Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/3Sq2CmaYCrkn7rKQJmDs-bsdSkk.roa
File: 3Sq2CmaYCrkn7rKQJmDs-bsdSkk.roa (raw, json)
Hash identifier: wiMl8GE7rIV7Qaax+RTEbMLLRURVWx+RJSmEPm89UGM=
Subject key identifier: DD:2A:B6:0A:66:98:0A:B9:27:EE:B2:90:26:60:EC:F9:BB:1D:4A:49
Certificate issuer: /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Certificate serial: 01858671F811A318D0B445D05C485131ABFE
Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/3Sq2CmaYCrkn7rKQJmDs-bsdSkk.roa
Signing time: Fri 06 Jan 2023 09:38:14 +0000
ROA not before: Fri 06 Jan 2023 09:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29484
IP address blocks: 185.73.22.0/24 maxlen: 24
185.73.22.128/25 maxlen: 25
185.73.23.0/24 maxlen: 24
185.73.22.0/25 maxlen: 25
185.73.20.0/23 maxlen: 23
185.73.20.0/22 maxlen: 22
134.147.0.0/16 maxlen: 16
2a05:3e04::/32 maxlen: 32
2a05:3e06::/31 maxlen: 31
2a05:3e05::/32 maxlen: 32
2a05:3e00::/30 maxlen: 30
2a05:3e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:71:f8:11:a3:18:d0:b4:45:d0:5c:48:51:31:ab:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Validity
Not Before: Jan 6 09:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd2ab60a66980ab927eeb2902660ecf9bb1d4a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:30:f6:de:d0:89:f5:5d:df:19:88:37:3b:c6:
91:13:c8:95:9d:80:6d:a4:c7:83:72:71:07:85:bd:
5f:09:c3:71:32:de:9a:09:a2:eb:4d:0f:c0:c6:56:
16:35:d8:e4:14:46:e3:17:53:ae:38:30:be:66:17:
5d:29:80:bf:70:2f:30:bf:37:15:b5:f1:33:20:b5:
97:ce:a2:d6:b7:80:e8:48:9c:4d:6f:ab:04:20:2d:
98:40:c1:5c:96:b7:80:7c:7c:94:a9:f8:3f:0a:e5:
25:99:d7:cb:e0:f1:0f:73:f5:0c:c9:c3:04:d1:5b:
74:ef:c1:c8:da:b2:df:ee:4f:08:3b:44:1e:4c:92:
be:9a:08:79:50:9f:e4:7e:3c:4b:9b:a3:70:0f:65:
99:59:c8:3e:f1:aa:8f:c5:4e:53:59:69:6b:d8:b1:
13:b5:70:a8:3c:9d:b2:27:40:47:8f:19:e8:1e:83:
12:d8:64:35:96:4b:fa:5e:6b:db:21:76:57:50:88:
f0:4d:17:bf:58:16:fa:8f:ba:54:4f:d4:30:46:02:
e6:bb:e7:cc:19:b4:e8:d6:d2:23:cd:24:08:5e:b4:
5e:32:89:bb:71:b6:cb:a6:84:a4:f0:1c:6e:79:18:
7a:fe:56:48:f6:8b:5b:e1:3d:dd:44:e2:13:cc:c9:
98:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2A:B6:0A:66:98:0A:B9:27:EE:B2:90:26:60:EC:F9:BB:1D:4A:49
X509v3 Authority Key Identifier:
keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/3Sq2CmaYCrkn7rKQJmDs-bsdSkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.147.0.0/16
185.73.20.0/22
IPv6:
2a05:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
6a:21:d2:bc:18:98:f4:3a:3a:45:cb:2d:c5:1d:b8:be:77:3b:
18:69:be:fc:a4:91:3d:aa:d2:3f:e9:eb:87:58:e8:eb:5f:6f:
aa:bf:ef:5a:ef:51:ea:80:98:eb:4a:bc:db:e1:f5:58:da:24:
da:cc:9c:e7:88:0f:cc:cf:8c:30:22:02:9e:4a:de:a7:d0:33:
71:fe:0e:51:58:00:3d:26:1c:3e:62:fe:8f:1b:6d:4f:62:41:
69:36:4c:63:c0:f7:aa:87:a0:a4:67:80:40:43:01:58:ae:c7:
aa:4c:0a:cf:ac:40:cc:7a:aa:22:45:22:59:75:cf:a3:98:7c:
b4:03:2f:c8:0d:b1:1c:d7:f7:c6:3d:e7:87:f2:b0:eb:c5:1c:
2b:18:af:f6:c1:8d:33:88:90:7e:b6:fa:c3:b5:3b:2a:05:9f:
86:13:0b:33:58:18:e4:cb:bc:9e:c2:e9:50:b1:ed:c6:51:dc:
69:28:d4:49:0f:53:7c:26:c4:0c:d6:59:85:66:07:c5:5b:3f:
89:77:20:fa:0f:b2:11:72:27:77:f8:46:23:27:50:42:7a:27:
75:33:7c:59:5d:44:da:8f:b1:79:82:9c:d0:18:34:e1:8e:04:
b7:8f:49:43:df:e9:15:0a:67:03:2c:11:38:1f:93:1a:ac:50:
80:fe:87:30
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYWGcfgRoxjQtEXQXEhRMav+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMGRkYWE3NDk0ZDY5YmExY2FjYjQ1N2VmOTFiNmRjZDIy
ZThkZDkwHhcNMjMwMTA2MDkzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJhYjYwYTY2OTgwYWI5MjdlZWIyOTAyNjYwZWNmOWJiMWQ0YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TD23tCJ9V3fGYg3O8aRE8iVnYBt
pMeDcnEHhb1fCcNxMt6aCaLrTQ/AxlYWNdjkFEbjF1OuODC+ZhddKYC/cC8wvzcV
tfEzILWXzqLWt4DoSJxNb6sEIC2YQMFclreAfHyUqfg/CuUlmdfL4PEPc/UMycME
0Vt078HI2rLf7k8IO0QeTJK+mgh5UJ/kfjxLm6NwD2WZWcg+8aqPxU5TWWlr2LET
tXCoPJ2yJ0BHjxnoHoMS2GQ1lkv6XmvbIXZXUIjwTRe/WBb6j7pUT9QwRgLmu+fM
GbTo1tIjzSQIXrReMom7cbbLpoSk8BxueRh6/lZI9otb4T3dROITzMmYGwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN0qtgpmmAq5J+6ykCZg7Pm7HUpJMB8GA1UdIwQY
MBaAFKMN2qdJTWm6HKy0V++RttzSLo3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTIt
NjU0NGEyYjk5ODE3LzEvM1NxMkNtYVlDcmtuN3JLUUptRHMtYnNkU2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTItNjU0NGEyYjk5ODE3
LzEvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAhpMDBAK5
SRQwDQQCAAIwBwMFAyoFPgAwDQYJKoZIhvcNAQELBQADggEBAGoh0rwYmPQ6OkXL
LcUduL53OxhpvvykkT2q0j/p64dY6Otfb6q/71rvUeqAmOtKvNvh9VjaJNrMnOeI
D8zPjDAiAp5K3qfQM3H+DlFYAD0mHD5i/o8bbU9iQWk2TGPA96qHoKRngEBDAViu
x6pMCs+sQMx6qiJFIll1z6OYfLQDL8gNsRzX98Y954fysOvFHCsYr/bBjTOIkH62
+sO1OyoFn4YTCzNYGOTLvJ7C6VCx7cZR3Gko1EkPU3wmxAzWWYVmB8VbP4l3IPoP
shFyJ3f4RiMnUEJ6J3UzfFldRNqPsXmCnNAYNOGOBLePSUPf6RUKZwMsETgfkxqs
UID+hzA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org