Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/3wAyouOc6XgNe2LIU7TquCHMIr4.roa
File: 3wAyouOc6XgNe2LIU7TquCHMIr4.roa (raw, json)
Hash identifier: +6pQK4XGYKqTXDvu5UL9UPUjWPoFOngNEz77+FpG5IQ=
Subject key identifier: DF:00:32:A2:E3:9C:E9:78:0D:7B:62:C8:53:B4:EA:B8:21:CC:22:BE
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018675C606E75B40273CC33E588FF339D9F8
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/3wAyouOc6XgNe2LIU7TquCHMIr4.roa
Signing time: Tue 21 Feb 2023 20:59:17 +0000
ROA not before: Tue 21 Feb 2023 20:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 194.15.114.0/24 maxlen: 24
194.26.18.0/24 maxlen: 24
91.213.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:12:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:c6:06:e7:5b:40:27:3c:c3:3e:58:8f:f3:39:d9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Feb 21 20:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df0032a2e39ce9780d7b62c853b4eab821cc22be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:56:77:2c:ca:ca:ce:3b:f7:51:29:da:f8:12:
7e:40:e0:ce:c3:8c:de:9e:0c:9b:59:09:d9:1b:26:
95:16:ef:9e:6a:ef:c3:3d:c0:d9:be:7c:eb:d1:d3:
5e:ed:ea:93:24:58:9d:fc:e5:22:80:44:6c:be:7d:
69:cf:49:72:84:92:9d:5e:8a:78:91:a9:01:26:5f:
57:ce:e0:8f:31:21:c9:3b:d7:51:ae:08:6b:9e:0a:
c1:08:b3:fe:4b:26:9e:a7:27:3c:9e:0d:c3:c0:45:
fb:ca:9d:59:9a:87:5a:03:69:bd:d6:6d:63:ec:4c:
5c:ee:78:4e:d3:8d:be:28:8e:41:a5:c3:1a:59:2c:
d3:2b:63:48:c0:eb:f2:4b:f6:c5:64:82:ba:a6:cf:
3d:67:de:74:be:80:89:5a:b7:b1:8e:de:8e:44:7e:
26:85:6f:30:d7:14:f6:3a:2f:17:9a:f7:f4:0c:75:
80:18:2a:9c:6c:f4:0e:0a:b2:40:4a:a1:67:f7:ad:
e0:ca:bd:11:fa:51:4d:23:5b:3d:1b:0f:9d:69:1c:
2f:ba:3c:f4:20:20:18:3d:c7:a0:1c:29:a7:40:3b:
4e:67:63:62:e2:4a:1c:d0:89:48:a5:f7:55:5b:9c:
1f:a9:0a:cd:86:ff:27:d5:90:6f:6f:da:36:66:4f:
0a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:00:32:A2:E3:9C:E9:78:0D:7B:62:C8:53:B4:EA:B8:21:CC:22:BE
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/3wAyouOc6XgNe2LIU7TquCHMIr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.8.0/24
194.15.114.0/24
194.26.18.0/24
Signature Algorithm: sha256WithRSAEncryption
32:1e:33:a0:bb:e0:12:90:71:70:18:12:67:47:ad:9d:74:b3:
2d:16:ec:2e:2d:7d:d5:6b:d5:46:7d:5e:8c:51:4e:e8:35:5e:
cd:3e:a0:ef:24:03:a3:ee:e2:6f:e0:78:54:16:99:71:63:f2:
d5:09:e9:18:42:10:62:e0:78:bb:d5:82:ed:77:ec:81:19:82:
8f:3d:d2:e1:ee:95:a5:ab:fb:5b:16:de:5a:24:64:6d:eb:32:
52:a6:45:c1:95:c3:d3:97:7d:62:ae:4e:fc:ad:47:21:7d:78:
c5:ae:e0:2b:9d:4f:df:4d:38:2e:fd:1b:62:28:20:5a:3f:1c:
f5:80:27:c6:a7:45:58:b7:82:cf:ff:a0:ac:6b:49:d9:cb:cc:
4f:ec:92:94:ae:e8:3a:ba:12:e0:2a:75:bd:e3:25:ff:43:68:
90:03:1b:30:82:3a:56:d7:f0:62:57:c6:7a:2b:8e:c8:16:15:
c9:bd:a7:53:1e:48:23:02:fa:2e:42:e3:f5:fd:9e:ae:d6:ef:
3d:5f:46:28:11:0f:c5:79:ca:d4:31:d5:ba:ae:3d:a0:8a:91:
84:8d:6b:f0:bd:e1:f2:ad:d6:62:e4:a9:e3:50:46:ae:9e:40:
00:e0:6c:e0:98:ed:75:56:ad:7a:ab:d1:9f:11:ee:e3:6e:b9:
12:34:33:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ1xgbnW0AnPMM+WI/zOdn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjIxMjA1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjAwMzJhMmUzOWNlOTc4MGQ3YjYyYzg1M2I0ZWFiODIxY2MyMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1Z3LMrKzjv3USna+BJ+QODOw4ze
ngybWQnZGyaVFu+eau/DPcDZvnzr0dNe7eqTJFid/OUigERsvn1pz0lyhJKdXop4
kakBJl9XzuCPMSHJO9dRrghrngrBCLP+Syaepyc8ng3DwEX7yp1ZmodaA2m91m1j
7Exc7nhO042+KI5BpcMaWSzTK2NIwOvyS/bFZIK6ps89Z950voCJWrexjt6ORH4m
hW8w1xT2Oi8Xmvf0DHWAGCqcbPQOCrJASqFn963gyr0R+lFNI1s9Gw+daRwvujz0
ICAYPcegHCmnQDtOZ2Ni4koc0IlIpfdVW5wfqQrNhv8n1ZBvb9o2Zk8KZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8AMqLjnOl4DXtiyFO06rghzCK+MB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvM3dBeW91T2M2WGdOZTJMSVU3VHF1Q0hNSXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9UIAwQA
wg9yAwQAwhoSMA0GCSqGSIb3DQEBCwUAA4IBAQAyHjOgu+ASkHFwGBJnR62ddLMt
FuwuLX3Va9VGfV6MUU7oNV7NPqDvJAOj7uJv4HhUFplxY/LVCekYQhBi4Hi71YLt
d+yBGYKPPdLh7pWlq/tbFt5aJGRt6zJSpkXBlcPTl31irk78rUchfXjFruArnU/f
TTgu/RtiKCBaPxz1gCfGp0VYt4LP/6Csa0nZy8xP7JKUrug6uhLgKnW94yX/Q2iQ
AxswgjpW1/BiV8Z6K47IFhXJvadTHkgjAvouQuP1/Z6u1u89X0YoEQ/FecrUMdW6
rj2gipGEjWvwveHyrdZi5KnjUEaunkAA4GzgmO11Vq16q9GfEe7jbrkSNDM8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:45 2024 by rpki-client on console-fra.rpki-client.org