Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/3Xd8SpxFpAtztQQY0HXYt0KVcw4.roa
File: 3Xd8SpxFpAtztQQY0HXYt0KVcw4.roa (raw, json)
Hash identifier: hOYTdhbEJy6lfJafrPe/T8a9mmkJhOb60sLKyxMzIto=
Subject key identifier: DD:77:7C:4A:9C:45:A4:0B:73:B5:04:18:D0:75:D8:B7:42:95:73:0E
Certificate issuer: /CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Certificate serial: 018D6AB8C51E424072C8A7035884BF358703
Authority key identifier: 0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/3Xd8SpxFpAtztQQY0HXYt0KVcw4.roa
Signing time: Fri 02 Feb 2024 16:48:30 +0000
ROA not before: Fri 02 Feb 2024 16:48:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.33.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 21:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:b8:c5:1e:42:40:72:c8:a7:03:58:84:bf:35:87:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Validity
Not Before: Feb 2 16:48:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd777c4a9c45a40b73b50418d075d8b74295730e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:a5:7c:74:aa:3f:05:a6:91:32:e6:2a:98:
e9:a8:b6:bf:1a:16:f5:8e:0e:d0:4b:49:e1:45:02:
67:a9:7a:49:3e:9e:72:6f:b4:19:66:f9:58:06:76:
3d:1b:62:78:04:88:55:13:8f:d2:6e:37:7e:9b:89:
86:00:c2:d5:0e:2e:61:5f:e5:6c:32:38:5b:17:4a:
a5:4a:38:74:69:93:3b:2c:fd:fe:89:a7:29:53:1d:
21:4a:fd:a7:a4:11:6e:55:f1:8e:3c:9b:de:49:d3:
01:43:5d:42:f7:4e:5f:8a:51:74:ef:a4:1c:d2:ca:
b3:e7:a4:ff:64:f6:fd:e5:d9:d1:2c:f4:ba:00:57:
d5:a0:6d:90:5c:f9:57:e3:06:f7:04:a1:f1:82:31:
8a:4e:7e:6c:26:25:bb:25:f2:8c:aa:a7:63:23:18:
3b:f5:82:8d:2b:f3:1b:39:67:be:3a:e2:73:a1:32:
64:d9:19:bb:ad:a3:34:56:09:cb:85:89:23:1a:b3:
01:71:79:3d:89:a5:4f:3b:0a:5d:95:10:60:37:12:
3e:03:6d:82:dc:13:af:09:4c:fa:ba:18:67:39:65:
45:89:71:a7:5b:9c:aa:07:1a:d7:86:b7:d8:33:87:
be:3c:8b:87:4b:37:db:84:91:fe:af:15:a0:e9:a7:
80:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:77:7C:4A:9C:45:A4:0B:73:B5:04:18:D0:75:D8:B7:42:95:73:0E
X509v3 Authority Key Identifier:
keyid:0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/3Xd8SpxFpAtztQQY0HXYt0KVcw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.26.0/24
Signature Algorithm: sha256WithRSAEncryption
72:c0:9c:63:94:ae:32:5b:d0:97:b7:a8:13:06:1e:35:81:6a:
7b:64:15:a5:46:60:08:8a:36:bf:10:7a:b5:17:05:85:06:ae:
fa:16:35:16:c5:76:6c:82:bf:7a:f5:4f:4e:75:ca:a7:e9:08:
17:ee:49:f8:73:92:04:0e:96:3c:19:9c:cd:72:51:8d:1f:25:
bc:2f:9f:4a:31:3f:7b:b3:27:2e:d6:da:12:cc:2e:6f:74:5d:
a3:93:a8:c5:d4:ff:6f:88:91:62:8c:4b:52:3a:08:ab:b9:50:
00:d3:d7:19:9a:95:e2:3a:37:d7:a5:d2:52:7f:1b:74:b5:48:
68:75:c0:58:90:ee:5d:65:44:88:79:2c:bc:0c:70:e6:69:c7:
53:90:6e:6c:47:5f:98:22:2a:c6:46:2a:7c:28:6f:a7:4a:79:
8e:a6:79:b9:0c:b9:7b:07:71:f0:f5:b4:eb:29:0c:20:18:65:
e6:bc:45:94:c5:ef:c0:66:15:d4:a9:43:6c:d1:16:41:70:4f:
0f:97:0d:d3:3a:4d:a3:aa:2d:90:1b:4c:84:1f:c8:5e:94:dc:
f8:16:0b:be:dc:79:e6:65:e1:95:ac:f5:16:be:34:f8:16:9b:
e4:1d:98:9a:26:82:c6:6d:29:71:1c:13:b0:07:52:26:8b:55:
5a:9a:d0:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1quMUeQkByyKcDWIS/NYcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWY4Yzk0NDdkNjE0Yjg2MTgyNzYzZDkzMzMyNTBlMmQ5
NDEyZTIwHhcNMjQwMjAyMTY0ODMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDc3N2M0YTljNDVhNDBiNzNiNTA0MThkMDc1ZDhiNzQyOTU3MzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoSlfHSqPwWmkTLmKpjpqLa/Ghb1
jg7QS0nhRQJnqXpJPp5yb7QZZvlYBnY9G2J4BIhVE4/Sbjd+m4mGAMLVDi5hX+Vs
MjhbF0qlSjh0aZM7LP3+iacpUx0hSv2npBFuVfGOPJveSdMBQ11C905filF076Qc
0sqz56T/ZPb95dnRLPS6AFfVoG2QXPlX4wb3BKHxgjGKTn5sJiW7JfKMqqdjIxg7
9YKNK/MbOWe+OuJzoTJk2Rm7raM0VgnLhYkjGrMBcXk9iaVPOwpdlRBgNxI+A22C
3BOvCUz6uhhnOWVFiXGnW5yqBxrXhrfYM4e+PIuHSzfbhJH+rxWg6aeAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN13fEqcRaQLc7UEGNB12LdClXMOMB8GA1UdIwQY
MBaAFAtfjJRH1hS4YYJ2PZMzJQ4tlBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYt
OGE5NWU2Mzc3MzMyLzEvM1hkOFNweEZwQXR6dFFRWTBIWFl0MEtWY3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYtOGE5NWU2Mzc3MzMy
LzEvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSEaMA0G
CSqGSIb3DQEBCwUAA4IBAQBywJxjlK4yW9CXt6gTBh41gWp7ZBWlRmAIija/EHq1
FwWFBq76FjUWxXZsgr969U9Odcqn6QgX7kn4c5IEDpY8GZzNclGNHyW8L59KMT97
sycu1toSzC5vdF2jk6jF1P9viJFijEtSOgiruVAA09cZmpXiOjfXpdJSfxt0tUho
dcBYkO5dZUSIeSy8DHDmacdTkG5sR1+YIirGRip8KG+nSnmOpnm5DLl7B3Hw9bTr
KQwgGGXmvEWUxe/AZhXUqUNs0RZBcE8Plw3TOk2jqi2QG0yEH8helNz4Fgu+3Hnm
ZeGVrPUWvjT4FpvkHZiaJoLGbSlxHBOwB1Imi1VamtAs
-----END CERTIFICATE-----
Generated at Thu Feb 22 02:26:28 2024 by rpki-client on console-fra.rpki-client.org