Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/n_T3MJR0crAPpn2KMnPbU0fDgDE.roa
File: n_T3MJR0crAPpn2KMnPbU0fDgDE.roa (raw, json)
Hash identifier: P5vRVkFvebF7PnKygmLcgYScIbO6PHWKGPoQ1xPihJw=
Subject key identifier: 9F:F4:F7:30:94:74:72:B0:0F:A6:7D:8A:32:73:DB:53:47:C3:80:31
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018B04282DAAF7732DCDEE99430815F9C11D
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/n_T3MJR0crAPpn2KMnPbU0fDgDE.roa
Signing time: Fri 06 Oct 2023 08:43:43 +0000
ROA not before: Fri 06 Oct 2023 08:43:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 185.251.44.0/22 maxlen: 32
194.156.112.0/22 maxlen: 32
195.66.216.0/21 maxlen: 32
185.247.228.0/22 maxlen: 32
195.158.208.0/22 maxlen: 32
95.175.64.0/19 maxlen: 32
185.251.248.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 06 Oct 2023 08:54:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:28:2d:aa:f7:73:2d:cd:ee:99:43:08:15:f9:c1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Oct 6 08:43:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ff4f730947472b00fa67d8a3273db5347c38031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:03:8d:07:ba:c1:6b:1a:cf:8a:a3:35:8e:1b:
a3:94:4e:c0:f4:e3:9c:5b:d9:f9:31:cc:4e:39:b4:
9d:29:48:ee:4f:29:59:ce:0a:8a:3e:5f:f4:cb:d6:
e1:82:e5:00:a5:15:16:18:5e:06:75:24:ac:21:4c:
d1:91:fb:fe:42:de:e8:73:89:79:4d:7a:85:97:61:
c7:66:fc:d2:ea:0b:9f:a6:7e:89:fd:a5:bc:eb:12:
41:32:df:6a:c3:a6:4a:1a:5f:f0:1e:39:d7:f7:85:
a9:7c:99:aa:d2:4f:9c:14:e6:7c:f9:76:c3:4c:19:
a9:04:fd:d8:df:6c:80:13:5c:b4:3a:d6:4a:90:bc:
87:70:6f:ea:ed:6e:d3:1a:c3:96:f0:da:95:0d:be:
ab:3d:ae:fe:1f:7b:2b:22:aa:51:23:a2:e4:92:a8:
1b:5b:76:73:77:33:87:a1:48:8e:ff:ae:0e:25:dc:
39:a5:32:ac:a3:c9:12:31:04:8a:a3:48:19:9a:89:
3a:a3:c8:58:be:ca:52:3d:2b:67:0c:cc:3e:f4:c5:
92:65:e0:ac:30:9c:b7:dc:b4:57:d6:ec:b0:5b:af:
e0:f9:b8:aa:6c:67:53:2c:5a:b4:e1:48:00:7a:39:
1e:b4:8a:ff:29:45:15:9c:28:c7:73:1b:62:56:50:
fd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F4:F7:30:94:74:72:B0:0F:A6:7D:8A:32:73:DB:53:47:C3:80:31
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/n_T3MJR0crAPpn2KMnPbU0fDgDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.64.0/19
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
194.156.112.0/22
195.66.216.0/21
195.158.208.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:43:e5:5b:0f:8a:05:00:9a:0a:6b:c0:74:ef:7a:10:67:88:
f8:45:f7:92:08:26:d6:0c:77:82:0f:98:07:e6:aa:2e:34:4b:
cc:ab:60:cc:b1:f3:d5:41:47:3e:37:e4:9c:4d:8a:61:0d:88:
7e:df:9d:7c:4c:85:58:22:2c:78:25:79:4d:ae:8b:ab:c1:ea:
76:e3:9c:15:75:b7:36:2e:ba:58:82:6e:c0:70:cd:7e:2c:c8:
91:63:bd:d7:7d:a7:57:34:02:f1:e8:87:93:d8:31:3b:4a:bd:
04:67:a0:77:4c:08:a2:d7:ca:79:70:50:46:10:27:92:ee:91:
8c:04:9f:0c:a5:9a:00:47:76:47:39:dc:db:2b:b2:f4:5e:28:
31:75:a5:96:26:81:8f:7b:45:ba:de:d4:78:8b:c7:f4:3f:24:
b3:2f:5d:c9:13:31:4e:a8:44:44:37:e3:2c:4d:50:69:34:09:
a7:ad:78:a7:62:64:1a:55:7b:3c:b0:7c:43:19:f7:f6:ea:5d:
60:f4:f8:de:87:80:7a:49:bd:55:dc:36:f9:9b:2b:55:8b:8b:
d7:88:bd:09:58:54:e3:94:80:6f:33:f3:8f:70:b5:b1:75:cc:
d2:e2:0e:97:97:47:f7:7e:9c:af:61:f1:52:ca:b8:37:d4:0a:
58:b2:58:b1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYsEKC2q93Mtze6ZQwgV+cEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMxMDA2MDg0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmY0ZjczMDk0NzQ3MmIwMGZhNjdkOGEzMjczZGI1MzQ3YzM4MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwONB7rBaxrPiqM1jhujlE7A9OOc
W9n5McxOObSdKUjuTylZzgqKPl/0y9bhguUApRUWGF4GdSSsIUzRkfv+Qt7oc4l5
TXqFl2HHZvzS6gufpn6J/aW86xJBMt9qw6ZKGl/wHjnX94WpfJmq0k+cFOZ8+XbD
TBmpBP3Y32yAE1y0OtZKkLyHcG/q7W7TGsOW8NqVDb6rPa7+H3srIqpRI6Lkkqgb
W3ZzdzOHoUiO/64OJdw5pTKso8kSMQSKo0gZmok6o8hYvspSPStnDMw+9MWSZeCs
MJy33LRX1uywW6/g+biqbGdTLFq04UgAejketIr/KUUVnCjHcxtiVlD9lQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ/09zCUdHKwD6Z9ijJz21NHw4AxMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvbl9UM01KUjBjckFQcG4yS01uUGJVMGZEZ0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFX69AAwQC
uffkAwQCufssAwQCufv4AwQCwpxwAwQDw0LYAwQCw57QMA0GCSqGSIb3DQEBCwUA
A4IBAQA/Q+VbD4oFAJoKa8B073oQZ4j4RfeSCCbWDHeCD5gH5qouNEvMq2DMsfPV
QUc+N+ScTYphDYh+3518TIVYIix4JXlNrourwep245wVdbc2LrpYgm7AcM1+LMiR
Y73XfadXNALx6IeT2DE7Sr0EZ6B3TAii18p5cFBGECeS7pGMBJ8MpZoAR3ZHOdzb
K7L0XigxdaWWJoGPe0W63tR4i8f0PySzL13JEzFOqEREN+MsTVBpNAmnrXinYmQa
VXs8sHxDGff26l1g9Pjeh4B6Sb1V3Db5mytVi4vXiL0JWFTjlIBvM/OPcLWxdczS
4g6Xl0f3fpyvYfFSyrg31ApYslix
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org