Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/3c1FM6RrCERABd7_DqEr6Usb0QM.roa
File: 3c1FM6RrCERABd7_DqEr6Usb0QM.roa (raw, json)
Hash identifier: vvb+FqJ6UpE3JOd4wHg63fU2gLq7GWFtMr0gkJ4JQkQ=
Subject key identifier: DD:CD:45:33:A4:6B:08:44:40:05:DE:FF:0E:A1:2B:E9:4B:1B:D1:03
Certificate issuer: /CN=86758d8a7ed21a74172cceec338c64d36b0378d4
Certificate serial: 018FCE7F698E8291E21C70CE904CF1D7B412
Authority key identifier: 86:75:8D:8A:7E:D2:1A:74:17:2C:CE:EC:33:8C:64:D3:6B:03:78:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hnWNin7SGnQXLM7sM4xk02sDeNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/3c1FM6RrCERABd7_DqEr6Usb0QM.roa
Signing time: Fri 31 May 2024 11:53:27 +0000
ROA not before: Fri 31 May 2024 11:53:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48704
IP address blocks: 78.41.141.0/24 maxlen: 24
185.171.220.0/22 maxlen: 24
2a0d:9d40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jun 2024 09:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:7f:69:8e:82:91:e2:1c:70:ce:90:4c:f1:d7:b4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86758d8a7ed21a74172cceec338c64d36b0378d4
Validity
Not Before: May 31 11:53:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddcd4533a46b08444005deff0ea12be94b1bd103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:02:80:78:ff:c2:b1:db:cb:1f:86:f2:2c:0a:
41:e4:78:6e:d9:de:33:a1:05:86:21:6e:b6:90:2e:
ae:2f:c3:3a:40:de:9b:ac:1f:00:a6:0e:bf:9a:5a:
55:9e:aa:ed:96:64:16:ad:e0:c2:74:1d:7e:21:14:
19:13:c4:f6:86:0d:64:2e:63:45:fd:ca:6f:43:e2:
9d:11:16:ed:87:6d:5f:d5:0e:a3:7a:ac:d2:bd:83:
7d:67:d6:59:31:70:39:f3:fc:47:a9:0b:a0:fd:5e:
7b:a3:15:d0:8c:4d:ea:65:61:fa:6c:2a:5b:f6:56:
1a:81:b5:9f:8d:9f:c9:e6:3f:63:f5:9a:58:30:76:
8d:68:62:1d:22:62:a3:d7:7c:76:54:7c:29:f0:14:
28:d6:50:ed:68:03:16:e8:e3:e7:6c:5e:3e:21:02:
dd:a1:2a:79:c4:ed:fd:24:f8:bd:8f:24:95:d0:ef:
ba:cb:5b:0a:7e:64:0c:d1:35:25:f8:b2:47:a7:b9:
a4:b4:9c:f5:42:bc:59:56:f7:c6:e8:17:8f:37:b2:
ae:b6:81:4c:ff:c3:1e:da:85:be:fb:ce:29:27:88:
49:7a:10:99:4d:93:35:27:ac:0f:32:0f:c4:4a:75:
14:1c:53:04:02:da:cb:05:fb:30:3b:5e:0a:9d:33:
e6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CD:45:33:A4:6B:08:44:40:05:DE:FF:0E:A1:2B:E9:4B:1B:D1:03
X509v3 Authority Key Identifier:
keyid:86:75:8D:8A:7E:D2:1A:74:17:2C:CE:EC:33:8C:64:D3:6B:03:78:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hnWNin7SGnQXLM7sM4xk02sDeNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/3c1FM6RrCERABd7_DqEr6Usb0QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/hnWNin7SGnQXLM7sM4xk02sDeNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.141.0/24
185.171.220.0/22
IPv6:
2a0d:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
21:e3:6f:7b:8a:10:6f:69:8f:16:9b:92:e6:10:b7:2a:91:d6:
85:e4:6f:aa:59:db:aa:5b:e3:6a:0d:9b:99:13:8b:ab:f9:68:
7d:a5:7b:86:e1:16:2d:ca:d2:0b:19:28:2c:14:cc:27:8e:77:
37:01:7f:c5:11:e1:f5:04:24:b9:15:3c:c3:39:6a:8f:d9:5d:
3a:b9:3d:e3:6e:c9:f7:8f:78:56:ee:cf:94:0e:7a:ae:a7:eb:
24:7a:e3:12:7f:bb:47:0c:1c:84:b8:a2:b8:1f:08:6c:cc:09:
58:e4:87:f1:92:8d:28:a9:8d:ca:8e:95:4d:b1:a0:99:64:02:
3b:b1:6e:5b:aa:53:8d:e4:29:fa:2d:fe:7f:e9:06:c7:b3:b5:
4a:06:58:37:56:ed:cf:7c:30:21:82:bd:67:f5:39:15:a9:57:
38:5d:16:d2:2d:40:d3:a7:f7:79:75:5b:12:d1:a3:10:3c:84:
1c:21:8e:84:17:38:96:d2:dc:69:fa:ca:7c:5f:8d:ce:31:30:
37:56:34:88:5d:72:81:0c:75:b6:ac:91:ee:4b:51:0b:c1:41:
80:b4:b8:bc:6d:4e:e0:e7:ff:48:15:58:c7:32:1f:ae:74:7c:
45:6e:d1:0e:f4:f9:6b:17:24:e5:21:da:b4:30:34:48:3d:79:
7a:97:77:ba
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/Of2mOgpHiHHDOkEzx17QSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NzU4ZDhhN2VkMjFhNzQxNzJjY2VlYzMzOGM2NGQzNmIw
Mzc4ZDQwHhcNMjQwNTMxMTE1MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGNkNDUzM2E0NmIwODQ0NDAwNWRlZmYwZWExMmJlOTRiMWJkMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQKAeP/CsdvLH4byLApB5Hhu2d4z
oQWGIW62kC6uL8M6QN6brB8Apg6/mlpVnqrtlmQWreDCdB1+IRQZE8T2hg1kLmNF
/cpvQ+KdERbth21f1Q6jeqzSvYN9Z9ZZMXA58/xHqQug/V57oxXQjE3qZWH6bCpb
9lYagbWfjZ/J5j9j9ZpYMHaNaGIdImKj13x2VHwp8BQo1lDtaAMW6OPnbF4+IQLd
oSp5xO39JPi9jySV0O+6y1sKfmQM0TUl+LJHp7mktJz1QrxZVvfG6BePN7KutoFM
/8Me2oW++84pJ4hJehCZTZM1J6wPMg/ESnUUHFMEAtrLBfswO14KnTPmOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN3NRTOkawhEQAXe/w6hK+lLG9EDMB8GA1UdIwQY
MBaAFIZ1jYp+0hp0FyzO7DOMZNNrA3jUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG5XTmluN1NHblFYTE03c000eGswMnNEZU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNTVhOWItMmZhMC00YWY0LTkwZGQt
Y2RhY2I4NDY3MTg3LzEvM2MxRk02UnJDRVJBQmQ3X0RxRXI2VXNiMFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNTVhOWItMmZhMC00YWY0LTkwZGQtY2RhY2I4NDY3MTg3
LzEvaG5XTmluN1NHblFYTE03c000eGswMnNEZU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATimNAwQC
uavcMA0EAgACMAcDBQMqDZ1AMA0GCSqGSIb3DQEBCwUAA4IBAQAh4297ihBvaY8W
m5LmELcqkdaF5G+qWduqW+NqDZuZE4ur+Wh9pXuG4RYtytILGSgsFMwnjnc3AX/F
EeH1BCS5FTzDOWqP2V06uT3jbsn3j3hW7s+UDnqup+skeuMSf7tHDByEuKK4Hwhs
zAlY5Ifxko0oqY3KjpVNsaCZZAI7sW5bqlON5Cn6Lf5/6QbHs7VKBlg3Vu3PfDAh
gr1n9TkVqVc4XRbSLUDTp/d5dVsS0aMQPIQcIY6EFziW0txp+sp8X43OMTA3VjSI
XXKBDHW2rJHuS1ELwUGAtLi8bU7g5/9IFVjHMh+udHxFbtEO9PlrFyTlIdq0MDRI
PXl6l3e6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:05 2024 by rpki-client on console-fra.rpki-client.org