Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3SNzzp25ZDXyL5JEejs_k3zPRnU.roa
File: 3SNzzp25ZDXyL5JEejs_k3zPRnU.roa (raw, json)
Hash identifier: bp44VlU0QQEDzxKOxYiSYreM6WJnPiX/OU5ugONIzgA=
Subject key identifier: DD:23:73:CE:9D:B9:64:35:F2:2F:92:44:7A:3B:3F:93:7C:CF:46:75
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 019276FA0DAB2461B9CC00C8092328B8DE3B
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3SNzzp25ZDXyL5JEejs_k3zPRnU.roa
Signing time: Thu 10 Oct 2024 15:09:11 +0000
ROA not before: Thu 10 Oct 2024 15:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43704
IP address blocks: 185.248.137.0/24 maxlen: 24
2a03:9c00:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:fa:0d:ab:24:61:b9:cc:00:c8:09:23:28:b8:de:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Oct 10 15:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd2373ce9db96435f22f92447a3b3f937ccf4675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:77:62:cc:2a:c2:0c:fa:3b:ed:ce:37:6c:e9:
b8:e1:70:8a:18:70:c0:b9:6b:fc:5a:ed:a7:c3:44:
54:9a:16:2d:b8:df:b7:ec:1a:61:a2:73:99:33:77:
cf:03:3c:4a:de:0c:25:9b:7f:cf:fa:1b:69:68:58:
eb:e7:09:3d:78:43:5d:bb:a4:5d:06:d4:96:40:62:
86:4c:73:a5:58:cc:a7:05:18:1c:4d:84:21:27:53:
26:15:dd:db:7d:21:27:14:e7:a3:f3:c3:bf:42:b4:
b0:34:50:e5:a2:78:2e:e1:59:0e:4b:d0:da:c2:5c:
33:98:63:17:a4:7d:4a:69:68:1d:42:25:1e:c8:a0:
57:6c:c8:d0:4d:70:bd:d4:be:1d:1c:ce:84:fa:b2:
bc:24:40:52:03:f0:7a:40:4c:d5:68:bb:f3:ac:0c:
4d:be:c8:b6:bd:24:04:ea:52:16:2f:45:60:bf:44:
37:bd:1a:94:1f:d4:17:56:96:70:e8:f8:17:17:49:
15:f6:eb:41:47:72:61:1b:b2:31:81:04:cf:f1:76:
df:45:2a:d2:d1:cd:83:b6:b2:fe:b5:c2:54:af:fc:
0e:3b:83:89:a2:b7:5f:77:a8:00:34:34:d8:05:ae:
20:57:fb:31:19:08:54:d5:7c:ba:06:5b:25:35:91:
7c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:23:73:CE:9D:B9:64:35:F2:2F:92:44:7A:3B:3F:93:7C:CF:46:75
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3SNzzp25ZDXyL5JEejs_k3zPRnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.137.0/24
IPv6:
2a03:9c00:4::/48
Signature Algorithm: sha256WithRSAEncryption
d6:87:76:48:d3:b8:65:cc:38:98:ad:c0:39:ee:18:48:77:b6:
ff:e0:f3:2e:5e:21:f8:5c:3e:78:6c:9d:dc:f2:33:bd:ca:7c:
4c:84:9b:ea:0d:95:2f:f8:c1:33:0a:dc:f3:86:82:a5:82:69:
86:dc:d2:e4:67:9c:2e:b1:82:5b:42:54:9c:17:d2:ad:b6:86:
34:f5:73:03:e6:47:52:4f:63:50:9a:ca:06:64:23:29:dc:a5:
61:17:00:14:29:e3:3a:94:ea:10:1a:2f:12:47:c6:3b:3b:b1:
fd:d3:8b:7f:ff:73:f2:3a:ce:65:ec:1a:45:7f:84:18:f2:05:
9c:68:38:ca:e5:b4:ed:d4:4c:6c:e3:ff:94:03:10:28:e5:f4:
ae:7a:25:80:94:4f:a1:7b:ad:a4:d1:29:14:95:c2:1c:48:bb:
5e:52:ba:16:24:cd:0e:96:f5:78:7a:6b:47:e0:ec:c9:ee:a3:
4b:69:15:72:a0:b6:a7:34:98:01:c1:a7:0e:3f:15:66:e8:9c:
bd:1d:d7:ca:e4:b1:35:51:6c:11:95:25:e6:21:84:1a:11:64:
dd:80:a2:a8:4c:a2:7b:af:c5:b6:98:05:46:b4:f9:64:9b:aa:
4f:e0:d2:8b:6a:c5:eb:aa:f2:c2:c4:9f:26:b6:3e:c1:26:d3:
cf:1a:aa:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJ2+g2rJGG5zADICSMouN47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQxMDEwMTUwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDIzNzNjZTlkYjk2NDM1ZjIyZjkyNDQ3YTNiM2Y5MzdjY2Y0Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXdizCrCDPo77c43bOm44XCKGHDA
uWv8Wu2nw0RUmhYtuN+37BphonOZM3fPAzxK3gwlm3/P+htpaFjr5wk9eENdu6Rd
BtSWQGKGTHOlWMynBRgcTYQhJ1MmFd3bfSEnFOej88O/QrSwNFDlongu4VkOS9Da
wlwzmGMXpH1KaWgdQiUeyKBXbMjQTXC91L4dHM6E+rK8JEBSA/B6QEzVaLvzrAxN
vsi2vSQE6lIWL0Vgv0Q3vRqUH9QXVpZw6PgXF0kV9utBR3JhG7IxgQTP8XbfRSrS
0c2DtrL+tcJUr/wOO4OJordfd6gANDTYBa4gV/sxGQhU1Xy6BlslNZF82wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN0jc86duWQ18i+SRHo7P5N8z0Z1MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvM1NOenpwMjVaRFh5TDVKRWVqc19rM3pQUm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAufiJMA8E
AgACMAkDBwAqA5wAAAQwDQYJKoZIhvcNAQELBQADggEBANaHdkjTuGXMOJitwDnu
GEh3tv/g8y5eIfhcPnhsndzyM73KfEyEm+oNlS/4wTMK3POGgqWCaYbc0uRnnC6x
gltCVJwX0q22hjT1cwPmR1JPY1CaygZkIyncpWEXABQp4zqU6hAaLxJHxjs7sf3T
i3//c/I6zmXsGkV/hBjyBZxoOMrltO3UTGzj/5QDECjl9K56JYCUT6F7raTRKRSV
whxIu15SuhYkzQ6W9Xh6a0fg7Mnuo0tpFXKgtqc0mAHBpw4/FWbonL0d18rksTVR
bBGVJeYhhBoRZN2AoqhMonuvxbaYBUa0+WSbqk/g0otqxeuq8sLEnya2PsEm088a
qnE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:47:10 2025 by rpki-client