Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/3S6GwYjJhnOduefxPoJCDBAHSyQ.roa
File: 3S6GwYjJhnOduefxPoJCDBAHSyQ.roa (raw, json)
Hash identifier: wHjlt8rLLUhpXpnnpbDfRbNcUkXkKmnfThSXKGPNCYk=
Subject key identifier: DD:2E:86:C1:88:C9:86:73:9D:B9:E7:F1:3E:82:42:0C:10:07:4B:24
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01856EC233B5B5FFD14A30800B76B5E65011
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/3S6GwYjJhnOduefxPoJCDBAHSyQ.roa
Signing time: Sun 01 Jan 2023 19:14:59 +0000
ROA not before: Sun 01 Jan 2023 19:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42846
IP address blocks: 89.252.137.0/24 maxlen: 24
89.252.134.0/24 maxlen: 24
89.252.138.0/24 maxlen: 24
31.192.212.0/24 maxlen: 24
89.252.159.0/24 maxlen: 24
31.192.214.0/24 maxlen: 24
159.253.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:33:b5:b5:ff:d1:4a:30:80:0b:76:b5:e6:50:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 19:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd2e86c188c986739db9e7f13e82420c10074b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:14:a9:e6:d5:1e:cf:c2:05:25:40:26:38:
2d:96:ba:cd:53:07:aa:4f:d2:c7:3a:3e:86:27:88:
9c:ef:17:90:90:0f:69:8a:85:d8:79:e0:2a:45:27:
5c:4c:03:3e:7a:34:26:7e:c7:15:a7:3d:b9:82:25:
a6:e4:7a:cc:eb:69:33:12:64:c1:f3:ee:87:9b:b9:
90:35:6b:bf:bd:d4:ae:9b:71:6f:47:eb:0d:12:0b:
f0:0e:ad:f1:5d:75:94:e0:f9:01:16:15:33:c1:40:
cf:24:5d:67:de:55:20:1c:a3:a9:68:dc:98:02:ac:
b1:2e:c9:1f:54:31:49:0f:b9:07:51:eb:94:d1:3f:
c9:2b:3d:8e:a7:2a:71:d6:45:d4:3a:08:cc:61:09:
6a:87:f0:d0:35:d3:c0:d1:9e:d1:8b:d1:9e:5b:17:
ca:56:d5:a3:48:31:42:59:67:88:a6:5f:42:26:54:
16:2e:01:78:f5:2c:3c:b5:79:26:43:f1:d2:e3:dd:
f7:43:91:99:dd:05:cc:4f:3e:73:92:b5:f6:06:33:
bc:6a:83:b7:d5:60:3d:a4:59:05:0b:80:5f:69:58:
f5:9f:d3:f6:3f:12:d8:bd:1f:9e:d8:47:63:2f:dd:
2c:10:f8:9b:24:5d:aa:8f:29:32:4f:0c:95:d6:25:
1c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2E:86:C1:88:C9:86:73:9D:B9:E7:F1:3E:82:42:0C:10:07:4B:24
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/3S6GwYjJhnOduefxPoJCDBAHSyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.212.0/24
31.192.214.0/24
89.252.134.0/24
89.252.137.0-89.252.138.255
89.252.159.0/24
159.253.37.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:3f:b7:f3:9d:b4:91:9a:20:38:8d:48:ec:6d:be:c1:08:56:
0b:cf:9f:3b:de:0b:b2:dd:ac:b7:7d:86:fc:95:1d:f8:23:7d:
71:be:91:a1:ad:0f:86:03:01:55:68:54:de:4b:72:0a:38:78:
08:e7:cc:51:09:99:f2:df:5d:8a:05:ed:bb:ae:46:d9:eb:76:
c6:2f:24:d8:03:fc:2d:43:4a:9b:f5:51:ed:ca:2e:c3:75:7d:
d7:3f:94:ca:6f:72:db:86:4f:a9:be:54:91:48:af:1e:14:04:
40:f2:e4:dd:44:ff:8d:75:1c:cc:14:10:e9:89:61:a5:6c:1e:
8e:69:84:da:1d:2c:c2:f1:3e:ca:ed:8b:39:c5:ac:88:cf:65:
3b:74:d1:10:b0:ab:85:29:fa:1d:20:9b:de:54:f7:c1:86:94:
e6:55:60:f8:3e:1e:29:41:21:ef:73:cd:b3:1a:21:04:ec:c5:
0a:9b:2b:95:f1:86:df:23:b3:d8:a4:0f:d0:32:ac:47:c4:2b:
41:e4:64:f2:d7:af:7d:0f:f5:27:2a:08:a7:41:61:4d:f0:da:
43:ea:00:a2:02:25:13:68:c9:e4:5f:41:81:ae:4c:7a:f2:89:
0e:9b:75:d1:e3:0b:21:b9:c1:54:b6:9c:c8:18:15:77:54:5d:
93:0c:e5:0c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVuwjO1tf/RSjCAC3a15lARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMwMTAxMTkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJlODZjMTg4Yzk4NjczOWRiOWU3ZjEzZTgyNDIwYzEwMDc0YjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWcUqebVHs/CBSVAJjgtlrrNUweq
T9LHOj6GJ4ic7xeQkA9pioXYeeAqRSdcTAM+ejQmfscVpz25giWm5HrM62kzEmTB
8+6Hm7mQNWu/vdSum3FvR+sNEgvwDq3xXXWU4PkBFhUzwUDPJF1n3lUgHKOpaNyY
AqyxLskfVDFJD7kHUeuU0T/JKz2Opypx1kXUOgjMYQlqh/DQNdPA0Z7Ri9GeWxfK
VtWjSDFCWWeIpl9CJlQWLgF49Sw8tXkmQ/HS4933Q5GZ3QXMTz5zkrX2BjO8aoO3
1WA9pFkFC4BfaVj1n9P2PxLYvR+e2EdjL90sEPibJF2qjykyTwyV1iUcIwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFN0uhsGIyYZznbnn8T6CQgwQB0skMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvM1M2R3dZakpobk9kdWVmeFBvSkNEQkFIU3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAH8DUAwQA
H8DWAwQAWfyGMAwDBABZ/IkDBABZ/IoDBABZ/J8DBACf/SUwDQYJKoZIhvcNAQEL
BQADggEBAAo/t/OdtJGaIDiNSOxtvsEIVgvPnzveC7LdrLd9hvyVHfgjfXG+kaGt
D4YDAVVoVN5Lcgo4eAjnzFEJmfLfXYoF7buuRtnrdsYvJNgD/C1DSpv1Ue3KLsN1
fdc/lMpvctuGT6m+VJFIrx4UBEDy5N1E/411HMwUEOmJYaVsHo5phNodLMLxPsrt
iznFrIjPZTt00RCwq4Up+h0gm95U98GGlOZVYPg+HilBIe9zzbMaIQTsxQqbK5Xx
ht8js9ikD9AyrEfEK0HkZPLXr30P9ScqCKdBYU3w2kPqAKICJRNoyeRfQYGuTHry
iQ6bddHjCyG5wVS2nMgYFXdUXZMM5Qw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org