Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/3WQwoGrI4T9IhLfbTLzJFavOqOw.roa
File: 3WQwoGrI4T9IhLfbTLzJFavOqOw.roa (raw, json)
Hash identifier: EIqyBY6DziIDRM7+0La51N5MEOnWzmatEXbDG2ovkdw=
Subject key identifier: DD:64:30:A0:6A:C8:E1:3F:48:84:B7:DB:4C:BC:C9:15:AB:CE:A8:EC
Certificate issuer: /CN=cb424b40c1f84084f8d40f2b9dcbe1e1f916af3e
Certificate serial: 018EC4F4AA8A382237F622395A1D52853EB8
Authority key identifier: CB:42:4B:40:C1:F8:40:84:F8:D4:0F:2B:9D:CB:E1:E1:F9:16:AF:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y0JLQMH4QIT41A8rncvh4fkWrz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/3WQwoGrI4T9IhLfbTLzJFavOqOw.roa
Signing time: Tue 09 Apr 2024 22:22:32 +0000
ROA not before: Tue 09 Apr 2024 22:22:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202710
IP address blocks: 185.9.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 07:39:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:f4:aa:8a:38:22:37:f6:22:39:5a:1d:52:85:3e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb424b40c1f84084f8d40f2b9dcbe1e1f916af3e
Validity
Not Before: Apr 9 22:22:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd6430a06ac8e13f4884b7db4cbcc915abcea8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:42:6f:96:89:e8:6f:f5:75:38:da:d1:fd:
2a:f2:06:c0:c9:2a:ee:2c:f8:e9:c8:59:ec:5c:e8:
6a:b6:3f:bd:4c:b2:b7:13:9c:1a:17:8b:30:47:a9:
e4:11:50:ac:1e:01:0d:2d:67:9b:bc:f2:c0:58:d4:
ad:c2:f3:8e:a5:07:7c:64:41:c2:f1:f0:f5:df:25:
22:d4:28:b0:0b:ac:60:db:88:8d:0f:5a:a4:8f:6c:
f2:77:56:f2:1a:5f:9f:d4:90:bf:07:35:25:67:c5:
84:14:0e:5a:d6:a3:25:68:cc:78:78:cc:e3:bc:5c:
61:73:7b:6c:7a:6f:b7:a8:30:d8:f8:b3:17:e3:e2:
e3:25:71:72:14:64:c9:99:32:7e:94:ac:72:1b:47:
ce:d1:ec:c4:25:62:37:3e:0a:d1:99:36:14:1d:36:
74:36:28:38:06:0c:ae:93:a5:5d:ca:79:ad:39:df:
d4:c5:14:60:1c:15:04:20:66:6b:69:10:d4:35:de:
44:ab:79:9b:24:f3:40:4b:28:be:b8:ee:7e:ed:6f:
3a:ce:38:b2:68:28:f2:83:d0:8c:20:e6:b2:e9:ac:
e3:83:4c:17:fe:2f:c2:31:09:e3:00:3e:42:4e:70:
fe:3a:43:75:b4:8a:f1:9f:76:4b:00:a0:49:10:45:
b2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:64:30:A0:6A:C8:E1:3F:48:84:B7:DB:4C:BC:C9:15:AB:CE:A8:EC
X509v3 Authority Key Identifier:
keyid:CB:42:4B:40:C1:F8:40:84:F8:D4:0F:2B:9D:CB:E1:E1:F9:16:AF:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y0JLQMH4QIT41A8rncvh4fkWrz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/3WQwoGrI4T9IhLfbTLzJFavOqOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/y0JLQMH4QIT41A8rncvh4fkWrz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.139.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0f:41:cf:ec:c3:04:1e:98:dc:cc:e0:e1:fe:e1:23:b7:c2:
e3:0a:96:3f:44:d1:59:34:9b:da:97:de:80:6f:b7:d6:6e:4d:
a5:7b:ed:2e:98:b1:a5:56:2c:ee:95:e9:cb:06:c7:06:6d:c0:
00:87:d0:3f:c5:eb:28:e7:a4:0e:f4:13:96:c2:d5:5d:c2:56:
72:97:c0:de:d0:c0:fa:5c:b2:60:e8:82:80:8f:7c:b9:d3:dc:
45:86:28:2f:a5:36:d9:ba:f0:7b:27:d9:39:4c:ff:85:49:f0:
be:33:4e:c4:b2:db:40:10:ec:4c:82:0b:4c:3d:91:20:cf:2b:
bd:1d:5c:92:98:a3:93:f5:91:8e:69:de:11:22:99:a7:20:88:
b4:7e:05:6f:4b:34:70:bd:e6:a8:f7:b7:40:e2:9d:a6:e0:b6:
ba:a2:1c:a6:5d:15:6e:02:23:da:2f:40:e7:f8:95:4f:84:d7:
82:e1:00:02:37:58:5a:f0:18:42:99:a4:c5:fd:b1:8f:7a:56:
d9:46:c2:a2:6d:7d:83:3f:15:e5:b0:c0:3a:57:2d:0e:a5:e8:
e0:77:52:cf:45:04:d5:09:2c:e0:9c:0e:0f:5e:c1:35:8a:dd:
64:4c:a4:6d:63:5f:89:7f:86:ce:dd:7e:fe:b3:4c:4c:9f:43:
62:f8:75:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7E9KqKOCI39iI5Wh1ShT64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNDI0YjQwYzFmODQwODRmOGQ0MGYyYjlkY2JlMWUxZjkx
NmFmM2UwHhcNMjQwNDA5MjIyMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY0MzBhMDZhYzhlMTNmNDg4NGI3ZGI0Y2JjYzkxNWFiY2VhOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoepCb5aJ6G/1dTja0f0q8gbAySru
LPjpyFnsXOhqtj+9TLK3E5waF4swR6nkEVCsHgENLWebvPLAWNStwvOOpQd8ZEHC
8fD13yUi1CiwC6xg24iND1qkj2zyd1byGl+f1JC/BzUlZ8WEFA5a1qMlaMx4eMzj
vFxhc3tsem+3qDDY+LMX4+LjJXFyFGTJmTJ+lKxyG0fO0ezEJWI3PgrRmTYUHTZ0
Nig4Bgyuk6VdynmtOd/UxRRgHBUEIGZraRDUNd5Eq3mbJPNASyi+uO5+7W86zjiy
aCjyg9CMIOay6azjg0wX/i/CMQnjAD5CTnD+OkN1tIrxn3ZLAKBJEEWyJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1kMKBqyOE/SIS320y8yRWrzqjsMB8GA1UdIwQY
MBaAFMtCS0DB+ECE+NQPK53L4eH5Fq8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTBKTFFNSDRRSVQ0MUE4cm5jdmg0ZmtXcno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MWJmZDktN2ZmYi00MTU5LTllZDUt
M2E1ZmVjYWNkNDlhLzEvM1dRd29Hckk0VDlJaExmYlRMekpGYXZPcU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MWJmZDktN2ZmYi00MTU5LTllZDUtM2E1ZmVjYWNkNDlh
LzEveTBKTFFNSDRRSVQ0MUE4cm5jdmg0ZmtXcno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQmLMA0G
CSqGSIb3DQEBCwUAA4IBAQBGD0HP7MMEHpjczODh/uEjt8LjCpY/RNFZNJval96A
b7fWbk2le+0umLGlVizulenLBscGbcAAh9A/xeso56QO9BOWwtVdwlZyl8De0MD6
XLJg6IKAj3y509xFhigvpTbZuvB7J9k5TP+FSfC+M07EsttAEOxMggtMPZEgzyu9
HVySmKOT9ZGOad4RIpmnIIi0fgVvSzRwveao97dA4p2m4La6ohymXRVuAiPaL0Dn
+JVPhNeC4QACN1ha8BhCmaTF/bGPelbZRsKibX2DPxXlsMA6Vy0Opejgd1LPRQTV
CSzgnA4PXsE1it1kTKRtY1+Jf4bO3X7+s0xMn0Ni+HWh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:43 2024 by rpki-client on console-fra.rpki-client.org