Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/3gd8anPE_BFHmcbv2Zc4DP_sgeI.roa
File: 3gd8anPE_BFHmcbv2Zc4DP_sgeI.roa (raw, json)
Hash identifier: XNb4IZ6kYJLZOn3r3xgBgGxVtF6DvP0w+O/nw+sInv0=
Subject key identifier: DE:07:7C:6A:73:C4:FC:11:47:99:C6:EF:D9:97:38:0C:FF:EC:81:E2
Certificate issuer: /CN=fe3b0385260ac66f21c43f5ab78bac682e8ce54f
Certificate serial: 01856FF0161C90B673AE89EABC06D9E80636
Authority key identifier: FE:3B:03:85:26:0A:C6:6F:21:C4:3F:5A:B7:8B:AC:68:2E:8C:E5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_jsDhSYKxm8hxD9at4usaC6M5U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/3gd8anPE_BFHmcbv2Zc4DP_sgeI.roa
Signing time: Mon 02 Jan 2023 00:44:43 +0000
ROA not before: Mon 02 Jan 2023 00:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 37.140.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:16:1c:90:b6:73:ae:89:ea:bc:06:d9:e8:06:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe3b0385260ac66f21c43f5ab78bac682e8ce54f
Validity
Not Before: Jan 2 00:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de077c6a73c4fc114799c6efd997380cffec81e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4a:fb:d4:5b:94:71:be:e7:52:b7:57:e4:28:
f8:45:03:23:ba:cb:ae:fa:cf:fa:bc:df:b8:39:28:
82:9c:23:97:4e:11:21:1a:39:f1:5c:f4:4e:b1:68:
7e:c7:79:13:76:58:9d:a0:47:94:c7:e7:12:f5:16:
af:4c:84:3a:1e:ad:0e:8a:96:87:e2:52:0c:50:70:
24:57:c7:a3:18:42:3b:16:33:28:bf:57:8d:8c:c0:
47:68:12:ed:31:85:15:10:de:ca:26:08:27:32:67:
8c:d7:44:ad:7c:f5:60:8a:0e:c3:29:d4:28:0e:32:
9b:81:90:f4:71:0c:d7:0a:cd:5d:a1:03:e3:35:86:
cb:c1:7a:1b:38:95:ef:05:69:97:80:c1:ae:b8:9b:
60:4d:00:db:a8:fa:b8:5d:ae:d5:29:57:5f:2e:6d:
ec:d4:32:b9:e4:d3:cf:b6:a1:c1:fc:94:23:c1:ab:
38:9e:05:60:aa:c6:db:ca:5b:97:f3:c8:9f:55:3b:
58:37:2f:bc:17:77:09:f0:7c:4d:48:81:42:0f:cd:
5b:75:6a:2d:2a:51:a3:4a:08:7a:ff:36:fb:66:ac:
25:cd:52:55:ba:e6:69:44:9e:e4:0a:ae:61:d0:8d:
74:3c:2b:1f:33:4c:89:eb:ea:2e:31:4c:68:fe:cc:
0e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:07:7C:6A:73:C4:FC:11:47:99:C6:EF:D9:97:38:0C:FF:EC:81:E2
X509v3 Authority Key Identifier:
keyid:FE:3B:03:85:26:0A:C6:6F:21:C4:3F:5A:B7:8B:AC:68:2E:8C:E5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_jsDhSYKxm8hxD9at4usaC6M5U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/3gd8anPE_BFHmcbv2Zc4DP_sgeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a2ffd9-745d-4e7d-b2b2-75033f8f7210/1/_jsDhSYKxm8hxD9at4usaC6M5U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.208.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:98:ac:d2:46:45:80:a4:7a:74:c9:42:fc:cc:86:e1:fa:8e:
a2:e9:f3:a9:fc:bf:8d:57:cd:c0:4d:e1:c7:60:1b:73:1b:ce:
8d:fc:88:9e:27:ea:41:13:e5:34:5f:ee:ba:83:b6:74:ef:57:
9d:a4:8e:5b:fd:c5:4e:42:61:ae:c4:2b:e8:9b:98:ed:d4:de:
b4:cf:c6:b8:35:50:9c:2c:a1:95:06:18:89:15:98:d8:7f:4f:
30:04:0e:b2:1c:ae:51:34:98:95:ff:bd:26:c4:e7:82:85:57:
46:fd:27:c9:34:13:65:e0:9d:c8:07:71:45:12:c9:8e:a6:c9:
92:de:2c:54:d7:c5:48:d0:49:07:91:d0:1d:30:1c:7e:88:83:
74:d8:f4:c8:7b:b7:3b:65:19:7b:45:78:b7:2f:8f:32:14:f2:
fc:24:d9:fc:dd:de:71:4b:16:b8:78:24:d8:dc:c0:e0:6f:b5:
7e:33:4f:15:72:53:d0:68:4f:62:16:fc:83:77:06:8f:28:13:
af:bc:42:9c:13:41:cd:09:14:70:56:4d:87:67:9e:cb:ad:f5:
89:99:49:55:7c:66:d9:11:20:f9:06:cf:a8:0b:c7:8a:47:b3:
f2:69:05:37:7f:74:26:bc:4f:cd:14:c5:ca:d5:70:c0:db:4d:
3c:8d:93:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8BYckLZzronqvAbZ6AY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlM2IwMzg1MjYwYWM2NmYyMWM0M2Y1YWI3OGJhYzY4MmU4
Y2U1NGYwHhcNMjMwMTAyMDA0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTA3N2M2YTczYzRmYzExNDc5OWM2ZWZkOTk3MzgwY2ZmZWM4MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEr71FuUcb7nUrdX5Cj4RQMjusuu
+s/6vN+4OSiCnCOXThEhGjnxXPROsWh+x3kTdlidoEeUx+cS9RavTIQ6Hq0OipaH
4lIMUHAkV8ejGEI7FjMov1eNjMBHaBLtMYUVEN7KJggnMmeM10StfPVgig7DKdQo
DjKbgZD0cQzXCs1doQPjNYbLwXobOJXvBWmXgMGuuJtgTQDbqPq4Xa7VKVdfLm3s
1DK55NPPtqHB/JQjwas4ngVgqsbbyluX88ifVTtYNy+8F3cJ8HxNSIFCD81bdWot
KlGjSgh6/zb7ZqwlzVJVuuZpRJ7kCq5h0I10PCsfM0yJ6+ouMUxo/swOqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4HfGpzxPwRR5nG79mXOAz/7IHiMB8GA1UdIwQY
MBaAFP47A4UmCsZvIcQ/WreLrGgujOVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2pzRGhTWUt4bThoeEQ5YXQ0dXNhQzZNNVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9hMmZmZDktNzQ1ZC00ZTdkLWIyYjIt
NzUwMzNmOGY3MjEwLzEvM2dkOGFuUEVfQkZIbWNidjJaYzREUF9zZ2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9hMmZmZDktNzQ1ZC00ZTdkLWIyYjItNzUwMzNmOGY3MjEw
LzEvX2pzRGhTWUt4bThoeEQ5YXQ0dXNhQzZNNVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJYzQMA0G
CSqGSIb3DQEBCwUAA4IBAQAMmKzSRkWApHp0yUL8zIbh+o6i6fOp/L+NV83ATeHH
YBtzG86N/IieJ+pBE+U0X+66g7Z071edpI5b/cVOQmGuxCvom5jt1N60z8a4NVCc
LKGVBhiJFZjYf08wBA6yHK5RNJiV/70mxOeChVdG/SfJNBNl4J3IB3FFEsmOpsmS
3ixU18VI0EkHkdAdMBx+iIN02PTIe7c7ZRl7RXi3L48yFPL8JNn83d5xSxa4eCTY
3MDgb7V+M08VclPQaE9iFvyDdwaPKBOvvEKcE0HNCRRwVk2HZ57LrfWJmUlVfGbZ
ESD5Bs+oC8eKR7PyaQU3f3QmvE/NFMXK1XDA2008jZNm
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:16 2024 by rpki-client on console-ams.rpki-client.org