Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3ycJ3N88AhKNUtkpLtxA64VC-lI.roa
File: 3ycJ3N88AhKNUtkpLtxA64VC-lI.roa (raw, json)
Hash identifier: tN4rrwxfWE9Wf36pltjI2Ntlm8hwezFjOSSL62as2QI=
Subject key identifier: DF:27:09:DC:DF:3C:02:12:8D:52:D9:29:2E:DC:40:EB:85:42:FA:52
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B60FED78915491BEF4C5A6852887E2B59
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3ycJ3N88AhKNUtkpLtxA64VC-lI.roa
Signing time: Tue 24 Oct 2023 09:23:15 +0000
ROA not before: Tue 24 Oct 2023 09:23:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212384
IP address blocks: 194.5.66.0/24 maxlen: 24
45.147.225.0/24 maxlen: 24
185.108.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:fe:d7:89:15:49:1b:ef:4c:5a:68:52:88:7e:2b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 24 09:23:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df2709dcdf3c02128d52d9292edc40eb8542fa52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e8:b0:da:b2:a3:92:38:75:55:1e:67:f8:a8:
ec:cc:3e:94:e7:13:58:6d:ba:05:18:90:50:8d:c5:
f6:ec:63:12:da:00:42:75:eb:27:2c:68:17:01:ef:
62:2f:24:a2:c6:33:72:e6:61:16:c0:ae:45:71:60:
3b:67:31:14:ee:91:c2:f1:4d:fb:69:ea:3c:25:49:
b7:b1:3a:05:b7:1c:20:d9:16:d2:83:9e:da:b3:01:
88:f4:fd:d8:7d:0a:50:e3:53:65:b7:12:99:b8:c9:
1c:47:ab:a1:83:11:99:f0:4a:8c:c1:ef:81:3b:b4:
99:97:6a:81:2d:4f:6b:8e:94:79:de:b9:5a:95:0d:
4b:d7:85:b5:85:7a:9e:4d:ba:9e:11:19:c8:12:92:
38:f2:7d:43:23:11:88:c0:a0:04:c4:c0:57:81:08:
1c:fb:98:0a:0a:78:62:71:66:f3:05:6d:b0:90:53:
20:fa:8b:29:b2:f5:2a:5a:b8:a7:99:49:e6:15:9c:
c8:3e:2b:91:20:ca:3f:0d:99:c6:45:ab:3d:82:ac:
20:de:d5:2d:e5:37:c5:49:74:75:e6:93:2c:79:0a:
8c:cc:1a:ce:8a:00:b2:4d:15:0b:43:37:00:5c:54:
e7:91:1f:c4:bb:1d:4b:7c:91:1d:6a:ba:82:0e:7c:
d2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:27:09:DC:DF:3C:02:12:8D:52:D9:29:2E:DC:40:EB:85:42:FA:52
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3ycJ3N88AhKNUtkpLtxA64VC-lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.225.0/24
185.108.207.0/24
194.5.66.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:f8:a2:94:e7:04:cc:da:6b:36:65:2a:4a:f4:21:ce:31:29:
ec:da:ab:69:fd:4a:b8:f8:27:ad:78:a6:b1:3c:b3:c8:f6:69:
06:91:69:8e:1f:b5:d9:9f:ee:e5:67:51:85:bf:34:10:6d:63:
c9:1a:a5:d6:17:bc:57:f5:11:9c:1a:2d:ca:46:b4:6c:70:c1:
59:37:1f:78:b4:87:57:6c:d6:0e:c6:29:c5:e9:19:5f:9f:c3:
5d:22:b2:2a:30:be:3e:4e:a8:25:ac:87:5e:ba:c8:74:b2:f2:
d6:a3:66:38:fd:2d:8d:db:c1:c1:59:52:be:66:bb:3a:d2:65:
b3:83:6e:b8:e8:84:7b:bc:94:90:c9:f4:f6:06:05:f1:90:aa:
6d:7e:59:16:ca:07:bd:60:4e:38:5f:fa:73:55:5e:cd:f3:3f:
80:2a:7f:97:93:c3:ca:57:f1:16:86:6f:7d:a9:11:d0:53:35:
4d:7b:65:d6:5f:5e:b0:ef:4b:fe:f9:95:8b:0d:0a:71:f4:9a:
cc:73:5d:f6:87:aa:e2:e8:83:a9:e0:0b:a0:3a:a2:59:88:46:
05:0c:eb:4a:69:5f:45:db:24:3d:f4:22:18:c5:4a:58:ab:84:
2f:89:11:9b:d0:47:60:41:23:57:4e:04:52:e5:be:42:82:68:
93:c2:d5:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtg/teJFUkb70xaaFKIfitZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDI0MDkyMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjI3MDlkY2RmM2MwMjEyOGQ1MmQ5MjkyZWRjNDBlYjg1NDJmYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uiw2rKjkjh1VR5n+KjszD6U5xNY
bboFGJBQjcX27GMS2gBCdesnLGgXAe9iLySixjNy5mEWwK5FcWA7ZzEU7pHC8U37
aeo8JUm3sToFtxwg2RbSg57aswGI9P3YfQpQ41NltxKZuMkcR6uhgxGZ8EqMwe+B
O7SZl2qBLU9rjpR53rlalQ1L14W1hXqeTbqeERnIEpI48n1DIxGIwKAExMBXgQgc
+5gKCnhicWbzBW2wkFMg+ospsvUqWrinmUnmFZzIPiuRIMo/DZnGRas9gqwg3tUt
5TfFSXR15pMseQqMzBrOigCyTRULQzcAXFTnkR/Eux1LfJEdarqCDnzS+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8nCdzfPAISjVLZKS7cQOuFQvpSMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM3ljSjNOODhBaEtOVXRrcEx0eEE2NFZDLWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZPhAwQA
uWzPAwQAwgVCMA0GCSqGSIb3DQEBCwUAA4IBAQBf+KKU5wTM2ms2ZSpK9CHOMSns
2qtp/Uq4+CeteKaxPLPI9mkGkWmOH7XZn+7lZ1GFvzQQbWPJGqXWF7xX9RGcGi3K
RrRscMFZNx94tIdXbNYOxinF6Rlfn8NdIrIqML4+TqglrIdeush0svLWo2Y4/S2N
28HBWVK+Zrs60mWzg2646IR7vJSQyfT2BgXxkKptflkWyge9YE44X/pzVV7N8z+A
Kn+Xk8PKV/EWhm99qRHQUzVNe2XWX16w70v++ZWLDQpx9JrMc132h6ri6IOp4Aug
OqJZiEYFDOtKaV9F2yQ99CIYxUpYq4QviRGb0EdgQSNXTgRS5b5CgmiTwtUy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org