Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/3TC1cTmaf2_1JKrjUPk7yov7jkQ.roa
File: 3TC1cTmaf2_1JKrjUPk7yov7jkQ.roa (raw, json)
Hash identifier: 2ts7Nl15MV+RL9xa7QvjkBFavMisH/GSLF7F00v48Y8=
Subject key identifier: DD:30:B5:71:39:9A:7F:6F:F5:24:AA:E3:50:F9:3B:CA:8B:FB:8E:44
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 0185711E47CF65A96BA58BBE0CDDA20FFE17
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/3TC1cTmaf2_1JKrjUPk7yov7jkQ.roa
Signing time: Mon 02 Jan 2023 06:14:47 +0000
ROA not before: Mon 02 Jan 2023 06:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208660
IP address blocks: 185.213.72.0/22 maxlen: 22
185.226.12.0/22 maxlen: 22
185.226.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 13 Oct 2023 16:57:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:47:cf:65:a9:6b:a5:8b:be:0c:dd:a2:0f:fe:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Jan 2 06:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd30b571399a7f6ff524aae350f93bca8bfb8e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e2:4f:11:38:ee:99:a2:9a:62:6d:19:7b:17:
46:e4:7f:00:20:a7:c0:5e:b7:43:af:a3:dc:3a:67:
20:1c:69:a4:c7:84:bc:5c:b6:32:a7:b0:7c:12:58:
19:6a:52:03:8e:fd:a1:9f:9f:b7:88:2c:ce:bb:e4:
08:ae:b3:35:98:6a:c7:a4:f1:db:4f:da:e4:4d:fc:
6d:66:27:1d:be:11:f4:40:d1:54:0d:5d:78:c4:99:
39:89:77:0f:98:90:a0:ba:32:ea:40:f1:f0:c1:18:
d5:e3:85:cd:29:00:8d:91:ca:1a:43:8f:60:eb:a9:
3c:ce:de:c7:fa:3c:6f:b8:90:47:d2:3a:51:dc:95:
b8:4c:4a:7b:8d:8c:6e:27:a7:af:32:86:45:2b:73:
2e:3b:1d:96:b5:2c:c4:17:cd:98:39:d9:c2:93:14:
f3:60:ca:39:51:45:cc:34:fd:82:4c:f5:23:9f:49:
86:92:60:80:35:41:43:d3:96:02:5b:c4:2e:06:17:
f0:64:82:1f:18:b1:55:5d:22:0c:cf:a2:e6:f4:c1:
fe:f8:59:88:3d:42:da:7b:e1:59:f8:d1:98:b5:4f:
89:75:27:2b:39:9b:b3:5a:c6:1e:4c:fa:8c:ed:b0:
ea:e0:4b:2f:02:53:b2:e5:f4:8a:4c:5a:97:af:03:
58:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:30:B5:71:39:9A:7F:6F:F5:24:AA:E3:50:F9:3B:CA:8B:FB:8E:44
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/3TC1cTmaf2_1JKrjUPk7yov7jkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.72.0/22
185.226.12.0/22
185.226.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:41:27:84:40:5f:d1:c7:fa:9b:7b:51:d2:92:64:b3:87:0c:
51:bc:a1:7b:56:37:34:00:63:92:9b:68:f9:2d:d2:92:d8:da:
50:5b:3c:94:e7:a6:b9:c7:14:96:3a:22:05:14:3b:d0:3f:61:
97:6e:b0:fd:0a:2f:25:2d:1c:ae:a7:0b:a6:09:ad:83:b6:fb:
41:10:10:6c:a9:c1:01:e0:e4:00:8f:c8:f2:00:68:73:47:0c:
fd:55:24:c4:41:7f:b1:76:c9:8b:65:a6:da:9e:63:01:97:07:
f3:84:63:5e:52:1a:b3:25:9a:1f:ee:ab:0a:56:c4:63:81:d2:
87:ac:b2:1f:c9:f9:6c:55:21:a3:14:d0:74:d1:e2:5f:47:f3:
61:ee:fc:17:bf:0c:eb:e0:75:f2:35:2b:50:38:c5:9d:b3:05:
1f:20:30:b3:b6:57:a9:1d:12:02:48:0a:78:ff:3f:f9:b1:d0:
9b:70:5a:c4:45:28:c3:96:6d:11:6c:72:27:e7:8c:52:05:b9:
ea:2b:4a:a9:a6:eb:07:5d:08:f6:ec:cc:28:df:0d:85:f3:e1:
32:e6:03:c5:c6:3a:a0:e7:43:6d:99:09:5e:5e:fb:fe:11:6d:
de:ef:f7:33:01:5e:aa:46:fa:d3:98:59:4e:25:e5:d7:1b:d1:
4b:d0:7d:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxHkfPZalrpYu+DN2iD/4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjMwMTAyMDYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDMwYjU3MTM5OWE3ZjZmZjUyNGFhZTM1MGY5M2JjYThiZmI4ZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOJPETjumaKaYm0ZexdG5H8AIKfA
XrdDr6PcOmcgHGmkx4S8XLYyp7B8ElgZalIDjv2hn5+3iCzOu+QIrrM1mGrHpPHb
T9rkTfxtZicdvhH0QNFUDV14xJk5iXcPmJCgujLqQPHwwRjV44XNKQCNkcoaQ49g
66k8zt7H+jxvuJBH0jpR3JW4TEp7jYxuJ6evMoZFK3MuOx2WtSzEF82YOdnCkxTz
YMo5UUXMNP2CTPUjn0mGkmCANUFD05YCW8QuBhfwZIIfGLFVXSIMz6Lm9MH++FmI
PULae+FZ+NGYtU+JdScrOZuzWsYeTPqM7bDq4EsvAlOy5fSKTFqXrwNYIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN0wtXE5mn9v9SSq41D5O8qL+45EMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvM1RDMWNUbWFmMl8xSktyalVQazd5b3Y3amtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCudVIAwQC
ueIMAwQCueL8MA0GCSqGSIb3DQEBCwUAA4IBAQCPQSeEQF/Rx/qbe1HSkmSzhwxR
vKF7Vjc0AGOSm2j5LdKS2NpQWzyU56a5xxSWOiIFFDvQP2GXbrD9Ci8lLRyupwum
Ca2DtvtBEBBsqcEB4OQAj8jyAGhzRwz9VSTEQX+xdsmLZabanmMBlwfzhGNeUhqz
JZof7qsKVsRjgdKHrLIfyflsVSGjFNB00eJfR/Nh7vwXvwzr4HXyNStQOMWdswUf
IDCztlepHRICSAp4/z/5sdCbcFrERSjDlm0RbHIn54xSBbnqK0qppusHXQj27Mwo
3w2F8+Ey5gPFxjqg50NtmQleXvv+EW3e7/czAV6qRvrTmFlOJeXXG9FL0H2V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org