:6A:FD:41
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018C98A71DF4B6215D5042391B32CAABB43C
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/PrCg0mpbQv1o6-Q-s9H9qyNq_UE.roa
Signing time: Sat 23 Dec 2023 21:48:58 +0000
ROA not before: Sat 23 Dec 2023 21:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5398
IP address blocks: 185.155.184.0/23 maxlen: 24
31.44.32.0/20 maxlen: 20
193.221.216.0/23 maxlen: 23
31.44.46.0/23 maxlen: 23
77.220.64.0/19 maxlen: 19
46.21.29.0/24 maxlen: 24
2a0f:e880::/29 maxlen: 29
2a02:210::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:98:a7:1d:f4:b6:21:5d:50:42:39:1b:32:ca:ab:b4:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Dec 23 21:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eb0a0d26a5b42fd68ebe43eb3d1fdab236afd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5b:cc:4d:53:8b:31:91:87:35:04:1c:e2:2a:
53:2e:29:f7:b7:c8:ab:84:47:63:18:34:37:b2:66:
ba:e1:f6:0f:e3:6a:03:96:8b:7a:aa:0b:17:cf:9e:
04:11:97:e4:79:8e:1e:81:16:2c:23:cf:14:aa:40:
9b:71:75:2c:3d:36:dc:73:3c:d5:2d:26:6a:63:b6:
28:16:94:2f:e4:d3:85:6b:6c:3a:81:82:f7:e2:e1:
b9:5b:e4:cf:ac:22:71:fe:5f:65:02:88:c5:de:48:
65:83:e1:1b:e7:4e:11:0e:a5:1a:d5:05:e2:90:26:
8b:60:64:51:f9:ae:6c:a6:1a:d3:bd:85:76:da:63:
0b:88:09:31:50:9a:db:49:34:38:82:98:7a:1b:4d:
8e:16:ad:02:ea:80:b0:49:e3:46:a1:55:dc:d5:63:
89:bd:00:83:3f:05:10:c6:b7:e4:fe:cb:12:ef:ea:
cf:5a:a5:21:01:c0:19:ac:e1:b5:ba:02:90:2a:a5:
ee:82:af:5c:58:47:d6:03:2d:45:b8:e8:84:2f:06:
76:25:93:17:1e:d3:f0:e9:ed:9e:e3:74:ba:c3:dc:
79:d2:c2:d3:4f:50:45:dc:15:d2:53:48:50:80:12:
0c:79:07:39:e1:bc:21:f4:43:b9:16:05:79:c4:58:
6e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B0:A0:D2:6A:5B:42:FD:68:EB:E4:3E:B3:D1:FD:AB:23:6A:FD:41
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/PrCg0mpbQv1o6-Q-s9H9qyNq_UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.29.0/24
77.220.64.0/19
185.155.184.0/23
193.221.216.0/23
IPv6:
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
aa:ba:16:4d:de:58:ea:cd:3e:cc:f1:42:0a:8d:23:04:2b:e4:
9c:77:0d:0f:ef:0b:b4:4e:d7:ca:63:ee:45:b2:9d:f1:16:1e:
c9:5b:3f:37:0e:1f:4a:3b:1f:b8:dd:37:99:f7:05:da:fe:f5:
75:3b:c6:ce:c9:20:8d:a6:a6:9d:89:ab:23:cd:ac:87:f9:79:
6a:8a:4e:53:8a:34:68:c1:d4:4f:32:08:ff:67:dc:c4:48:b5:
3a:b9:c3:86:eb:1f:5c:e0:9e:9a:5f:f1:f1:73:02:c8:60:87:
d5:25:5f:87:db:13:fb:be:e6:a9:b2:5b:ed:c5:44:e3:ac:4b:
0b:e2:b4:b9:a0:90:34:36:ab:3c:91:be:a2:26:5a:8b:d2:fe:
6f:e6:b0:ad:5e:2c:5a:f6:40:8e:03:c5:0d:1c:6f:5e:84:64:
7b:0e:5f:35:30:4c:bb:f1:e7:46:d2:ae:d2:a7:c3:82:4b:c1:
f7:34:bf:cd:91:40:f9:35:2c:96:4d:1f:77:8c:d4:7d:82:75:
11:83:93:e2:24:89:ba:a4:66:dd:14:2a:52:3f:1a:4c:77:95:
1d:59:ca:b0:6a:7e:55:1e:96:f6:4a:7b:98:61:57:e9:58:a3:
59:82:7f:6a:0e:e6:d8:1c:41:5a:b9:06:f4:92:b8:1b:f9:e3:
58:f0:46:13
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYyYpx30tiFdUEI5GzLKq7Q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjMxMjIzMjE0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWIwYTBkMjZhNWI0MmZkNjhlYmU0M2ViM2QxZmRhYjIzNmFmZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFvMTVOLMZGHNQQc4ipTLin3t8ir
hEdjGDQ3sma64fYP42oDlot6qgsXz54EEZfkeY4egRYsI88UqkCbcXUsPTbcczzV
LSZqY7YoFpQv5NOFa2w6gYL34uG5W+TPrCJx/l9lAojF3khlg+Eb504RDqUa1QXi
kCaLYGRR+a5sphrTvYV22mMLiAkxUJrbSTQ4gph6G02OFq0C6oCwSeNGoVXc1WOJ
vQCDPwUQxrfk/ssS7+rPWqUhAcAZrOG1ugKQKqXugq9cWEfWAy1FuOiELwZ2JZMX
HtPw6e2e43S6w9x50sLTT1BF3BXSU0hQgBIMeQc54bwh9EO5FgV5xFhu5wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFD6woNJqW0L9aOvkPrPR/asjav1BMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvUHJDZzBtcGJRdjFvNi1RLXM5SDlxeU5xX1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEHywgAwQA
LhUdAwQFTdxAAwQBuZu4AwQBwd3YMBQEAgACMA4DBQAqAgIQAwUDKg/ogDANBgkq
hkiG9w0BAQsFAAOCAQEAqroWTd5Y6s0+zPFCCo0jBCvknHcND+8LtE7XymPuRbKd
8RYeyVs/Nw4fSjsfuN03mfcF2v71dTvGzskgjaamnYmrI82sh/l5aopOU4o0aMHU
TzII/2fcxEi1OrnDhusfXOCeml/x8XMCyGCH1SVfh9sT+77mqbJb7cVE46xLC+K0
uaCQNDarPJG+oiZai9L+b+awrV4sWvZAjgPFDRxvXoRkew5fNTBMu/HnRtKu0qfD
gkvB9zS/zZFA+TUslk0fd4zUfYJ1EYOT4iSJuqRm3RQqUj8aTHeVHVnKsGp+VR6W
9kp7mGFX6VijWYJ/ag7m2BxBWrkG9JK4G/njWPBGEw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:02 2024 by rpki-client on console-fra.rpki-client.org