Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/RAC13lIY1uLXpSg7X4b6GuImLy4.roa
File: RAC13lIY1uLXpSg7X4b6GuImLy4.roa (raw, json)
Hash identifier: 4FMd7/0YzXbZo6BvmbBTQj8uVKzkYR7uB+k9L8HIiCg=
Subject key identifier: 44:00:B5:DE:52:18:D6:E2:D7:A5:28:3B:5F:86:FA:1A:E2:26:2F:2E
Certificate issuer: /CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Certificate serial: 01857762306B6E5E61A978AEDEC74E09BD8A
Authority key identifier: 3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/RAC13lIY1uLXpSg7X4b6GuImLy4.roa
Signing time: Tue 03 Jan 2023 11:26:41 +0000
ROA not before: Tue 03 Jan 2023 11:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12665
IP address blocks: 212.4.224.0/19 maxlen: 19
195.238.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 19 Apr 2023 11:36:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:62:30:6b:6e:5e:61:a9:78:ae:de:c7:4e:09:bd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Validity
Not Before: Jan 3 11:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4400b5de5218d6e2d7a5283b5f86fa1ae2262f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:6d:47:09:9b:f6:0a:38:1b:5b:8c:e7:94:
56:b5:61:55:c3:1e:ea:54:44:0d:c6:7b:20:fa:d4:
0a:e4:f3:e5:de:ec:fc:8f:17:e3:52:d4:e0:cf:c3:
a1:e3:7a:9c:46:b6:1e:21:6b:4a:e2:bc:48:2d:cc:
da:42:39:d1:c9:54:78:2a:0c:ac:f6:45:ed:40:aa:
88:ce:99:c5:0d:e7:43:ca:1c:6a:df:8e:11:d2:ae:
51:8d:3e:19:b1:02:24:34:75:2d:c2:94:54:2b:c4:
d4:e2:2b:77:30:52:ef:1e:43:51:52:26:c0:cb:7e:
a6:67:3c:88:5d:7f:f0:9b:8c:ac:6d:64:3f:f5:91:
ac:ca:81:09:fa:d2:dd:95:6a:7c:ed:4e:6c:2e:2e:
8b:d7:82:e3:98:7d:85:d3:f8:e8:c5:3d:80:1c:5c:
31:ef:c9:a6:69:c0:ba:3b:50:b6:02:6f:96:6d:80:
52:89:56:58:87:8b:69:68:0a:67:29:d3:ed:98:35:
6d:ee:72:99:4e:2a:de:50:d0:fd:d4:85:17:35:a3:
00:3e:4a:72:0e:9e:39:1a:76:3e:2e:87:1b:d0:13:
1b:52:e7:6e:dd:72:dd:f6:a3:ae:55:23:79:26:28:
b4:9c:0e:00:ad:63:bf:6a:48:14:6a:e7:c0:41:54:
c8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:00:B5:DE:52:18:D6:E2:D7:A5:28:3B:5F:86:FA:1A:E2:26:2F:2E
X509v3 Authority Key Identifier:
keyid:3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/RAC13lIY1uLXpSg7X4b6GuImLy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.128.0/19
212.4.224.0/19
Signature Algorithm: sha256WithRSAEncryption
91:9e:59:77:bc:8f:a2:c5:ac:75:51:88:6d:5f:f5:60:41:2a:
be:41:42:e1:ed:7a:fa:cf:52:d2:2e:46:ca:7a:09:87:31:f3:
2d:d8:68:98:65:05:48:57:6e:b9:30:6e:f4:4e:3c:35:d3:02:
b0:59:2c:8c:fd:91:80:99:96:e3:7f:83:0d:47:c6:a1:76:1a:
0b:92:45:d1:39:bd:dc:9e:24:0f:79:9c:1d:bc:ff:06:7d:72:
b7:6d:90:1d:e3:ae:5f:b3:e7:87:c0:cd:fd:a6:37:57:12:cc:
58:f0:ae:62:48:44:0e:c2:ee:9c:a4:61:8f:52:d4:b1:47:64:
3e:c9:55:67:f2:3d:85:c1:47:20:42:c3:0a:6a:99:17:38:94:
65:a7:31:0f:42:42:fd:f6:54:62:7a:e2:6b:40:8b:57:4e:fc:
f6:ab:47:70:db:8a:63:85:4d:9f:21:a8:9d:82:39:f8:03:da:
ec:5e:f6:3e:57:ca:fc:9e:15:1b:ed:d3:4a:1e:a0:31:f9:27:
5d:70:67:31:95:60:4e:fb:9e:14:2c:bb:a6:c9:a2:fb:47:3e:
33:20:33:e2:b1:d5:e8:bc:df:f0:26:90:cf:3d:69:30:c6:0e:
54:40:8d:fe:1b:10:d9:c5:18:23:47:ef:c1:c0:e7:5d:4e:c9:
3a:9b:bc:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYV3YjBrbl5hqXiu3sdOCb2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjhhNDBjNmEyYzY5OTNjOWZiZTgxZGYzZWE3ZGQzNzJm
OTZkZWMwHhcNMjMwMTAzMTEyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDAwYjVkZTUyMThkNmUyZDdhNTI4M2I1Zjg2ZmExYWUyMjYyZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMFtRwmb9go4G1uM55RWtWFVwx7q
VEQNxnsg+tQK5PPl3uz8jxfjUtTgz8Oh43qcRrYeIWtK4rxILczaQjnRyVR4Kgys
9kXtQKqIzpnFDedDyhxq344R0q5RjT4ZsQIkNHUtwpRUK8TU4it3MFLvHkNRUibA
y36mZzyIXX/wm4ysbWQ/9ZGsyoEJ+tLdlWp87U5sLi6L14LjmH2F0/joxT2AHFwx
78mmacC6O1C2Am+WbYBSiVZYh4tpaApnKdPtmDVt7nKZTireUND91IUXNaMAPkpy
Dp45GnY+Locb0BMbUudu3XLd9qOuVSN5Jii0nA4ArWO/akgUaufAQVTIGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEQAtd5SGNbi16UoO1+G+hriJi8uMB8GA1UdIwQY
MBaAFD34pAxqLGmTyfvoHfPqfdNy+W3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2Yt
ODk1YTVhMzkyNDM4LzEvUkFDMTNsSVkxdUxYcFNnN1g0YjZHdUltTHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2YtODk1YTVhMzkyNDM4
LzEvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFw+6AAwQF
1ATgMA0GCSqGSIb3DQEBCwUAA4IBAQCRnll3vI+ixax1UYhtX/VgQSq+QULh7Xr6
z1LSLkbKegmHMfMt2GiYZQVIV265MG70Tjw10wKwWSyM/ZGAmZbjf4MNR8ahdhoL
kkXROb3cniQPeZwdvP8GfXK3bZAd465fs+eHwM39pjdXEsxY8K5iSEQOwu6cpGGP
UtSxR2Q+yVVn8j2FwUcgQsMKapkXOJRlpzEPQkL99lRieuJrQItXTvz2q0dw24pj
hU2fIaidgjn4A9rsXvY+V8r8nhUb7dNKHqAx+SddcGcxlWBO+54ULLumyaL7Rz4z
IDPisdXovN/wJpDPPWkwxg5UQI3+GxDZxRgjR+/BwOddTsk6m7zO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:31 2024 by rpki-client on console-fra.rpki-client.org