Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/3NYbUUBDhn_Hr7G3UFjVVPAl-PQ.roa
File: 3NYbUUBDhn_Hr7G3UFjVVPAl-PQ.roa (raw, json)
Hash identifier: Rj8jHzmZ/EW7AtedWBLYHDneEQOaJtmBKIkUrWZABTg=
Subject key identifier: DC:D6:1B:51:40:43:86:7F:C7:AF:B1:B7:50:58:D5:54:F0:25:F8:F4
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 01877B47D93351BD9E37ACF13ACA3404B2AC
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/3NYbUUBDhn_Hr7G3UFjVVPAl-PQ.roa
Signing time: Thu 13 Apr 2023 15:41:58 +0000
ROA not before: Thu 13 Apr 2023 15:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46261
IP address blocks: 77.83.44.0/23 maxlen: 23
45.153.239.0/24 maxlen: 24
45.147.63.0/24 maxlen: 24
45.147.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:47:d9:33:51:bd:9e:37:ac:f1:3a:ca:34:04:b2:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Apr 13 15:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd61b514043867fc7afb1b75058d554f025f8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:30:23:04:be:cc:47:cc:5e:86:e7:90:23:bb:
3e:d2:71:ef:20:88:6a:c6:e2:1d:e9:88:5b:18:24:
d7:48:b8:b4:fa:b2:2c:f2:d8:0e:c6:2a:1b:a9:6a:
8b:bf:92:ec:5d:29:f3:96:a0:79:4b:7d:d7:36:12:
61:20:ad:77:82:d2:e4:33:f4:59:62:04:30:7f:85:
12:b9:59:7e:1c:f4:04:fb:b1:b3:b6:19:95:75:4f:
06:d4:95:69:b5:40:3f:2c:82:94:17:c2:06:ba:1f:
d6:6e:c6:f8:24:83:c1:6e:3e:38:a5:0d:d8:d5:ed:
d0:89:9f:fa:e8:41:c2:87:0a:01:2c:58:61:01:d3:
e5:e7:46:66:b4:e7:35:0e:e3:c5:c9:3e:a6:36:f2:
70:1d:d6:3f:3f:5b:9e:05:9e:4b:bd:80:af:24:79:
91:9a:96:e6:37:5e:72:40:c7:57:0b:dd:4f:85:47:
e6:09:8e:dc:b4:a2:5d:23:fc:95:86:42:38:d7:89:
30:6c:59:e7:b6:50:5f:bb:29:71:26:bb:63:53:67:
95:37:71:1b:9d:f4:3d:7f:0b:70:0c:f3:fe:f1:9a:
54:d8:ae:fa:55:e3:c1:87:f5:c8:b1:71:e1:36:1a:
74:9c:1a:36:84:b4:8b:20:5a:9e:1e:9d:98:92:26:
2b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D6:1B:51:40:43:86:7F:C7:AF:B1:B7:50:58:D5:54:F0:25:F8:F4
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/3NYbUUBDhn_Hr7G3UFjVVPAl-PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.61.0/24
45.147.63.0/24
45.153.239.0/24
77.83.44.0/23
Signature Algorithm: sha256WithRSAEncryption
80:c8:ac:60:da:0d:de:be:76:33:62:7f:f4:fd:80:ff:6b:1e:
71:c6:48:89:51:b6:5b:57:f1:10:2a:09:ac:ec:51:01:29:5d:
f8:e6:33:5a:c9:d2:ca:8a:2a:d1:f5:a5:65:15:f8:f5:76:33:
fc:85:d9:26:e6:23:ea:aa:24:4f:f1:18:7c:ff:ec:b4:af:e4:
33:14:19:69:9f:1a:27:7b:21:13:ac:34:32:99:0b:f5:c0:5a:
a5:5b:1f:94:46:20:04:73:58:15:42:38:7d:ec:59:d3:81:ed:
43:c1:19:19:5f:41:06:66:ff:16:ef:d2:bf:1b:07:fc:da:65:
aa:b4:e1:01:44:85:47:5f:ed:a9:d1:7f:97:e7:97:4b:2c:03:
13:7c:79:e8:38:40:cf:c8:1d:f5:b0:4c:d9:6a:3d:de:ff:ff:
ee:e0:a5:38:1a:2b:47:ee:b7:5e:01:81:81:9e:ae:f6:40:c1:
32:6a:1a:23:e4:2a:37:33:f0:84:7a:9c:f9:91:7b:bb:7a:08:
41:3c:1d:03:9c:7f:8f:2d:22:16:f5:c4:9d:e5:f9:7a:2d:27:
c3:a4:40:cd:65:63:88:e0:39:c4:57:7b:bd:61:c8:41:cd:97:
57:63:3a:a2:cf:1a:cf:7c:52:f7:8e:8a:84:37:63:de:6b:65:
00:72:c0:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd7R9kzUb2eN6zxOso0BLKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwNDEzMTU0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q2MWI1MTQwNDM4NjdmYzdhZmIxYjc1MDU4ZDU1NGYwMjVmOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTAjBL7MR8xehueQI7s+0nHvIIhq
xuId6YhbGCTXSLi0+rIs8tgOxiobqWqLv5LsXSnzlqB5S33XNhJhIK13gtLkM/RZ
YgQwf4USuVl+HPQE+7GzthmVdU8G1JVptUA/LIKUF8IGuh/Wbsb4JIPBbj44pQ3Y
1e3QiZ/66EHChwoBLFhhAdPl50ZmtOc1DuPFyT6mNvJwHdY/P1ueBZ5LvYCvJHmR
mpbmN15yQMdXC91PhUfmCY7ctKJdI/yVhkI414kwbFnntlBfuylxJrtjU2eVN3Eb
nfQ9fwtwDPP+8ZpU2K76VePBh/XIsXHhNhp0nBo2hLSLIFqeHp2YkiYrlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNzWG1FAQ4Z/x6+xt1BY1VTwJfj0MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvM05ZYlVVQkRobl9IcjdHM1VGalZWUEFsLVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZM9AwQA
LZM/AwQALZnvAwQBTVMsMA0GCSqGSIb3DQEBCwUAA4IBAQCAyKxg2g3evnYzYn/0
/YD/ax5xxkiJUbZbV/EQKgms7FEBKV345jNaydLKiirR9aVlFfj1djP8hdkm5iPq
qiRP8Rh8/+y0r+QzFBlpnxoneyETrDQymQv1wFqlWx+URiAEc1gVQjh97FnTge1D
wRkZX0EGZv8W79K/Gwf82mWqtOEBRIVHX+2p0X+X55dLLAMTfHnoOEDPyB31sEzZ
aj3e///u4KU4GitH7rdeAYGBnq72QMEyahoj5Co3M/CEepz5kXu7eghBPB0DnH+P
LSIW9cSd5fl6LSfDpEDNZWOI4DnEV3u9YchBzZdXYzqizxrPfFL3joqEN2Pea2UA
csC6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:08 2024 by rpki-client on console-ams.rpki-client.org