Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/3i5Fp_DYF5op1z6w7PGlNep999E.roa
File: 3i5Fp_DYF5op1z6w7PGlNep999E.roa (raw, json)
Hash identifier: Z/M0DtcqSkCD486tceD04mv+cNIRcM/GGbxSFZqoqU8=
Subject key identifier: DE:2E:45:A7:F0:D8:17:9A:29:D7:3E:B0:EC:F1:A5:35:EA:7D:F7:D1
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 01874E2E10D819184B0CFAD866D9B6E058ED
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/3i5Fp_DYF5op1z6w7PGlNep999E.roa
Signing time: Tue 04 Apr 2023 21:30:54 +0000
ROA not before: Tue 04 Apr 2023 21:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 185.213.171.0/24 maxlen: 24
185.213.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 23:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4e:2e:10:d8:19:18:4b:0c:fa:d8:66:d9:b6:e0:58:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Apr 4 21:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de2e45a7f0d8179a29d73eb0ecf1a535ea7df7d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:de:36:d5:66:81:5e:9e:8b:04:13:c0:b9:4d:
20:0b:4d:c4:c6:c2:a0:49:5f:65:a9:e6:a8:76:96:
c5:8e:9d:a0:2e:b1:11:b4:9c:6b:21:6a:0f:4b:b5:
44:f7:dd:8f:d8:6e:4f:af:92:dd:ac:b0:b6:1a:9b:
9a:18:9a:c4:44:bc:c8:ec:c6:e3:de:c6:72:fd:ce:
c4:be:1d:1a:08:76:e7:35:2f:97:0a:5d:90:fa:1b:
6b:ff:2f:6d:8c:26:ba:77:1f:1c:a1:50:07:d0:33:
9f:4f:21:b9:f4:13:3a:0f:51:36:52:78:6d:51:f4:
55:87:90:d7:6a:03:c0:77:07:93:ad:a7:63:4d:41:
87:32:1e:b4:ca:f4:5d:5d:b5:28:3c:29:35:fd:1a:
bc:8a:61:ce:4a:e8:2a:02:15:2a:e0:e8:a8:5a:6c:
10:cd:0b:76:9d:9b:43:e5:1c:7f:b8:94:cc:6e:77:
d1:d6:20:b0:65:de:85:65:ca:61:07:9c:d3:72:2f:
9e:56:78:e2:78:97:64:16:0c:8b:6a:1b:48:07:26:
f3:20:74:4b:88:67:e4:41:7d:b9:95:c9:4a:20:8a:
f2:01:5a:a2:d2:e6:6e:6d:1e:c0:30:79:4a:0c:ca:
47:82:d5:d5:00:10:11:85:3f:5b:f3:83:25:ac:b7:
05:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2E:45:A7:F0:D8:17:9A:29:D7:3E:B0:EC:F1:A5:35:EA:7D:F7:D1
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/3i5Fp_DYF5op1z6w7PGlNep999E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.169.0/24
185.213.171.0/24
Signature Algorithm: sha256WithRSAEncryption
02:72:f9:13:76:85:05:35:90:84:f8:e7:c7:08:1f:93:e5:6a:
da:0d:f0:1a:a7:c3:66:bb:e7:5b:9a:95:fe:39:67:71:f7:06:
88:f4:d1:70:04:e8:3e:3d:46:bf:ae:a0:e7:c2:1c:79:18:65:
e6:eb:9f:a3:23:c0:36:ec:53:07:de:47:d6:7f:8e:77:af:ae:
bc:29:b4:2b:a9:cb:9f:41:bc:ca:63:f3:d5:18:1a:22:ab:b6:
94:ef:aa:19:95:49:bd:7b:e7:dc:7d:65:05:cb:f8:9e:69:d6:
c9:c9:d9:da:ea:e5:50:53:27:ba:8e:92:e4:b4:bd:a6:f1:f2:
fb:b5:61:1c:01:2b:82:15:dc:e7:f2:cb:71:15:70:0c:da:4b:
25:ed:14:49:b4:46:23:b8:96:c1:c3:4b:ae:7b:b8:77:35:a8:
ea:c5:40:a7:70:99:ab:43:31:07:56:33:a4:90:bd:f2:30:1a:
fe:ae:10:5b:4c:dc:8b:bc:b5:5e:33:f8:46:a2:f5:8d:99:e1:
9c:68:4e:40:de:f0:72:55:c6:50:1b:5e:36:e9:f4:cf:4f:b2:
6d:29:44:e4:70:0b:22:a1:e3:7b:12:53:7b:08:86:0c:13:c6:
23:a0:48:0e:0e:d9:73:e5:c9:ea:e7:ed:ce:a9:24:c5:27:e0:
2b:5f:c9:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdOLhDYGRhLDPrYZtm24FjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMwNDA0MjEzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTJlNDVhN2YwZDgxNzlhMjlkNzNlYjBlY2YxYTUzNWVhN2RmN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN421WaBXp6LBBPAuU0gC03ExsKg
SV9lqeaodpbFjp2gLrERtJxrIWoPS7VE992P2G5Pr5LdrLC2GpuaGJrERLzI7Mbj
3sZy/c7Evh0aCHbnNS+XCl2Q+htr/y9tjCa6dx8coVAH0DOfTyG59BM6D1E2Unht
UfRVh5DXagPAdweTradjTUGHMh60yvRdXbUoPCk1/Rq8imHOSugqAhUq4OioWmwQ
zQt2nZtD5Rx/uJTMbnfR1iCwZd6FZcphB5zTci+eVnjieJdkFgyLahtIBybzIHRL
iGfkQX25lclKIIryAVqi0uZubR7AMHlKDMpHgtXVABARhT9b84MlrLcFDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4uRafw2BeaKdc+sOzxpTXqfffRMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvM2k1RnBfRFlGNW9wMXo2dzdQR2xOZXA5OTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudWpAwQA
udWrMA0GCSqGSIb3DQEBCwUAA4IBAQACcvkTdoUFNZCE+OfHCB+T5WraDfAap8Nm
u+dbmpX+OWdx9waI9NFwBOg+PUa/rqDnwhx5GGXm65+jI8A27FMH3kfWf453r668
KbQrqcufQbzKY/PVGBoiq7aU76oZlUm9e+fcfWUFy/ieadbJydna6uVQUye6jpLk
tL2m8fL7tWEcASuCFdzn8stxFXAM2ksl7RRJtEYjuJbBw0uue7h3NajqxUCncJmr
QzEHVjOkkL3yMBr+rhBbTNyLvLVeM/hGovWNmeGcaE5A3vByVcZQG1426fTPT7Jt
KUTkcAsioeN7ElN7CIYME8YjoEgODtlz5cnq5+3OqSTFJ+ArX8l2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:28 2024 by rpki-client on console-fra.rpki-client.org