Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3T8e1f6L6xHSZDA7jy5jHQHP_TA.roa
File: 3T8e1f6L6xHSZDA7jy5jHQHP_TA.roa (raw, json)
Hash identifier: RHmhdFNNnp0S7IFoSKxPxfAv912QVgsvV2w6EGkd7cg=
Subject key identifier: DD:3F:1E:D5:FE:8B:EB:11:D2:64:30:3B:8F:2E:63:1D:01:CF:FD:30
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 018F76E9367475BC30EC298BFF53C9145FC1
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3T8e1f6L6xHSZDA7jy5jHQHP_TA.roa
Signing time: Tue 14 May 2024 11:42:26 +0000
ROA not before: Tue 14 May 2024 11:42:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204650
IP address blocks: 185.82.136.0/22 maxlen: 22
185.201.48.0/24 maxlen: 24
185.201.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 07:19:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:e9:36:74:75:bc:30:ec:29:8b:ff:53:c9:14:5f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: May 14 11:42:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3f1ed5fe8beb11d264303b8f2e631d01cffd30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9a:3a:19:b8:ff:f0:b9:68:df:90:54:55:9d:
ba:13:7c:07:36:b1:76:41:9d:df:e3:80:4f:37:ab:
38:16:8f:a6:97:be:4b:f5:0e:99:45:48:d6:9d:2f:
8a:a3:9f:07:18:d1:81:44:29:dc:95:f4:7b:b4:ce:
4e:8e:7e:8a:f9:ab:60:5b:8f:cb:b2:43:bc:b9:69:
58:69:fe:21:37:6c:3f:98:73:30:16:8f:08:cb:5a:
b3:37:24:c5:e6:9b:e1:80:c0:2a:25:05:b4:d3:84:
b6:94:03:cb:8c:90:74:41:1d:50:1b:d4:f6:37:12:
5a:1d:79:12:0f:fe:0f:86:a7:2b:75:39:26:8e:9a:
de:e7:4c:4c:2b:f6:d8:12:88:fc:74:2b:42:a6:b4:
ba:1e:18:a7:24:90:e8:bf:e1:52:0d:83:f9:23:36:
0b:03:b7:5e:5b:79:21:ad:b0:20:22:ef:8a:e7:c7:
f0:46:63:ac:98:67:90:06:37:da:a4:23:33:b1:a5:
87:0f:3f:2e:3a:97:1b:68:ee:35:bd:a5:f7:2a:8b:
03:51:59:2b:bc:be:a5:51:e0:05:6e:8e:3a:fe:aa:
a2:b7:78:e3:73:10:b6:eb:7b:95:76:4c:31:59:16:
bd:b5:9b:95:d4:ad:32:b0:e6:84:e2:aa:96:70:eb:
ae:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3F:1E:D5:FE:8B:EB:11:D2:64:30:3B:8F:2E:63:1D:01:CF:FD:30
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3T8e1f6L6xHSZDA7jy5jHQHP_TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.136.0/22
185.201.48.0/24
185.201.51.0/24
Signature Algorithm: sha256WithRSAEncryption
67:0e:1a:b4:dc:62:33:74:05:bd:15:98:cb:d6:d3:5a:71:39:
cb:21:13:3b:8d:55:ab:37:2e:75:24:db:07:6c:22:50:b6:da:
82:ea:bd:9d:f7:48:29:1a:45:6c:d8:95:94:63:e1:60:e5:03:
2e:60:5f:65:b1:75:35:6b:c2:0f:dc:08:72:48:ac:2e:aa:62:
74:74:23:37:f7:2e:6a:81:de:72:80:0b:30:04:87:f9:31:79:
f8:45:78:2e:c2:61:ee:3c:78:22:b5:43:f5:e7:23:b2:6e:57:
26:34:e9:4a:88:20:96:26:6a:52:23:3c:0b:f7:a5:c1:ba:a0:
4c:48:6c:cb:5d:83:38:cc:b2:e2:fa:96:09:9f:2b:09:32:e0:
4a:95:b7:ae:50:27:b4:6b:a4:04:00:12:24:8b:40:cd:d7:bd:
7e:1e:b5:e0:61:50:d1:a3:1e:5a:af:8d:4d:c7:47:e5:84:2a:
37:f8:4b:e4:f3:41:bb:52:5d:59:5e:e7:74:8e:15:4e:1e:a9:
8d:bb:ef:d4:09:66:67:58:f8:04:83:a7:8c:56:08:56:6e:fa:
c1:33:64:97:53:75:96:f2:04:6b:10:26:ae:62:39:fa:b4:4a:
0e:30:5b:80:84:4b:50:c3:8a:9f:60:11:2a:54:f9:4d:c8:01:
a0:d0:a6:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY926TZ0dbww7CmL/1PJFF/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwNTE0MTE0MjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNmMWVkNWZlOGJlYjExZDI2NDMwM2I4ZjJlNjMxZDAxY2ZmZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopo6Gbj/8Llo35BUVZ26E3wHNrF2
QZ3f44BPN6s4Fo+ml75L9Q6ZRUjWnS+Ko58HGNGBRCnclfR7tM5Ojn6K+atgW4/L
skO8uWlYaf4hN2w/mHMwFo8Iy1qzNyTF5pvhgMAqJQW004S2lAPLjJB0QR1QG9T2
NxJaHXkSD/4PhqcrdTkmjpre50xMK/bYEoj8dCtCprS6HhinJJDov+FSDYP5IzYL
A7deW3khrbAgIu+K58fwRmOsmGeQBjfapCMzsaWHDz8uOpcbaO41vaX3KosDUVkr
vL6lUeAFbo46/qqit3jjcxC263uVdkwxWRa9tZuV1K0ysOaE4qqWcOuuXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN0/HtX+i+sR0mQwO48uYx0Bz/0wMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvM1Q4ZTFmNkw2eEhTWkRBN2p5NWpIUUhQX1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVKIAwQA
uckwAwQAuckzMA0GCSqGSIb3DQEBCwUAA4IBAQBnDhq03GIzdAW9FZjL1tNacTnL
IRM7jVWrNy51JNsHbCJQttqC6r2d90gpGkVs2JWUY+Fg5QMuYF9lsXU1a8IP3Ahy
SKwuqmJ0dCM39y5qgd5ygAswBIf5MXn4RXguwmHuPHgitUP15yOyblcmNOlKiCCW
JmpSIzwL96XBuqBMSGzLXYM4zLLi+pYJnysJMuBKlbeuUCe0a6QEABIki0DN171+
HrXgYVDRox5ar41Nx0flhCo3+Evk80G7Ul1ZXud0jhVOHqmNu+/UCWZnWPgEg6eM
VghWbvrBM2SXU3WW8gRrECauYjn6tEoOMFuAhEtQw4qfYBEqVPlNyAGg0Kbl
-----END CERTIFICATE-----
Generated at Tue Jul 23 09:23:39 2024 by rpki-client on console-ams.rpki-client.org