Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/3dbj5QH8rK7JIa34KftsZrepsMc.roa
File: 3dbj5QH8rK7JIa34KftsZrepsMc.roa (raw, json)
Hash identifier: 57MoLraZrPR3zFJzzylWR4TyN4TsiJd1LuFv6V8RtG0=
Subject key identifier: DD:D6:E3:E5:01:FC:AC:AE:C9:21:AD:F8:29:FB:6C:66:B7:A9:B0:C7
Certificate issuer: /CN=3d563e205ad217433709b200a0dcd30c70961c96
Certificate serial: 01857CB73D50D05D6C2172FD5ABFAE1138CD
Authority key identifier: 3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/3dbj5QH8rK7JIa34KftsZrepsMc.roa
Signing time: Wed 04 Jan 2023 12:17:41 +0000
ROA not before: Wed 04 Jan 2023 12:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34612
IP address blocks: 185.50.208.0/22 maxlen: 22
141.138.216.0/21 maxlen: 21
178.20.56.0/21 maxlen: 21
91.215.148.0/22 maxlen: 22
2a03:5380::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:b7:3d:50:d0:5d:6c:21:72:fd:5a:bf:ae:11:38:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d563e205ad217433709b200a0dcd30c70961c96
Validity
Not Before: Jan 4 12:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddd6e3e501fcacaec921adf829fb6c66b7a9b0c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:6f:f1:6a:bc:d7:93:dc:93:e4:15:a5:37:
95:b7:0e:0b:35:d8:46:e0:45:47:05:f6:72:49:3a:
00:46:80:11:38:19:e8:a3:9f:d6:7c:1e:38:10:29:
cb:6e:e6:62:c0:75:15:75:1e:ac:da:64:55:3a:b8:
fe:66:88:ff:70:39:5f:09:d5:b9:0b:3b:54:f6:4a:
b8:79:54:81:fd:1e:fe:05:f8:94:9a:a7:3e:6d:af:
7c:cc:98:34:70:ec:0c:28:c1:f1:5b:f3:51:5e:9f:
cb:32:53:4f:1c:84:cf:13:07:89:dc:46:97:90:a6:
e3:42:f2:0a:1f:f7:db:83:03:e3:76:81:df:3f:26:
59:07:d4:98:1a:07:d3:0d:a4:47:18:25:a4:a1:7c:
f8:5b:f6:30:97:78:28:b0:b0:91:48:52:fb:9b:09:
9a:d7:3b:f2:75:d9:dd:d8:79:12:71:25:c9:e2:bc:
82:e1:7a:52:8a:7a:75:20:b8:08:99:03:44:a0:ef:
d5:52:49:0d:52:34:cb:11:18:12:c8:42:53:5a:39:
58:0d:1f:8a:a5:87:d9:34:6f:06:96:37:39:0d:8b:
9e:3c:d3:4a:68:b7:be:46:76:50:de:54:49:8f:9f:
22:94:fb:4d:42:55:a8:0a:12:2e:3f:26:68:46:5f:
51:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D6:E3:E5:01:FC:AC:AE:C9:21:AD:F8:29:FB:6C:66:B7:A9:B0:C7
X509v3 Authority Key Identifier:
keyid:3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/3dbj5QH8rK7JIa34KftsZrepsMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/PVY-IFrSF0M3CbIAoNzTDHCWHJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.148.0/22
141.138.216.0/21
178.20.56.0/21
185.50.208.0/22
IPv6:
2a03:5380::/32
Signature Algorithm: sha256WithRSAEncryption
75:08:bd:ff:d6:ca:22:e3:c5:a5:89:a7:8d:97:b4:ff:01:ce:
94:35:19:7b:45:46:98:39:5b:2e:7a:99:9e:20:34:9e:58:83:
37:a8:8a:bd:de:b5:25:8f:c0:49:6f:7a:ef:a3:cb:b1:45:8c:
e9:15:76:81:a9:a0:7b:ad:22:81:29:70:ee:ef:8a:0a:06:4c:
52:fe:05:3c:c6:fb:d8:03:ee:46:65:d7:31:c3:dc:e2:cc:04:
38:0c:b8:6f:8c:93:ee:ac:51:46:1b:2b:f5:92:c2:97:25:48:
2f:83:55:96:31:67:0c:e5:b7:8e:2e:fd:be:c2:69:2f:25:b3:
c7:42:43:a6:49:d4:71:5e:35:73:c3:d3:92:9a:a2:08:cd:92:
53:a0:fb:80:90:f5:d9:c8:34:e1:64:d2:1b:19:13:4a:76:b9:
64:21:05:b4:e0:78:18:10:d3:97:05:a2:83:9b:fe:04:7c:70:
08:35:b9:0d:3c:d1:a4:6d:46:d5:c8:d2:b1:d9:0e:a3:04:ea:
7a:7f:84:53:5b:34:ac:49:cb:c6:1e:87:06:96:dc:27:09:10:
46:a6:e5:75:b1:59:28:0d:97:8a:9d:e1:14:e3:47:7a:46:39:
4c:98:2b:34:d5:bc:68:55:70:ec:cf:12:bc:de:fe:c4:47:fe:
25:d5:9e:90
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYV8tz1Q0F1sIXL9Wr+uETjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNTYzZTIwNWFkMjE3NDMzNzA5YjIwMGEwZGNkMzBjNzA5
NjFjOTYwHhcNMjMwMTA0MTIxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ2ZTNlNTAxZmNhY2FlYzkyMWFkZjgyOWZiNmM2NmI3YTliMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpVv8Wq815Pck+QVpTeVtw4LNdhG
4EVHBfZySToARoAROBnoo5/WfB44ECnLbuZiwHUVdR6s2mRVOrj+Zoj/cDlfCdW5
CztU9kq4eVSB/R7+BfiUmqc+ba98zJg0cOwMKMHxW/NRXp/LMlNPHITPEweJ3EaX
kKbjQvIKH/fbgwPjdoHfPyZZB9SYGgfTDaRHGCWkoXz4W/Ywl3gosLCRSFL7mwma
1zvyddnd2HkScSXJ4ryC4XpSinp1ILgImQNEoO/VUkkNUjTLERgSyEJTWjlYDR+K
pYfZNG8Gljc5DYuePNNKaLe+RnZQ3lRJj58ilPtNQlWoChIuPyZoRl9RvQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN3W4+UB/KyuySGt+Cn7bGa3qbDHMB8GA1UdIwQY
MBaAFD1WPiBa0hdDNwmyAKDc0wxwlhyWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2Njkt
ZTg0NGUyYzJlOWRhLzEvM2RiajVRSDhySzdKSWEzNEtmdHNacmVwc01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2NjktZTg0NGUyYzJlOWRh
LzEvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW9eUAwQD
jYrYAwQDshQ4AwQCuTLQMA0EAgACMAcDBQAqA1OAMA0GCSqGSIb3DQEBCwUAA4IB
AQB1CL3/1soi48WliaeNl7T/Ac6UNRl7RUaYOVsuepmeIDSeWIM3qIq93rUlj8BJ
b3rvo8uxRYzpFXaBqaB7rSKBKXDu74oKBkxS/gU8xvvYA+5GZdcxw9zizAQ4DLhv
jJPurFFGGyv1ksKXJUgvg1WWMWcM5beOLv2+wmkvJbPHQkOmSdRxXjVzw9OSmqII
zZJToPuAkPXZyDThZNIbGRNKdrlkIQW04HgYENOXBaKDm/4EfHAINbkNPNGkbUbV
yNKx2Q6jBOp6f4RTWzSsScvGHocGltwnCRBGpuV1sVkoDZeKneEU40d6RjlMmCs0
1bxoVXDszxK83v7ER/4l1Z6Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org