Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/3VFXPqnsN6twQWtX4HdC-Y4904I.roa
File: 3VFXPqnsN6twQWtX4HdC-Y4904I.roa (raw, json)
Hash identifier: rSbNkdEwxZ2dWTKl3C1FrTUCbAH6he55ZexPOXXZ7U4=
Subject key identifier: DD:51:57:3E:A9:EC:37:AB:70:41:6B:57:E0:77:42:F9:8E:3D:D3:82
Certificate issuer: /CN=3066ad61c162df0650ee0ab60c68075b29a211c8
Certificate serial: 018CC26D54EB8C96808418E4D0983068AF38
Authority key identifier: 30:66:AD:61:C1:62:DF:06:50:EE:0A:B6:0C:68:07:5B:29:A2:11:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGatYcFi3wZQ7gq2DGgHWymiEcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/3VFXPqnsN6twQWtX4HdC-Y4904I.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 185.203.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:54:eb:8c:96:80:84:18:e4:d0:98:30:68:af:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3066ad61c162df0650ee0ab60c68075b29a211c8
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd51573ea9ec37ab70416b57e07742f98e3dd382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0d:0e:2e:11:2a:2b:25:d6:ab:06:8d:88:4b:
8a:cd:cb:44:6b:a9:71:1d:4e:06:f8:ed:6a:91:e6:
00:48:83:e8:38:79:33:4a:0d:03:f1:e4:7c:b9:5c:
73:9d:86:a9:28:2c:80:a5:cb:9b:22:0b:10:16:09:
4f:4e:f0:c3:79:75:58:0a:dc:7a:96:e1:10:31:ec:
f0:ad:c2:99:01:45:93:36:6b:e9:fb:cc:e5:69:c5:
d1:c6:b0:9c:b9:26:59:68:08:8e:b7:ea:47:0b:c1:
b4:35:c7:cb:f4:3f:f6:74:92:75:09:44:91:0c:f0:
c3:8e:e3:aa:c4:ea:09:02:be:5f:59:ec:15:e5:55:
f6:6c:34:65:2a:e0:a1:f9:31:3a:ab:2e:66:2a:18:
2c:f7:28:39:29:50:2e:75:1b:82:bf:11:d9:dd:e2:
2f:b4:8b:27:14:43:e1:93:c7:c0:3a:ec:63:f2:3c:
68:17:c0:7f:4b:b8:09:ac:4a:8b:05:dc:87:a0:1c:
b0:64:58:50:84:1b:f9:fb:5b:27:46:a2:8c:3f:b3:
83:13:11:ee:62:0e:3d:f0:e0:5e:c1:f3:f3:ca:32:
a9:30:7e:aa:d8:ed:6d:e3:39:27:c9:e1:35:f4:fc:
69:9c:ca:96:47:3d:35:f5:a6:19:ed:cc:d4:74:2a:
06:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:51:57:3E:A9:EC:37:AB:70:41:6B:57:E0:77:42:F9:8E:3D:D3:82
X509v3 Authority Key Identifier:
keyid:30:66:AD:61:C1:62:DF:06:50:EE:0A:B6:0C:68:07:5B:29:A2:11:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGatYcFi3wZQ7gq2DGgHWymiEcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/3VFXPqnsN6twQWtX4HdC-Y4904I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/MGatYcFi3wZQ7gq2DGgHWymiEcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.188.0/22
Signature Algorithm: sha256WithRSAEncryption
73:0f:eb:da:4d:fc:2d:b0:36:5a:78:da:a5:13:ea:24:86:bb:
c7:01:30:9e:6d:df:ef:de:f9:da:77:d1:0c:69:22:52:f9:9a:
c8:9e:21:45:3f:ad:0b:61:74:16:da:d6:12:5a:40:d3:dd:06:
4c:2a:80:99:bf:64:f1:2d:bb:d2:c6:8c:19:10:74:fb:72:af:
6d:17:fe:af:34:c5:ac:76:68:47:2b:b7:cc:bf:42:ab:e5:25:
81:5a:f7:c0:12:dc:70:c5:95:6b:af:a7:2b:da:6f:08:1b:73:
22:9e:05:25:f8:c4:6e:65:38:b7:dc:db:1a:c5:b2:6c:08:1e:
7b:cc:f2:38:99:79:8b:e5:8d:06:40:46:bd:4b:5f:0a:2f:d3:
d8:9d:29:2a:ec:89:94:01:c8:5f:df:db:34:c9:43:fb:a7:99:
f2:83:43:e4:f5:a2:3c:87:f8:9c:4c:0a:0d:6f:a7:26:58:31:
ba:38:68:61:72:e3:81:e2:7d:34:d8:58:6f:d6:e3:0d:e2:b4:
9d:4b:48:c7:53:3c:dd:bc:ec:a0:03:cd:b5:eb:b5:99:e8:bc:
b1:c4:c8:56:c1:2d:49:46:2b:29:42:79:1f:71:46:b5:c7:2d:
af:18:12:33:84:b3:fe:73:84:39:75:88:7b:e3:f1:c9:14:87:
2c:0c:b6:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVTrjJaAhBjk0JgwaK84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjZhZDYxYzE2MmRmMDY1MGVlMGFiNjBjNjgwNzViMjlh
MjExYzgwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDUxNTczZWE5ZWMzN2FiNzA0MTZiNTdlMDc3NDJmOThlM2RkMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA0OLhEqKyXWqwaNiEuKzctEa6lx
HU4G+O1qkeYASIPoOHkzSg0D8eR8uVxznYapKCyApcubIgsQFglPTvDDeXVYCtx6
luEQMezwrcKZAUWTNmvp+8zlacXRxrCcuSZZaAiOt+pHC8G0NcfL9D/2dJJ1CUSR
DPDDjuOqxOoJAr5fWewV5VX2bDRlKuCh+TE6qy5mKhgs9yg5KVAudRuCvxHZ3eIv
tIsnFEPhk8fAOuxj8jxoF8B/S7gJrEqLBdyHoBywZFhQhBv5+1snRqKMP7ODExHu
Yg498OBewfPzyjKpMH6q2O1t4zknyeE19PxpnMqWRz019aYZ7czUdCoGbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1RVz6p7DercEFrV+B3QvmOPdOCMB8GA1UdIwQY
MBaAFDBmrWHBYt8GUO4KtgxoB1spohHIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdhdFljRmkzd1pRN2dxMkRHZ0hXeW1pRWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YjM0YjAtMzAxYS00MWEyLWI0YzUt
YTg4NjZhYTk1YzcxLzEvM1ZGWFBxbnNONnR3UVd0WDRIZEMtWTQ5MDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YjM0YjAtMzAxYS00MWEyLWI0YzUtYTg4NjZhYTk1Yzcx
LzEvTUdhdFljRmkzd1pRN2dxMkRHZ0hXeW1pRWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucu8MA0G
CSqGSIb3DQEBCwUAA4IBAQBzD+vaTfwtsDZaeNqlE+okhrvHATCebd/v3vnad9EM
aSJS+ZrIniFFP60LYXQW2tYSWkDT3QZMKoCZv2TxLbvSxowZEHT7cq9tF/6vNMWs
dmhHK7fMv0Kr5SWBWvfAEtxwxZVrr6cr2m8IG3MingUl+MRuZTi33NsaxbJsCB57
zPI4mXmL5Y0GQEa9S18KL9PYnSkq7ImUAchf39s0yUP7p5nyg0Pk9aI8h/icTAoN
b6cmWDG6OGhhcuOB4n002Fhv1uMN4rSdS0jHUzzdvOygA82167WZ6LyxxMhWwS1J
RispQnkfcUa1xy2vGBIzhLP+c4Q5dYh74/HJFIcsDLb6
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:03 2025 by rpki-client