Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/3e-_nRW2VqpB2UQpzn01sD82m7E.roa
File: 3e-_nRW2VqpB2UQpzn01sD82m7E.roa (raw, json)
Hash identifier: F1077QnT3f9aCjG2OyBU9wWGh7OYKvo6CzMPmErkDqg=
Subject key identifier: DD:EF:BF:9D:15:B6:56:AA:41:D9:44:29:CE:7D:35:B0:3F:36:9B:B1
Certificate issuer: /CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Certificate serial: 01856D53FC4EBC98E61EC8A2B766BBEF57BF
Authority key identifier: 12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/3e-_nRW2VqpB2UQpzn01sD82m7E.roa
Signing time: Sun 01 Jan 2023 12:34:58 +0000
ROA not before: Sun 01 Jan 2023 12:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35584
IP address blocks: 193.200.200.0/24 maxlen: 24
89.33.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:fc:4e:bc:98:e6:1e:c8:a2:b7:66:bb:ef:57:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Validity
Not Before: Jan 1 12:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddefbf9d15b656aa41d94429ce7d35b03f369bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4b:1d:74:90:55:0a:d0:ba:db:84:c4:4f:f1:
07:77:fc:61:c2:c5:7c:06:2d:f4:c1:3d:88:93:30:
13:fe:8b:96:37:3a:e3:ef:72:17:bf:87:bc:66:dd:
aa:27:28:8d:b6:4e:78:68:70:93:2b:bf:b1:97:2d:
84:28:1f:d8:da:cd:14:86:94:ac:84:62:7e:cf:a6:
f2:f4:36:bf:91:ac:f5:8b:7c:a7:af:89:02:a1:18:
a3:c6:f3:ea:9c:2f:be:cf:69:dd:92:09:cd:09:42:
73:b8:2f:3d:9c:cd:f6:0d:6a:41:6c:90:41:1d:12:
27:4f:34:e1:f0:5b:ed:18:6a:0f:c3:54:b4:bc:4e:
bf:a0:d0:11:51:e2:fa:2e:33:eb:ac:19:03:60:9a:
b7:2c:24:88:47:cf:af:ef:95:d3:b9:83:07:7d:f5:
1d:a5:9c:77:40:ec:05:5a:aa:d5:b8:88:40:32:95:
fb:19:b9:c0:ad:c0:ba:ab:ec:1c:cb:ef:70:87:eb:
1f:de:d9:08:dc:75:36:e0:d5:e8:a2:42:d3:75:36:
68:73:56:03:25:09:46:a6:c8:37:f7:4a:b4:4d:02:
ce:d2:70:b4:24:30:20:72:ab:42:8d:d1:54:43:f5:
cc:56:82:cf:10:9d:19:16:e9:b6:c3:9e:ad:ff:78:
f1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EF:BF:9D:15:B6:56:AA:41:D9:44:29:CE:7D:35:B0:3F:36:9B:B1
X509v3 Authority Key Identifier:
keyid:12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/3e-_nRW2VqpB2UQpzn01sD82m7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/EmlPaUWiHQjTAZLPwaa3gN5yjjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.96.0/22
193.200.200.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:08:14:2a:a3:ad:e9:9c:51:6b:57:45:73:8b:eb:36:a5:64:
8d:bd:d7:bb:c1:46:aa:ed:f5:95:0b:89:4d:5a:5d:ed:c0:3d:
5c:f4:5a:57:17:c8:2d:76:94:af:ba:78:8e:16:a1:b6:e3:e9:
3b:8f:d7:95:62:0d:d1:bf:d1:1b:fd:61:f9:b2:b8:ad:e5:65:
bb:9a:cf:ba:75:9a:d6:03:a1:77:cb:fa:fc:83:9f:4e:25:09:
f6:35:37:a5:d3:88:25:7d:24:92:83:e8:49:e1:73:d1:05:93:
1f:a2:ee:ad:73:1a:cf:86:bd:96:48:cd:23:6b:51:e8:e1:19:
b4:d5:6b:37:58:f9:a3:dc:84:94:fb:37:a2:a3:9b:46:01:7d:
7e:3c:17:0a:ae:75:26:72:91:50:38:26:48:b4:2e:22:f3:2f:
6e:8e:db:49:1d:3a:49:49:24:7e:26:22:c0:2c:f1:24:a7:5d:
7d:10:1a:59:0b:2e:5f:1f:71:ee:83:cf:89:23:53:e0:1e:5f:
9a:2d:e5:3b:ec:a7:0a:fc:f3:d8:f6:ee:d6:c3:4e:e5:2b:93:
e2:97:79:6a:bc:42:99:24:95:58:c8:13:35:84:13:74:6e:77:
3b:44:ed:b4:34:eb:51:f4:34:fd:8e:5d:8d:6c:85:a5:5c:fd:
f9:9e:ef:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtU/xOvJjmHsiit2a771e/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNjk0ZjY5NDVhMjFkMDhkMzAxOTJjZmMxYTZiNzgwZGU3
MjhlM2IwHhcNMjMwMTAxMTIzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGVmYmY5ZDE1YjY1NmFhNDFkOTQ0MjljZTdkMzViMDNmMzY5YmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEsddJBVCtC624TET/EHd/xhwsV8
Bi30wT2IkzAT/ouWNzrj73IXv4e8Zt2qJyiNtk54aHCTK7+xly2EKB/Y2s0UhpSs
hGJ+z6by9Da/kaz1i3ynr4kCoRijxvPqnC++z2ndkgnNCUJzuC89nM32DWpBbJBB
HRInTzTh8FvtGGoPw1S0vE6/oNARUeL6LjPrrBkDYJq3LCSIR8+v75XTuYMHffUd
pZx3QOwFWqrVuIhAMpX7GbnArcC6q+wcy+9wh+sf3tkI3HU24NXookLTdTZoc1YD
JQlGpsg390q0TQLO0nC0JDAgcqtCjdFUQ/XMVoLPEJ0ZFum2w56t/3jxgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN3vv50VtlaqQdlEKc59NbA/NpuxMB8GA1UdIwQY
MBaAFBJpT2lFoh0I0wGSz8Gmt4Deco47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDkt
NjU5OGI0Y2ViMDY5LzEvM2UtX25SVzJWcXBCMlVRcHpuMDFzRDgybTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDktNjU5OGI0Y2ViMDY5
LzEvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSFgAwQA
wcjIMA0GCSqGSIb3DQEBCwUAA4IBAQBdCBQqo63pnFFrV0Vzi+s2pWSNvde7wUaq
7fWVC4lNWl3twD1c9FpXF8gtdpSvuniOFqG24+k7j9eVYg3Rv9Eb/WH5srit5WW7
ms+6dZrWA6F3y/r8g59OJQn2NTel04glfSSSg+hJ4XPRBZMfou6tcxrPhr2WSM0j
a1Ho4Rm01Ws3WPmj3ISU+zeio5tGAX1+PBcKrnUmcpFQOCZItC4i8y9ujttJHTpJ
SSR+JiLALPEkp119EBpZCy5fH3Hug8+JI1PgHl+aLeU77KcK/PPY9u7Ww07lK5Pi
l3lqvEKZJJVYyBM1hBN0bnc7RO20NOtR9DT9jl2NbIWlXP35nu+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org