Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/3y104-YWw8LEaOqO6DyJodxr368.roa
File: 3y104-YWw8LEaOqO6DyJodxr368.roa (raw, json)
Hash identifier: kXWywfojA6YEab8PclGvMSnt8HiACpfvqaSrg2LaHDU=
Subject key identifier: DF:2D:74:E3:E6:16:C3:C2:C4:68:EA:8E:E8:3C:89:A1:DC:6B:DF:AF
Certificate issuer: /CN=0a8bca1a0e86448b73da54c42cb0d75765373f27
Certificate serial: 01857355DF66FF5F15C8498730DCCA9CFAFF
Authority key identifier: 0A:8B:CA:1A:0E:86:44:8B:73:DA:54:C4:2C:B0:D7:57:65:37:3F:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CovKGg6GRItz2lTELLDXV2U3Pyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/3y104-YWw8LEaOqO6DyJodxr368.roa
Signing time: Mon 02 Jan 2023 16:34:45 +0000
ROA not before: Mon 02 Jan 2023 16:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 185.74.112.0/22 maxlen: 22
77.239.32.0/19 maxlen: 24
46.255.168.0/21 maxlen: 24
37.35.112.0/21 maxlen: 24
2a00:d420::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:df:66:ff:5f:15:c8:49:87:30:dc:ca:9c:fa:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a8bca1a0e86448b73da54c42cb0d75765373f27
Validity
Not Before: Jan 2 16:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df2d74e3e616c3c2c468ea8ee83c89a1dc6bdfaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:79:d6:aa:10:fb:3b:dc:84:fc:71:ae:27:b2:
a2:f1:97:90:63:e3:f0:4c:d5:46:a8:2c:cb:9a:1a:
d6:08:8b:9d:f8:30:4e:d6:bc:55:e7:2c:0e:e3:54:
c0:0a:d3:1d:90:e9:c5:2f:f1:49:67:b9:7d:d7:11:
b7:72:1f:d1:08:0d:a5:1a:3d:14:95:15:07:ac:cf:
e5:98:25:ef:38:a9:de:74:98:0f:86:b3:c4:cd:9e:
f0:a2:9b:64:c9:3e:2f:12:27:2d:de:1e:e5:a9:5e:
9d:08:65:4d:24:98:64:90:b8:72:1a:36:ff:ec:ed:
f5:b8:e5:25:e2:12:75:2e:01:ab:78:83:02:33:26:
38:43:b7:29:f7:3a:ff:a9:8a:58:f5:0a:bb:3c:e2:
a3:f5:47:24:f4:5e:88:e6:fc:0c:c7:3b:b7:a5:a8:
b0:59:34:fb:c4:e0:5d:67:5a:af:f3:06:b7:94:db:
42:96:a7:8e:c6:fe:89:08:68:b3:70:1b:65:1d:f8:
68:0e:2b:0f:e6:2d:20:24:08:2c:c9:a5:e2:d9:eb:
1a:de:24:6a:fa:5e:12:f9:0d:fc:13:7a:15:88:9d:
55:76:6d:5a:9b:7a:e2:bb:2e:51:2c:aa:cd:1a:52:
78:64:16:d7:f0:f6:ab:4a:f7:4c:c9:cb:5f:72:34:
3e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2D:74:E3:E6:16:C3:C2:C4:68:EA:8E:E8:3C:89:A1:DC:6B:DF:AF
X509v3 Authority Key Identifier:
keyid:0A:8B:CA:1A:0E:86:44:8B:73:DA:54:C4:2C:B0:D7:57:65:37:3F:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CovKGg6GRItz2lTELLDXV2U3Pyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/3y104-YWw8LEaOqO6DyJodxr368.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/CovKGg6GRItz2lTELLDXV2U3Pyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.112.0/21
46.255.168.0/21
77.239.32.0/19
185.74.112.0/22
IPv6:
2a00:d420::/29
Signature Algorithm: sha256WithRSAEncryption
78:90:0b:6a:b3:86:5d:24:e2:d3:fd:54:2a:e8:a6:f9:b4:26:
cd:00:ae:e9:86:c5:f8:f1:46:8f:85:25:63:23:4a:3e:89:54:
31:96:28:48:70:0e:d0:d3:4e:25:38:87:c7:c1:14:3f:c0:10:
12:16:4f:70:84:2c:14:51:e6:f6:24:a8:f2:cf:be:50:41:4b:
57:e3:1d:ea:6a:fe:65:cb:50:60:f9:b6:60:de:73:dd:62:35:
e6:8c:76:aa:4e:e2:07:73:73:06:2c:f4:1d:4a:e7:62:07:24:
f7:1f:60:3d:5d:67:4e:e2:cc:12:57:02:9f:64:c8:ff:68:5b:
ed:23:00:74:f1:d9:f6:02:ce:aa:91:49:e3:3b:ec:d8:59:0b:
f8:69:5f:a9:93:45:7c:9c:0a:33:b3:10:c7:f9:c6:28:c2:b4:
98:6b:33:f0:fe:01:5c:8a:ee:95:25:38:b8:33:50:59:3b:3b:
55:1d:c5:ed:38:8f:bc:58:d1:eb:9f:58:77:15:f2:06:d9:e1:
f7:de:05:03:5f:70:2a:a1:6a:be:a7:af:52:92:23:c7:05:98:
39:b9:ad:ff:06:50:a9:5c:85:d4:c7:65:9d:be:5d:20:98:2b:
e6:be:bd:9e:a0:a4:4d:f9:3d:cd:e8:2c:e9:75:b1:13:22:dc:
08:41:e9:0d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzVd9m/18VyEmHMNzKnPr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOGJjYTFhMGU4NjQ0OGI3M2RhNTRjNDJjYjBkNzU3NjUz
NzNmMjcwHhcNMjMwMTAyMTYzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJkNzRlM2U2MTZjM2MyYzQ2OGVhOGVlODNjODlhMWRjNmJkZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynnWqhD7O9yE/HGuJ7Ki8ZeQY+Pw
TNVGqCzLmhrWCIud+DBO1rxV5ywO41TACtMdkOnFL/FJZ7l91xG3ch/RCA2lGj0U
lRUHrM/lmCXvOKnedJgPhrPEzZ7woptkyT4vEict3h7lqV6dCGVNJJhkkLhyGjb/
7O31uOUl4hJ1LgGreIMCMyY4Q7cp9zr/qYpY9Qq7POKj9Uck9F6I5vwMxzu3paiw
WTT7xOBdZ1qv8wa3lNtClqeOxv6JCGizcBtlHfhoDisP5i0gJAgsyaXi2esa3iRq
+l4S+Q38E3oViJ1Vdm1am3riuy5RLKrNGlJ4ZBbX8ParSvdMyctfcjQ+CQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN8tdOPmFsPCxGjqjug8iaHca9+vMB8GA1UdIwQY
MBaAFAqLyhoOhkSLc9pUxCyw11dlNz8nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ292S0dnNkdSSXR6MmxURUxMRFhWMlUzUHljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xODZmZDQtM2M2NC00ZGJmLWE5MDAt
YTc5OTA2MjU4OWEzLzEvM3kxMDQtWVd3OExFYU9xTzZEeUpvZHhyMzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xODZmZDQtM2M2NC00ZGJmLWE5MDAtYTc5OTA2MjU4OWEz
LzEvQ292S0dnNkdSSXR6MmxURUxMRFhWMlUzUHljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJSNwAwQD
Lv+oAwQFTe8gAwQCuUpwMA0EAgACMAcDBQMqANQgMA0GCSqGSIb3DQEBCwUAA4IB
AQB4kAtqs4ZdJOLT/VQq6Kb5tCbNAK7phsX48UaPhSVjI0o+iVQxlihIcA7Q004l
OIfHwRQ/wBASFk9whCwUUeb2JKjyz75QQUtX4x3qav5ly1Bg+bZg3nPdYjXmjHaq
TuIHc3MGLPQdSudiByT3H2A9XWdO4swSVwKfZMj/aFvtIwB08dn2As6qkUnjO+zY
WQv4aV+pk0V8nAozsxDH+cYowrSYazPw/gFciu6VJTi4M1BZOztVHcXtOI+8WNHr
n1h3FfIG2eH33gUDX3AqoWq+p69SkiPHBZg5ua3/BlCpXIXUx2Wdvl0gmCvmvr2e
oKRN+T3N6CzpdbETItwIQekN
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:38 2024 by rpki-client on console-fra.rpki-client.org