Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3XFRQIDJc3XzAAb4LWc5LGuecDY.roa
File: 3XFRQIDJc3XzAAb4LWc5LGuecDY.roa (raw, json)
Hash identifier: 1XUF59oqBaa2FLyNW9gJW424z/0qwmBQQ5qpv3x8m1s=
Subject key identifier: DD:71:51:40:80:C9:73:75:F3:00:06:F8:2D:67:39:2C:6B:9E:70:36
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01922F5A6F3EFF4D6B3BCBE8BF5A5ED369DF
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3XFRQIDJc3XzAAb4LWc5LGuecDY.roa
Signing time: Thu 26 Sep 2024 17:21:48 +0000
ROA not before: Thu 26 Sep 2024 17:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214526
IP address blocks: 45.11.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Oct 2024 16:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:5a:6f:3e:ff:4d:6b:3b:cb:e8:bf:5a:5e:d3:69:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Sep 26 17:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd71514080c97375f30006f82d67392c6b9e7036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0d:91:47:71:ae:c9:56:89:6d:39:eb:b9:97:
ab:ff:3d:5e:a4:f3:32:55:1d:54:96:ed:e2:17:a7:
de:6f:7c:47:2b:3e:b9:ab:91:b1:26:48:b8:25:ce:
09:1c:e8:e3:0d:1a:fa:b5:6c:3a:72:30:0a:c3:b7:
d5:f6:81:c8:34:2d:1b:8d:9b:bf:cb:15:c5:8f:f1:
81:63:68:f9:da:47:89:e4:40:e2:b8:05:63:9f:13:
33:f7:2c:95:c0:3b:f7:42:85:f9:42:d0:1d:6c:ab:
4e:b2:70:b2:e3:bb:f1:11:1c:19:65:43:00:4b:96:
7e:5f:76:f0:d3:ff:f0:31:5b:98:cc:31:e1:f8:60:
4b:1b:cc:e9:4a:0e:98:92:f8:8e:e4:7d:0e:be:47:
85:18:a0:84:26:1b:0c:2b:d5:fa:46:9d:fd:9f:ef:
38:67:5d:da:1c:65:bf:43:6a:1d:a2:c3:1b:61:03:
6c:80:ef:35:f2:d2:5d:a4:e3:bd:f5:23:3b:00:be:
1e:ac:27:07:88:84:e2:ca:b9:6e:99:79:3d:bb:4d:
77:6e:7d:8b:cc:0e:59:a7:6c:70:31:f1:03:f2:36:
1a:89:45:06:12:72:ee:12:d2:3c:be:85:d7:ad:81:
9f:d5:43:de:82:eb:35:77:8a:45:7e:73:3d:44:0a:
f9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:71:51:40:80:C9:73:75:F3:00:06:F8:2D:67:39:2C:6B:9E:70:36
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/3XFRQIDJc3XzAAb4LWc5LGuecDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.185.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:ff:c6:03:02:23:82:9d:66:85:0f:25:ca:58:67:67:b0:ce:
58:cf:16:7f:9d:cb:d8:5b:9b:6c:b3:89:8c:67:3e:10:f3:3e:
ea:e0:5e:d9:3d:b9:bd:c6:45:55:50:13:5e:ae:cd:0c:85:80:
3a:14:8e:05:8f:0b:5b:f4:9f:46:f5:f7:fb:d3:d9:7b:73:4e:
ad:39:ab:32:b6:0e:92:4c:cb:38:2d:25:18:09:21:75:42:d0:
2f:aa:10:f0:57:71:36:25:63:ee:bb:e1:e8:c6:b6:a2:6f:f2:
e0:40:27:6d:94:35:1b:ae:d9:79:cb:96:99:43:36:24:3a:e3:
4a:54:41:6c:56:d5:c9:8c:66:82:e4:eb:71:6a:65:29:f0:37:
a2:98:63:21:8a:e2:01:af:4b:7d:4d:e1:f0:c7:7a:96:86:9f:
9d:33:51:ac:7e:a3:97:3d:05:3b:fc:78:3b:72:e7:4b:e7:22:
b7:88:c6:ed:a1:28:7b:18:fd:0f:a7:24:80:7a:c0:4d:ac:a9:
7b:57:5b:d1:3f:bd:ae:53:5d:a9:05:1f:51:2d:9c:33:fb:71:
2f:89:47:ce:17:d7:f9:f4:93:29:99:43:f2:ae:86:dd:89:8b:
93:01:de:05:d1:94:b3:90:9a:cc:fc:b5:64:86:af:22:5b:a4:
34:98:76:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIvWm8+/01rO8vov1pe02nfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwOTI2MTcyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDcxNTE0MDgwYzk3Mzc1ZjMwMDA2ZjgyZDY3MzkyYzZiOWU3MDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Q2RR3GuyVaJbTnruZer/z1epPMy
VR1Ulu3iF6feb3xHKz65q5GxJki4Jc4JHOjjDRr6tWw6cjAKw7fV9oHINC0bjZu/
yxXFj/GBY2j52keJ5EDiuAVjnxMz9yyVwDv3QoX5QtAdbKtOsnCy47vxERwZZUMA
S5Z+X3bw0//wMVuYzDHh+GBLG8zpSg6YkviO5H0OvkeFGKCEJhsMK9X6Rp39n+84
Z13aHGW/Q2odosMbYQNsgO818tJdpOO99SM7AL4erCcHiITiyrlumXk9u013bn2L
zA5Zp2xwMfED8jYaiUUGEnLuEtI8voXXrYGf1UPegus1d4pFfnM9RAr5DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1xUUCAyXN18wAG+C1nOSxrnnA2MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvM1hGUlFJREpjM1h6QUFiNExXYzVMR3VlY0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu5MA0G
CSqGSIb3DQEBCwUAA4IBAQAf/8YDAiOCnWaFDyXKWGdnsM5YzxZ/ncvYW5tss4mM
Zz4Q8z7q4F7ZPbm9xkVVUBNers0MhYA6FI4Fjwtb9J9G9ff709l7c06tOasytg6S
TMs4LSUYCSF1QtAvqhDwV3E2JWPuu+Hoxraib/LgQCdtlDUbrtl5y5aZQzYkOuNK
VEFsVtXJjGaC5OtxamUp8DeimGMhiuIBr0t9TeHwx3qWhp+dM1GsfqOXPQU7/Hg7
cudL5yK3iMbtoSh7GP0PpySAesBNrKl7V1vRP72uU12pBR9RLZwz+3EviUfOF9f5
9JMpmUPyrobdiYuTAd4F0ZSzkJrM/LVkhq8iW6Q0mHaG
-----END CERTIFICATE-----
Generated at Sun Oct 6 20:02:10 2024 by rpki-client on console-fra.rpki-client.org