Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/3TOUhgccQ5dRK5AUf9WBFMagxwI.roa
File: 3TOUhgccQ5dRK5AUf9WBFMagxwI.roa (raw, json)
Hash identifier: qgTVtFNkTxIp5RUKEcTv/WAyr0v58s4nJUa1WEamEkQ=
Subject key identifier: DD:33:94:86:07:1C:43:97:51:2B:90:14:7F:D5:81:14:C6:A0:C7:02
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194B781383B23B86BA4C8750AC59BE2B6F4
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/3TOUhgccQ5dRK5AUf9WBFMagxwI.roa
Signing time: Thu 30 Jan 2025 13:58:06 +0000
ROA not before: Thu 30 Jan 2025 13:58:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 11798
IP address blocks: 185.207.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Feb 2025 23:11:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:81:38:3b:23:b8:6b:a4:c8:75:0a:c5:9b:e2:b6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 30 13:58:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd339486071c4397512b90147fd58114c6a0c702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ef:92:b2:2b:d1:ca:f3:1a:0c:b5:52:4f:9f:
49:a1:83:fb:72:d1:b9:49:cd:32:2a:61:89:40:d1:
be:f5:da:cd:96:12:d4:d0:33:f5:ef:5e:7f:30:12:
bb:4e:0e:49:b4:25:c0:0c:89:97:78:16:a7:73:8d:
85:bc:01:4f:25:61:68:c0:f3:4d:68:02:33:27:14:
08:12:95:1f:ac:2f:83:01:5a:36:85:fe:e6:cd:b1:
1f:85:64:70:18:82:4c:08:c3:31:fa:74:c4:55:4a:
0b:c7:57:1d:e3:1f:24:fc:db:b5:ee:3e:2c:95:82:
5e:24:e1:47:bc:72:d8:a3:5f:b0:42:cb:c6:81:ec:
8c:07:44:e7:b6:e9:85:0d:e1:6f:46:cd:b5:5c:83:
5d:2d:21:29:ec:2b:fd:bc:d5:3c:3e:d2:10:d7:7d:
51:5e:c6:59:1d:e2:58:6e:9a:3a:68:29:89:f9:d5:
c1:91:7f:e1:ee:a1:b7:07:f4:03:88:a0:ae:1f:d1:
fd:1f:a2:ca:6f:68:b8:a0:40:c9:1d:e3:d0:05:1d:
f9:c5:56:70:83:da:04:37:5f:51:60:30:53:8f:60:
0b:88:84:e4:e7:ab:31:07:7b:83:a6:0f:9e:3b:3c:
3b:20:f8:7f:f0:f8:03:c4:ee:9c:72:64:6f:e7:34:
9a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:33:94:86:07:1C:43:97:51:2B:90:14:7F:D5:81:14:C6:A0:C7:02
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/3TOUhgccQ5dRK5AUf9WBFMagxwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.135.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:75:76:d1:2e:90:9c:73:ee:12:96:e8:08:98:69:c0:50:34:
6a:3c:3a:a0:a7:87:39:db:3f:f4:a4:f9:96:df:0b:43:66:4c:
ae:de:1d:d2:f9:b5:f2:5d:88:68:32:b6:f6:47:c4:ba:6c:c6:
8e:cb:e2:54:38:9d:3b:73:f7:41:40:06:3d:82:ab:de:e5:00:
ae:9a:25:c3:3a:64:1b:53:1d:7a:2d:d3:eb:8a:b4:1e:27:57:
a0:82:e2:0e:1d:7c:d3:a3:aa:8e:ea:e4:20:b5:bd:76:2a:79:
6d:55:f9:c0:79:5c:bb:35:94:ba:bc:e9:59:70:76:41:b6:3f:
ad:0a:e8:6e:33:d8:d0:f8:0a:e2:d5:ec:c0:96:46:d5:f3:cb:
ca:0e:6b:5d:b6:4d:fe:6c:1b:6e:bd:5c:36:55:c7:c3:d7:56:
52:80:5d:b1:72:d7:51:09:4e:e2:b6:01:19:85:4e:b2:79:3a:
e9:f4:f1:4e:67:5c:b1:d8:49:77:0e:44:5c:2d:a7:43:3a:9f:
0a:3f:18:00:c6:94:45:dd:ad:07:b4:a5:19:b0:a1:06:67:c2:
0a:ce:8b:41:32:06:8c:74:94:95:5e:fc:11:5e:8c:75:65:6f:
db:87:69:6d:75:e2:09:14:2c:96:87:24:f1:37:d2:a1:36:7c:
6a:ba:5e:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS3gTg7I7hrpMh1CsWb4rb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTMwMTM1ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDMzOTQ4NjA3MWM0Mzk3NTEyYjkwMTQ3ZmQ1ODExNGM2YTBjNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt++SsivRyvMaDLVST59JoYP7ctG5
Sc0yKmGJQNG+9drNlhLU0DP1715/MBK7Tg5JtCXADImXeBanc42FvAFPJWFowPNN
aAIzJxQIEpUfrC+DAVo2hf7mzbEfhWRwGIJMCMMx+nTEVUoLx1cd4x8k/Nu17j4s
lYJeJOFHvHLYo1+wQsvGgeyMB0TntumFDeFvRs21XINdLSEp7Cv9vNU8PtIQ131R
XsZZHeJYbpo6aCmJ+dXBkX/h7qG3B/QDiKCuH9H9H6LKb2i4oEDJHePQBR35xVZw
g9oEN19RYDBTj2ALiITk56sxB3uDpg+eOzw7IPh/8PgDxO6ccmRv5zSasQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0zlIYHHEOXUSuQFH/VgRTGoMcCMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvM1RPVWhnY2NRNWRSSzVBVWY5V0JGTWFneHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc+HMA0G
CSqGSIb3DQEBCwUAA4IBAQCfdXbRLpCcc+4SlugImGnAUDRqPDqgp4c52z/0pPmW
3wtDZkyu3h3S+bXyXYhoMrb2R8S6bMaOy+JUOJ07c/dBQAY9gqve5QCumiXDOmQb
Ux16LdPrirQeJ1egguIOHXzTo6qO6uQgtb12KnltVfnAeVy7NZS6vOlZcHZBtj+t
CuhuM9jQ+Ari1ezAlkbV88vKDmtdtk3+bBtuvVw2VcfD11ZSgF2xctdRCU7itgEZ
hU6yeTrp9PFOZ1yx2El3DkRcLadDOp8KPxgAxpRF3a0HtKUZsKEGZ8IKzotBMgaM
dJSVXvwRXox1ZW/bh2ltdeIJFCyWhyTxN9KhNnxqul7V
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:04 2025 by rpki-client