Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/3HHn21m4PDNXhv4AsaoIWBM6j-M.roa
File: 3HHn21m4PDNXhv4AsaoIWBM6j-M.roa (raw, json)
Hash identifier: uB862nFVnzuAjqq3uCRXdGFsMBCOR8QZzgQ5UYfTxc8=
Subject key identifier: DC:71:E7:DB:59:B8:3C:33:57:86:FE:00:B1:AA:08:58:13:3A:8F:E3
Certificate issuer: /CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Certificate serial: 018CC42455E8E4760388978F7E0911424645
Authority key identifier: 9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/3HHn21m4PDNXhv4AsaoIWBM6j-M.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35266
IP address blocks: 185.81.188.0/22 maxlen: 24
46.30.8.0/21 maxlen: 24
2a01:b000::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Nov 2024 15:41:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:55:e8:e4:76:03:88:97:8f:7e:09:11:42:46:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc71e7db59b83c335786fe00b1aa0858133a8fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:88:a7:27:fc:33:a3:98:22:69:a4:43:68:cb:
cf:13:a7:ff:ec:2d:a7:94:17:e7:82:3d:fd:1c:96:
61:08:3e:e3:0d:99:84:14:a0:dd:f3:9b:6b:1d:50:
3b:e9:f8:07:c0:24:39:25:61:88:61:c8:e2:c4:f1:
17:8c:55:3a:f4:8b:a2:3a:cc:b3:b6:e2:35:d9:ea:
2b:d3:75:26:7c:ea:ba:80:f9:f8:d9:d4:42:de:4c:
ee:ec:ec:79:3f:8c:d3:d3:cc:6d:40:ea:32:23:1d:
2b:dc:9a:da:10:73:ce:ab:7d:ee:75:61:44:87:a6:
5f:f9:9b:0a:1a:d4:3d:b1:6a:68:09:be:32:e8:e9:
37:83:8f:ba:17:03:e2:ab:c8:46:e4:9d:52:a9:5d:
ff:c5:82:b4:0b:62:30:26:0d:d1:7c:25:50:66:96:
fb:51:95:b5:2f:c0:00:9c:e9:fe:ef:9b:7a:c8:6d:
10:5e:b7:5b:71:a9:ce:ec:d0:9e:81:f6:a7:21:10:
a5:b9:95:84:d8:8c:57:95:49:52:29:b6:6e:57:b6:
d4:ff:4f:44:43:ad:ad:6a:6a:33:9e:da:30:41:cf:
39:0a:54:9f:3d:07:cc:a8:e0:01:e7:b2:25:d1:83:
27:40:fd:46:c3:00:47:ae:cf:a1:80:a5:3d:29:3f:
c2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:71:E7:DB:59:B8:3C:33:57:86:FE:00:B1:AA:08:58:13:3A:8F:E3
X509v3 Authority Key Identifier:
keyid:9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/3HHn21m4PDNXhv4AsaoIWBM6j-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/nQp0muJcHLtlhx1BanmrSohKxGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.8.0/21
185.81.188.0/22
IPv6:
2a01:b000::/32
Signature Algorithm: sha256WithRSAEncryption
76:1f:a3:ea:71:04:54:8c:1b:7a:11:10:f2:e2:61:c6:4f:5c:
94:28:46:05:86:7a:0b:9d:2a:ae:9b:85:87:90:33:66:be:f3:
bd:c2:c0:3f:82:af:ce:2e:35:58:22:5e:a6:e9:cf:44:46:23:
f2:da:d4:f0:45:a3:20:1f:9c:3e:01:6a:78:ba:f1:16:82:3d:
e9:67:d1:4e:3b:30:5b:31:dd:ab:e8:5c:2c:57:fa:f0:b3:94:
67:72:10:e4:84:64:07:b7:e4:75:5f:e3:cf:22:2b:43:3b:8e:
97:20:e1:11:19:35:49:33:89:2a:48:f7:96:b9:1b:de:9e:a2:
57:12:82:f6:75:34:33:8e:04:c3:74:9c:9b:4a:ef:f6:f4:f3:
3d:74:50:d3:0f:63:15:a4:12:92:79:1c:e4:24:15:18:31:27:
9d:ba:8b:8e:c1:d1:36:c7:ed:24:ec:d6:68:d4:b6:a6:6e:0c:
84:49:c5:db:cf:fc:bd:89:1c:02:ac:92:17:a7:e1:79:0d:47:
51:69:07:d4:2e:7b:b9:6c:d0:27:32:dd:e6:8c:a7:89:fa:d1:
a4:66:77:35:db:7d:05:a6:ad:33:6f:ef:33:b9:86:f8:13:17:
ee:5e:3e:50:4d:f3:4a:9c:df:7a:3f:a2:b1:92:18:fa:7c:1a:
9d:16:03:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJFXo5HYDiJePfgkRQkZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMGE3NDlhZTI1YzFjYmI2NTg3MWQ0MTZhNzlhYjRhODg0
YWM0NjgwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzcxZTdkYjU5YjgzYzMzNTc4NmZlMDBiMWFhMDg1ODEzM2E4ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4inJ/wzo5giaaRDaMvPE6f/7C2n
lBfngj39HJZhCD7jDZmEFKDd85trHVA76fgHwCQ5JWGIYcjixPEXjFU69IuiOsyz
tuI12eor03UmfOq6gPn42dRC3kzu7Ox5P4zT08xtQOoyIx0r3JraEHPOq33udWFE
h6Zf+ZsKGtQ9sWpoCb4y6Ok3g4+6FwPiq8hG5J1SqV3/xYK0C2IwJg3RfCVQZpb7
UZW1L8AAnOn+75t6yG0QXrdbcanO7NCegfanIRCluZWE2IxXlUlSKbZuV7bU/09E
Q62tamozntowQc85ClSfPQfMqOAB57Il0YMnQP1GwwBHrs+hgKU9KT/CsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNxx59tZuDwzV4b+ALGqCFgTOo/jMB8GA1UdIwQY
MBaAFJ0KdJriXBy7ZYcdQWp5q0qISsRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYt
MWE2ZDNjOTlkYzQ4LzEvM0hIbjIxbTRQRE5YaHY0QXNhb0lXQk02ai1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYtMWE2ZDNjOTlkYzQ4
LzEvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLh4IAwQC
uVG8MA0EAgACMAcDBQAqAbAAMA0GCSqGSIb3DQEBCwUAA4IBAQB2H6PqcQRUjBt6
ERDy4mHGT1yUKEYFhnoLnSqum4WHkDNmvvO9wsA/gq/OLjVYIl6m6c9ERiPy2tTw
RaMgH5w+AWp4uvEWgj3pZ9FOOzBbMd2r6FwsV/rws5RnchDkhGQHt+R1X+PPIitD
O46XIOERGTVJM4kqSPeWuRvenqJXEoL2dTQzjgTDdJybSu/29PM9dFDTD2MVpBKS
eRzkJBUYMSeduouOwdE2x+0k7NZo1LambgyEScXbz/y9iRwCrJIXp+F5DUdRaQfU
Lnu5bNAnMt3mjKeJ+tGkZnc1230Fpq0zb+8zuYb4ExfuXj5QTfNKnN96P6Kxkhj6
fBqdFgOZ
-----END CERTIFICATE-----
Generated at Thu Nov 14 20:03:55 2024 by rpki-client on console-ams.rpki-client.org