Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3PqvYPG0NwwSJhEMJFJsoJEDvV8.roa
File: 3PqvYPG0NwwSJhEMJFJsoJEDvV8.roa (raw, json)
Hash identifier: c08Dy+fUJJcjd4PcC1L5RX371tJRUV6jE6VBj6+RO8c=
Subject key identifier: DC:FA:AF:60:F1:B4:37:0C:12:26:11:0C:24:52:6C:A0:91:03:BD:5F
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01878F1C2E80673ED229F0C58648640735AA
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3PqvYPG0NwwSJhEMJFJsoJEDvV8.roa
Signing time: Mon 17 Apr 2023 12:06:41 +0000
ROA not before: Mon 17 Apr 2023 12:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.209.163.0/24 maxlen: 24
5.253.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:1c:2e:80:67:3e:d2:29:f0:c5:86:48:64:07:35:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 17 12:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcfaaf60f1b4370c1226110c24526ca09103bd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6c:5c:a3:37:f0:e1:aa:88:e9:89:77:fb:dd:
5b:14:30:e2:b9:2e:a1:2c:22:f3:57:cb:b9:77:10:
8d:28:d9:f2:37:ef:0a:5f:8f:6b:87:d5:b9:05:1f:
e0:61:54:b9:4f:c5:35:ad:98:6d:c9:23:a5:1b:0a:
d7:60:87:59:ae:e5:10:ac:05:f6:5d:35:73:32:ea:
d5:29:a2:dd:8b:68:c7:03:32:d2:23:76:29:f1:bc:
78:11:f4:9c:99:39:25:42:01:c0:b1:56:2f:c1:45:
77:6f:cb:96:c6:50:4d:ca:cf:2b:45:35:f2:97:fe:
d9:50:0b:ce:87:61:28:72:8a:cc:b0:97:9d:23:0c:
9e:63:ca:93:7d:bc:e1:67:38:b6:d8:82:6d:66:c1:
26:06:92:38:d9:38:71:1c:af:4a:b3:99:03:29:7a:
49:af:04:f4:41:a9:2a:d9:56:fa:34:da:c8:ac:2c:
bd:df:2b:a7:d9:84:d5:0a:51:90:57:f1:14:84:78:
78:61:5a:4d:8b:ba:7d:72:ab:74:1d:46:78:1c:62:
2f:04:61:90:51:f7:7f:b5:10:8d:17:34:6a:49:38:
66:6c:4b:80:99:79:d6:24:57:3e:e3:cd:32:dd:ea:
c0:6f:57:0a:ec:2e:e0:c2:2b:72:19:34:40:42:d1:
d1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FA:AF:60:F1:B4:37:0C:12:26:11:0C:24:52:6C:A0:91:03:BD:5F
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3PqvYPG0NwwSJhEMJFJsoJEDvV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.36.0/24
85.209.163.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:22:58:d7:e1:b2:63:17:f8:10:1b:cd:fe:0a:4f:66:60:d5:
83:ad:22:8e:81:c9:2a:6f:e4:0a:e1:6b:51:4c:75:83:e3:0e:
36:79:14:8e:b0:82:bf:bb:29:25:df:ed:f1:97:b7:f7:64:a4:
8d:8d:11:56:53:cd:76:5c:fd:2b:ab:4a:82:49:22:2d:88:fc:
7c:a1:8d:c3:db:3b:3e:e6:17:92:97:92:c3:2e:9f:bb:63:2a:
24:69:5c:4f:52:0e:aa:45:d8:cf:f3:73:34:64:3d:ed:c2:ed:
8d:48:bd:9a:93:d2:f8:d6:1e:91:98:00:ad:21:66:22:3b:6a:
70:62:1f:3e:ef:84:60:d0:01:40:65:a0:29:a2:db:87:28:0f:
cf:67:eb:2f:09:b1:5e:4f:af:cd:19:b8:e1:f4:60:15:fd:fd:
91:d4:7c:64:7b:45:70:6b:2a:fb:13:05:7f:49:04:5b:42:03:
18:b3:85:73:28:3f:7b:c7:2c:47:52:26:a6:f2:58:c2:70:55:
aa:05:69:11:ce:79:03:aa:a4:3b:c0:21:60:fe:7d:14:9e:04:
a0:86:49:77:82:4d:72:65:04:34:0f:8b:8e:3b:16:de:aa:60:
25:de:f5:db:e0:e0:fe:21:ad:84:d2:24:2a:00:51:b0:3b:eb:
b2:ee:a5:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYePHC6AZz7SKfDFhkhkBzWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNDE3MTIwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ZhYWY2MGYxYjQzNzBjMTIyNjExMGMyNDUyNmNhMDkxMDNiZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGxcozfw4aqI6Yl3+91bFDDiuS6h
LCLzV8u5dxCNKNnyN+8KX49rh9W5BR/gYVS5T8U1rZhtySOlGwrXYIdZruUQrAX2
XTVzMurVKaLdi2jHAzLSI3Yp8bx4EfScmTklQgHAsVYvwUV3b8uWxlBNys8rRTXy
l/7ZUAvOh2EocorMsJedIwyeY8qTfbzhZzi22IJtZsEmBpI42ThxHK9Ks5kDKXpJ
rwT0Qakq2Vb6NNrIrCy93yun2YTVClGQV/EUhHh4YVpNi7p9cqt0HUZ4HGIvBGGQ
Ufd/tRCNFzRqSThmbEuAmXnWJFc+480y3erAb1cK7C7gwityGTRAQtHRBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNz6r2DxtDcMEiYRDCRSbKCRA71fMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvM1BxdllQRzBOd3dTSmhFTUpGSnNvSkVEdlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABf0kAwQA
VdGjMA0GCSqGSIb3DQEBCwUAA4IBAQDFIljX4bJjF/gQG83+Ck9mYNWDrSKOgckq
b+QK4WtRTHWD4w42eRSOsIK/uykl3+3xl7f3ZKSNjRFWU812XP0rq0qCSSItiPx8
oY3D2zs+5heSl5LDLp+7YyokaVxPUg6qRdjP83M0ZD3twu2NSL2ak9L41h6RmACt
IWYiO2pwYh8+74Rg0AFAZaApotuHKA/PZ+svCbFeT6/NGbjh9GAV/f2R1Hxke0Vw
ayr7EwV/SQRbQgMYs4VzKD97xyxHUiam8ljCcFWqBWkRznkDqqQ7wCFg/n0UngSg
hkl3gk1yZQQ0D4uOOxbeqmAl3vXb4OD+Ia2E0iQqAFGwO+uy7qWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:19 2024 by rpki-client on console-ams.rpki-client.org