Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/3ZnnR08NS9qSwLEybVDkPAOI_uQ.roa
File: 3ZnnR08NS9qSwLEybVDkPAOI_uQ.roa (raw, json)
Hash identifier: qgR52gcmMMH2FMcoQ2CnHv/Z0C8mYcmi/HG6F8gqFNI=
Subject key identifier: DD:99:E7:47:4F:0D:4B:DA:92:C0:B1:32:6D:50:E4:3C:03:88:FE:E4
Certificate issuer: /CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Certificate serial: 018AD61F41CE830B35656BF2835722BB7419
Authority key identifier: B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/3ZnnR08NS9qSwLEybVDkPAOI_uQ.roa
Signing time: Wed 27 Sep 2023 10:11:27 +0000
ROA not before: Wed 27 Sep 2023 10:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61213
IP address blocks: 94.140.17.0/24 maxlen: 24
185.206.4.0/22 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:1f:41:ce:83:0b:35:65:6b:f2:83:57:22:bb:74:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Validity
Not Before: Sep 27 10:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd99e7474f0d4bda92c0b1326d50e43c0388fee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d4:99:85:8f:44:5a:5e:58:9e:a4:d9:8f:5a:
78:4a:02:07:57:15:ac:10:8d:83:c3:34:ad:a0:a7:
81:3a:87:07:bc:c1:58:9b:6e:94:e7:8b:ee:72:f9:
e2:f2:59:f7:d9:ae:f3:1e:e4:82:76:8b:cf:a4:34:
ef:14:a0:e7:b0:2d:e6:9c:dc:34:e6:bd:62:0f:3f:
92:53:cd:76:53:8b:73:1a:17:5d:41:6c:6d:63:d2:
07:75:d3:04:6e:3b:c7:56:50:73:66:19:dd:42:a9:
d2:19:3c:ca:b9:49:e4:ca:ad:9d:53:ab:34:4c:c7:
c9:b6:d9:54:45:44:78:a4:d5:94:77:16:88:67:7d:
dd:ab:cd:e0:9f:27:70:58:b7:95:e6:e1:1b:62:e0:
30:55:79:33:a8:b7:cd:ee:98:d2:74:e3:f0:ad:5e:
36:df:ed:60:81:42:51:68:96:af:f7:04:8b:77:38:
20:29:b5:b1:15:3c:ae:df:18:ee:3e:c5:29:a1:cd:
42:ca:09:f7:3c:dd:51:04:41:fa:2b:ec:d1:57:1e:
54:77:6a:60:94:fe:66:3a:ea:87:6e:9d:13:24:eb:
96:b8:71:91:ad:67:a2:17:22:8b:d4:3f:25:a2:b0:
75:3b:de:e5:bb:69:ee:72:fc:6c:28:95:2d:5c:a3:
a2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:99:E7:47:4F:0D:4B:DA:92:C0:B1:32:6D:50:E4:3C:03:88:FE:E4
X509v3 Authority Key Identifier:
keyid:B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/3ZnnR08NS9qSwLEybVDkPAOI_uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/t4OAtB43tXV9PU4u7N8G2TCnC50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.140.17.0/24
185.206.4.0/22
Signature Algorithm: sha256WithRSAEncryption
71:bf:bb:8b:37:6c:ff:10:d1:32:cb:cd:50:6a:6e:1e:24:fb:
b4:73:6a:ae:ef:10:1f:e5:30:85:be:21:fe:f8:dc:15:d6:76:
a5:ef:cf:1e:93:95:b9:d3:11:88:5b:fc:37:b6:a6:1a:59:de:
f2:d8:48:9f:f8:2b:1b:7f:7f:f4:3d:f7:18:bf:c1:05:e8:89:
a9:48:2d:54:1c:c6:00:4c:d2:1a:1a:08:e0:76:1e:94:03:79:
16:59:cb:2f:7c:eb:2e:88:21:a9:5a:6c:49:8d:74:b8:4e:bc:
6b:b2:e0:84:7f:b6:c5:36:12:05:42:d9:fb:ba:e1:63:75:45:
1f:13:b9:41:43:2c:68:c1:e2:ed:74:ab:2d:e6:f4:7b:ee:b0:
41:36:f0:61:1e:b6:29:dd:1f:09:7c:1a:47:6f:57:f6:58:6d:
2c:1a:1e:b1:33:ff:28:1f:a0:fd:59:d5:65:ac:fd:12:10:80:
2a:f2:33:02:7c:4a:c4:56:31:69:9f:4c:e4:b6:49:8e:d5:ef:
9b:92:af:bc:1e:d9:2c:03:78:a6:96:f0:be:f0:cb:3f:e7:15:
d5:28:31:df:cd:f0:20:17:a5:59:12:99:0f:f2:c9:be:65:79:
e4:bd:1c:30:9c:a8:1d:54:5c:40:89:22:3d:a3:9e:6d:f6:d7:
1d:1e:e8:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrWH0HOgws1ZWvyg1ciu3QZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODM4MGI0MWUzN2I1NzU3ZDNkNGUyZWVjZGYwNmQ5MzBh
NzBiOWQwHhcNMjMwOTI3MTAxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk5ZTc0NzRmMGQ0YmRhOTJjMGIxMzI2ZDUwZTQzYzAzODhmZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodSZhY9EWl5YnqTZj1p4SgIHVxWs
EI2DwzStoKeBOocHvMFYm26U54vucvni8ln32a7zHuSCdovPpDTvFKDnsC3mnNw0
5r1iDz+SU812U4tzGhddQWxtY9IHddMEbjvHVlBzZhndQqnSGTzKuUnkyq2dU6s0
TMfJttlURUR4pNWUdxaIZ33dq83gnydwWLeV5uEbYuAwVXkzqLfN7pjSdOPwrV42
3+1ggUJRaJav9wSLdzggKbWxFTyu3xjuPsUpoc1Cygn3PN1RBEH6K+zRVx5Ud2pg
lP5mOuqHbp0TJOuWuHGRrWeiFyKL1D8lorB1O97lu2nucvxsKJUtXKOiJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2Z50dPDUvaksCxMm1Q5DwDiP7kMB8GA1UdIwQY
MBaAFLeDgLQeN7V1fT1OLuzfBtkwpwudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYt
ZGVkYWY3OTM1NmNlLzEvM1publIwOE5TOXFTd0xFeWJWRGtQQU9JX3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYtZGVkYWY3OTM1NmNl
LzEvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXowRAwQC
uc4EMA0GCSqGSIb3DQEBCwUAA4IBAQBxv7uLN2z/ENEyy81Qam4eJPu0c2qu7xAf
5TCFviH++NwV1nal788ek5W50xGIW/w3tqYaWd7y2Eif+Csbf3/0PfcYv8EF6Imp
SC1UHMYATNIaGgjgdh6UA3kWWcsvfOsuiCGpWmxJjXS4TrxrsuCEf7bFNhIFQtn7
uuFjdUUfE7lBQyxoweLtdKst5vR77rBBNvBhHrYp3R8JfBpHb1f2WG0sGh6xM/8o
H6D9WdVlrP0SEIAq8jMCfErEVjFpn0zktkmO1e+bkq+8HtksA3imlvC+8Ms/5xXV
KDHfzfAgF6VZEpkP8sm+ZXnkvRwwnKgdVFxAiSI9o55t9tcdHuid
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:53 2024 by rpki-client on console-ams.rpki-client.org