Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3O9ZrTu1_0bUrZ5xIRvAl2BZiWQ.roa
File: 3O9ZrTu1_0bUrZ5xIRvAl2BZiWQ.roa (raw, json)
Hash identifier: CN+EooZwKL4SCrpn34iFCk8Z0e0fG8de7T5AdW5FEFk=
Subject key identifier: DC:EF:59:AD:3B:B5:FF:46:D4:AD:9E:71:21:1B:C0:97:60:59:89:64
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018C4606A55DC82AB4ACF601AB0BB3548796
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3O9ZrTu1_0bUrZ5xIRvAl2BZiWQ.roa
Signing time: Thu 07 Dec 2023 20:44:49 +0000
ROA not before: Thu 07 Dec 2023 20:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 45.84.214.0/24 maxlen: 24
2a0f:15c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:46:06:a5:5d:c8:2a:b4:ac:f6:01:ab:0b:b3:54:87:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 7 20:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcef59ad3bb5ff46d4ad9e71211bc09760598964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:85:ba:62:77:7e:c1:12:74:e2:1f:e7:5a:a9:
b7:ec:52:07:53:08:c4:7c:08:5f:bd:79:ec:81:99:
a7:c7:ca:7e:46:7e:9b:34:40:ed:7f:7b:88:ce:45:
c7:69:4f:c8:e9:b0:b7:49:07:76:78:55:93:ff:62:
98:53:ef:cd:c9:25:82:83:9c:f4:d0:e4:87:b2:7b:
cf:13:bb:3a:75:c0:c0:12:1c:1e:02:14:46:60:3a:
9e:f3:86:26:ad:61:39:76:de:cf:21:56:66:a2:67:
dc:fd:b0:1e:60:e3:34:ec:de:28:65:34:1a:44:ff:
ab:aa:d0:0b:77:99:fb:a7:d1:53:90:e3:e1:b4:02:
70:37:be:c4:85:16:25:6d:06:6a:99:c3:f7:fa:9e:
16:8a:4b:22:45:52:dd:84:5d:b8:b7:3c:ae:70:8f:
c8:54:87:d2:a3:73:30:c4:72:f4:96:bf:d9:87:ce:
84:ef:28:41:66:47:34:5f:cb:08:0f:67:c2:08:e4:
a4:58:04:2f:54:dc:ba:72:ff:c9:67:3a:4e:22:2c:
d0:c5:9d:2e:52:63:8c:c5:31:bd:6f:5e:36:06:ec:
6c:9d:7a:66:ea:8e:b3:94:61:30:79:c2:6e:6b:14:
cd:6b:d3:68:f4:b9:d6:f6:ce:61:87:72:c6:38:1b:
58:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EF:59:AD:3B:B5:FF:46:D4:AD:9E:71:21:1B:C0:97:60:59:89:64
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3O9ZrTu1_0bUrZ5xIRvAl2BZiWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.214.0/24
IPv6:
2a0f:15c0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:7d:7c:bf:b2:d2:4b:e9:82:11:16:4a:85:d1:dc:bc:4a:9e:
d7:df:57:11:80:1a:85:76:82:1e:33:c4:82:ff:b9:be:1a:1a:
eb:f2:6c:59:f2:3f:92:12:97:c9:19:99:d5:07:62:f0:69:c0:
32:dd:77:df:e1:f2:32:32:35:ef:c1:dd:8d:0e:0c:0d:2c:f9:
99:fe:2c:4e:61:9b:ff:52:be:91:a8:17:12:94:46:aa:14:cf:
6a:51:e5:66:ca:b7:2a:09:ce:66:e4:aa:55:2b:af:89:74:03:
40:1b:c2:f0:b3:39:0c:d5:a3:89:bf:39:92:d2:87:99:ca:31:
66:c9:80:bb:dd:8d:cd:b7:c2:fe:db:dc:1d:7f:1b:c0:64:35:
15:71:3f:61:57:19:b3:e4:0c:9c:b1:ca:ed:24:cd:8b:14:5e:
86:a4:04:c4:2d:36:3e:48:b1:56:f4:30:57:c0:ab:3e:9f:aa:
57:3d:be:b4:0d:c7:9e:a9:75:a8:18:84:fa:b5:59:3a:a0:05:
30:f8:a4:74:bc:1a:6e:ea:35:ac:99:6f:7d:52:a3:70:03:8b:
2f:07:71:a4:f2:9f:76:17:84:c6:68:85:b4:1f:d6:c5:da:26:
59:82:fe:5b:ec:2e:ca:11:82:5e:76:fe:16:6e:3c:c0:65:91:
1a:68:b1:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxGBqVdyCq0rPYBqwuzVIeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMjA3MjA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2VmNTlhZDNiYjVmZjQ2ZDRhZDllNzEyMTFiYzA5NzYwNTk4OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IW6Ynd+wRJ04h/nWqm37FIHUwjE
fAhfvXnsgZmnx8p+Rn6bNEDtf3uIzkXHaU/I6bC3SQd2eFWT/2KYU+/NySWCg5z0
0OSHsnvPE7s6dcDAEhweAhRGYDqe84YmrWE5dt7PIVZmomfc/bAeYOM07N4oZTQa
RP+rqtALd5n7p9FTkOPhtAJwN77EhRYlbQZqmcP3+p4WiksiRVLdhF24tzyucI/I
VIfSo3MwxHL0lr/Zh86E7yhBZkc0X8sID2fCCOSkWAQvVNy6cv/JZzpOIizQxZ0u
UmOMxTG9b142BuxsnXpm6o6zlGEwecJuaxTNa9No9LnW9s5hh3LGOBtYDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNzvWa07tf9G1K2ecSEbwJdgWYlkMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvM085WnJUdTFfMGJVclo1eElSdkFsMkJaaVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVTWMA0E
AgACMAcDBQAqDxXAMA0GCSqGSIb3DQEBCwUAA4IBAQAMfXy/stJL6YIRFkqF0dy8
Sp7X31cRgBqFdoIeM8SC/7m+Ghrr8mxZ8j+SEpfJGZnVB2LwacAy3Xff4fIyMjXv
wd2NDgwNLPmZ/ixOYZv/Ur6RqBcSlEaqFM9qUeVmyrcqCc5m5KpVK6+JdANAG8Lw
szkM1aOJvzmS0oeZyjFmyYC73Y3Nt8L+29wdfxvAZDUVcT9hVxmz5AycscrtJM2L
FF6GpATELTY+SLFW9DBXwKs+n6pXPb60DceeqXWoGIT6tVk6oAUw+KR0vBpu6jWs
mW99UqNwA4svB3Gk8p92F4TGaIW0H9bF2iZZgv5b7C7KEYJedv4WbjzAZZEaaLE6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org