Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/3YohQRqDSqn7VrB_1rxpyemGA8o.roa
File: 3YohQRqDSqn7VrB_1rxpyemGA8o.roa (raw, json)
Hash identifier: l1M2MOjL3N1OaN8XuSMeGLPe3spJAiYOICco1yH5Vus=
Subject key identifier: DD:8A:21:41:1A:83:4A:A9:FB:56:B0:7F:D6:BC:69:C9:E9:86:03:CA
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 01856F9DF83CCE47BA04D5BD81B6F21843FF
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/3YohQRqDSqn7VrB_1rxpyemGA8o.roa
Signing time: Sun 01 Jan 2023 23:15:01 +0000
ROA not before: Sun 01 Jan 2023 23:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199484
IP address blocks: 185.153.250.0/24 maxlen: 24
185.153.251.0/24 maxlen: 24
185.153.248.0/22 maxlen: 22
185.153.249.0/24 maxlen: 24
185.153.248.0/24 maxlen: 24
2a07:89c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Oct 2023 07:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f8:3c:ce:47:ba:04:d5:bd:81:b6:f2:18:43:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Jan 1 23:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd8a21411a834aa9fb56b07fd6bc69c9e98603ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:77:d1:2a:ad:0d:f4:05:79:3b:37:29:34:b7:
2e:43:af:5e:e8:6f:d8:6a:0d:77:82:3c:c9:f9:5a:
82:9a:a2:0d:a8:91:09:89:2d:9f:21:ca:2b:7c:db:
36:a7:e6:09:35:02:93:8a:04:6d:0a:eb:4b:9b:f2:
90:17:5b:59:24:cb:58:ea:0e:75:0b:33:3d:64:f4:
24:df:55:4e:8a:13:2d:a7:ca:72:bc:8c:a3:fc:2d:
53:cd:f2:41:23:e9:88:85:6d:42:45:58:f9:af:f2:
46:79:f6:b6:b7:15:64:a4:84:c6:75:8e:e6:74:3a:
02:6d:cf:22:44:f1:c3:29:3b:a3:5f:50:29:25:b4:
8c:6a:1e:f0:a4:27:f6:97:c1:81:00:ae:5f:c3:03:
67:f4:5f:e4:f3:b1:e2:c5:b1:c8:85:3e:25:39:82:
3c:03:ae:57:c1:a2:1a:b5:6c:4f:f7:f5:7e:9d:8b:
58:d1:80:ba:75:4c:cd:97:c8:4d:02:fd:5c:fb:2f:
a8:93:ed:2e:67:52:3c:04:df:e5:34:5b:f2:20:c2:
3c:a0:71:3c:9b:24:0e:e0:78:b4:8a:57:a4:da:10:
ec:78:49:52:eb:18:f6:2f:8d:c4:ac:56:b9:a4:32:
10:a9:02:be:3f:b9:d5:60:f6:b2:61:1c:3a:fe:c6:
26:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8A:21:41:1A:83:4A:A9:FB:56:B0:7F:D6:BC:69:C9:E9:86:03:CA
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/3YohQRqDSqn7VrB_1rxpyemGA8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.248.0/22
IPv6:
2a07:89c0::/48
Signature Algorithm: sha256WithRSAEncryption
9f:cd:e5:f7:2f:c7:4c:be:4d:0e:76:64:0c:94:de:11:ce:60:
b8:69:18:64:90:62:43:c1:24:77:63:4f:ff:dd:17:78:c2:e4:
59:8c:45:40:35:8a:25:69:2a:97:00:37:5d:c5:70:a6:64:be:
6e:22:76:94:67:10:d5:75:35:9d:bb:58:f2:91:13:23:21:9c:
9d:7d:42:7f:d9:e3:28:b5:ff:e9:1c:ff:73:50:ba:02:c8:38:
10:41:fd:0a:f4:a7:be:c4:cc:6c:c4:43:0e:75:47:ea:25:42:
1b:54:ca:2d:f1:d1:08:00:ca:00:93:3a:5f:cd:fb:f3:c7:58:
43:40:4a:05:c9:e4:52:cb:45:31:d2:2f:20:8a:f8:81:a7:c6:
e8:26:21:83:af:b3:4d:99:77:24:5c:ee:a3:12:07:6b:bc:fa:
65:e0:71:47:0c:78:b2:b5:1e:f7:cf:99:9e:0a:b8:68:8e:ed:
38:d4:da:7b:a6:30:45:bc:9f:9e:88:27:70:15:3f:ac:bb:d2:
7d:22:9b:c8:e6:27:f2:bf:4c:de:55:9c:86:c0:ed:1f:ca:61:
6c:ce:ce:3b:7b:b8:15:d2:c7:cc:0f:70:d7:ce:62:6e:9f:e6:
9f:d9:f9:33:cc:b6:90:0f:7b:8b:69:ce:db:04:33:a1:f2:28:
94:34:0b:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvnfg8zke6BNW9gbbyGEP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjMwMTAxMjMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDhhMjE0MTFhODM0YWE5ZmI1NmIwN2ZkNmJjNjljOWU5ODYwM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXfRKq0N9AV5OzcpNLcuQ69e6G/Y
ag13gjzJ+VqCmqINqJEJiS2fIcorfNs2p+YJNQKTigRtCutLm/KQF1tZJMtY6g51
CzM9ZPQk31VOihMtp8pyvIyj/C1TzfJBI+mIhW1CRVj5r/JGefa2txVkpITGdY7m
dDoCbc8iRPHDKTujX1ApJbSMah7wpCf2l8GBAK5fwwNn9F/k87HixbHIhT4lOYI8
A65XwaIatWxP9/V+nYtY0YC6dUzNl8hNAv1c+y+ok+0uZ1I8BN/lNFvyIMI8oHE8
myQO4Hi0ilek2hDseElS6xj2L43ErFa5pDIQqQK+P7nVYPayYRw6/sYmnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2KIUEag0qp+1awf9a8acnphgPKMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvM1lvaFFScURTcW43VnJCXzFyeHB5ZW1HQThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuZn4MA8E
AgACMAkDBwAqB4nAAAAwDQYJKoZIhvcNAQELBQADggEBAJ/N5fcvx0y+TQ52ZAyU
3hHOYLhpGGSQYkPBJHdjT//dF3jC5FmMRUA1iiVpKpcAN13FcKZkvm4idpRnENV1
NZ27WPKREyMhnJ19Qn/Z4yi1/+kc/3NQugLIOBBB/Qr0p77EzGzEQw51R+olQhtU
yi3x0QgAygCTOl/N+/PHWENASgXJ5FLLRTHSLyCK+IGnxugmIYOvs02ZdyRc7qMS
B2u8+mXgcUcMeLK1HvfPmZ4KuGiO7TjU2numMEW8n56IJ3AVP6y70n0im8jmJ/K/
TN5VnIbA7R/KYWzOzjt7uBXSx8wPcNfOYm6f5p/Z+TPMtpAPe4tpztsEM6HyKJQ0
C0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:39 2024 by rpki-client on console-ams.rpki-client.org