Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/3Z2P-MqGXFcGs5ItPcL9I_32ryc.roa
File: 3Z2P-MqGXFcGs5ItPcL9I_32ryc.roa (raw, json)
Hash identifier: EK9Q30HCCasP7gumHZa5qUPVcRmOGMZtj8SNiaNNU1E=
Subject key identifier: DD:9D:8F:F8:CA:86:5C:57:06:B3:92:2D:3D:C2:FD:23:FD:F6:AF:27
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0185720C5C14C18AE57B064B0AC853284E47
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/3Z2P-MqGXFcGs5ItPcL9I_32ryc.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.137.0/24 maxlen: 24
84.254.144.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
84.254.145.0/24 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
95.210.133.0/24 maxlen: 24
176.227.131.0/24 maxlen: 24
84.254.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 07:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5c:14:c1:8a:e5:7b:06:4b:0a:c8:53:28:4e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd9d8ff8ca865c5706b3922d3dc2fd23fdf6af27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:d6:8c:75:2f:e4:37:04:d0:34:00:4f:50:
d8:cd:e1:20:62:8e:70:90:98:00:27:6a:7d:36:28:
f0:76:c2:e8:05:8a:fa:a7:b9:89:16:dc:12:cb:21:
cf:24:fe:71:b6:8d:f0:d5:0c:a2:16:97:b6:e9:5a:
5e:f4:36:05:c8:7e:2c:b8:b8:50:37:be:e4:6d:f3:
98:1d:bc:62:54:2b:33:14:9a:ad:14:d1:4d:13:47:
a8:d3:49:63:38:44:da:51:97:32:76:c2:77:52:78:
64:05:c1:f7:9e:0b:ce:1d:11:77:a9:f6:8a:4d:2e:
10:b7:55:c5:05:e2:20:57:78:7e:f1:b3:24:e7:38:
1a:a0:f1:90:d4:89:68:43:26:83:0e:a7:79:98:1f:
52:c3:14:33:0b:fe:4f:e2:7d:c1:f2:c0:81:86:ee:
d9:fd:35:55:dd:da:fa:19:09:f8:d6:96:38:a0:27:
92:37:53:01:73:7b:c1:91:59:07:4e:84:a2:e2:cd:
09:63:3a:33:1d:87:5f:41:f1:41:cd:eb:6c:52:18:
df:31:6a:61:8a:82:b3:c8:cc:56:be:b4:40:95:88:
5e:fb:5b:56:89:a7:54:05:09:5d:70:47:bc:f2:44:
db:60:c4:f0:99:91:1c:e5:66:86:7f:67:15:25:b1:
a8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9D:8F:F8:CA:86:5C:57:06:B3:92:2D:3D:C2:FD:23:FD:F6:AF:27
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/3Z2P-MqGXFcGs5ItPcL9I_32ryc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0/24
84.254.137.0/24
84.254.144.0/23
95.210.111.0/24
95.210.132.0/23
176.227.131.0/24
Signature Algorithm: sha256WithRSAEncryption
74:0d:ca:7a:0d:91:c1:bc:16:37:62:8e:3a:9b:93:71:1f:67:
01:bb:dc:f4:67:81:8a:93:0e:ed:82:f5:e0:91:85:b8:ed:79:
56:63:06:38:38:09:0b:55:f3:27:97:2b:d0:94:3b:a5:b9:1a:
a2:39:fb:62:ad:5b:20:b2:8d:12:51:cc:18:39:19:d9:01:4e:
82:d9:01:7f:c0:4c:1d:ac:d9:f5:26:2a:eb:63:3a:6a:ef:62:
f2:66:35:23:96:98:08:40:21:75:9c:79:e6:ef:70:39:94:b1:
e0:0e:f8:79:a9:d7:ac:ed:dc:1f:37:5b:72:51:4b:22:c4:e6:
1b:bb:bc:5f:7b:f4:ea:5b:a4:74:a4:f4:b0:6a:7a:fc:1d:e2:
4b:32:ab:5b:5f:45:87:e4:f3:9d:80:09:1d:90:5d:20:58:42:
6d:e3:1c:86:cb:9a:75:f2:30:5e:0b:8a:2f:fb:f6:a4:c4:4f:
d9:fc:8f:30:e9:2b:b9:b2:7f:6e:72:50:cc:b8:81:53:5e:f3:
e2:ac:30:00:ab:2e:fe:92:bc:51:e5:b4:a8:5a:c3:e7:78:e3:
cc:69:94:c7:b3:1a:34:40:3b:55:a4:04:cb:a0:ce:db:95:cc:
51:fc:3b:ec:b8:e5:52:67:c8:e2:db:ba:24:04:f7:a0:43:5c:
97:62:ec:2c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVyDFwUwYrlewZLCshTKE5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlkOGZmOGNhODY1YzU3MDZiMzkyMmQzZGMyZmQyM2ZkZjZhZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOvWjHUv5DcE0DQAT1DYzeEgYo5w
kJgAJ2p9NijwdsLoBYr6p7mJFtwSyyHPJP5xto3w1QyiFpe26Vpe9DYFyH4suLhQ
N77kbfOYHbxiVCszFJqtFNFNE0eo00ljOETaUZcydsJ3UnhkBcH3ngvOHRF3qfaK
TS4Qt1XFBeIgV3h+8bMk5zgaoPGQ1IloQyaDDqd5mB9SwxQzC/5P4n3B8sCBhu7Z
/TVV3dr6GQn41pY4oCeSN1MBc3vBkVkHToSi4s0JYzozHYdfQfFBzetsUhjfMWph
ioKzyMxWvrRAlYhe+1tWiadUBQldcEe88kTbYMTwmZEc5WaGf2cVJbGoEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN2dj/jKhlxXBrOSLT3C/SP99q8nMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvM1oyUC1NcUdYRmNHczVJdFBjTDlJXzMycnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVP6CAwQA
VP6JAwQBVP6QAwQAX9JvAwQBX9KEAwQAsOODMA0GCSqGSIb3DQEBCwUAA4IBAQB0
Dcp6DZHBvBY3Yo46m5NxH2cBu9z0Z4GKkw7tgvXgkYW47XlWYwY4OAkLVfMnlyvQ
lDuluRqiOftirVsgso0SUcwYORnZAU6C2QF/wEwdrNn1JirrYzpq72LyZjUjlpgI
QCF1nHnm73A5lLHgDvh5qdes7dwfN1tyUUsixOYbu7xfe/TqW6R0pPSwanr8HeJL
MqtbX0WH5POdgAkdkF0gWEJt4xyGy5p18jBeC4ov+/akxE/Z/I8w6Su5sn9uclDM
uIFTXvPirDAAqy7+krxR5bSoWsPneOPMaZTHsxo0QDtVpATLoM7blcxR/DvsuOVS
Z8ji27okBPegQ1yXYuws
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:26 2024 by rpki-client on console-ams.rpki-client.org