Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/3To0Cbi8ZPe3Jb_i_E0SCyB3z0c.roa
File: 3To0Cbi8ZPe3Jb_i_E0SCyB3z0c.roa (raw, json)
Hash identifier: X6D/lajGy5P+zcAqBv1lSQHIwfbn90zrXIk47onqx9Q=
Subject key identifier: DD:3A:34:09:B8:BC:64:F7:B7:25:BF:E2:FC:4D:12:0B:20:77:CF:47
Certificate issuer: /CN=e726926b6e8970cf84d6b4756fa9c56211200537
Certificate serial: 01856D6F495543057904DA7AF3B2D758A3B2
Authority key identifier: E7:26:92:6B:6E:89:70:CF:84:D6:B4:75:6F:A9:C5:62:11:20:05:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5yaSa26JcM-E1rR1b6nFYhEgBTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/3To0Cbi8ZPe3Jb_i_E0SCyB3z0c.roa
Signing time: Sun 01 Jan 2023 13:04:47 +0000
ROA not before: Sun 01 Jan 2023 13:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47701
IP address blocks: 185.144.41.0/24 maxlen: 24
185.144.43.0/24 maxlen: 24
185.144.40.0/24 maxlen: 24
185.144.42.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:49:55:43:05:79:04:da:7a:f3:b2:d7:58:a3:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e726926b6e8970cf84d6b4756fa9c56211200537
Validity
Not Before: Jan 1 13:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd3a3409b8bc64f7b725bfe2fc4d120b2077cf47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1e:16:05:33:95:9c:15:08:8b:5e:42:2a:63:
8a:68:15:71:e7:e4:db:6c:ea:75:c3:1b:d6:45:b8:
83:05:9c:8b:e4:a8:0d:ff:f2:f0:31:3f:cd:40:b7:
49:90:95:9d:13:e3:93:9c:ef:80:68:ea:da:5e:61:
ae:eb:3e:01:d9:4c:38:6d:bf:cb:2d:ef:09:c1:80:
29:a1:eb:97:46:32:ee:ca:cc:c8:87:ff:6b:05:27:
c9:24:4f:ac:e2:e2:06:33:1d:5e:2f:86:a6:21:a5:
40:4f:64:ae:04:c2:a0:6d:f1:df:72:a7:20:51:bf:
8c:7c:0e:a2:7e:b1:2a:4b:62:a1:90:ff:c3:91:53:
53:51:87:3f:8a:c7:df:91:2c:05:10:01:3d:7e:df:
12:05:92:1b:15:5d:3c:49:0d:6e:5c:a4:be:ba:e6:
5a:2a:37:e8:a3:8a:a1:27:fe:ca:38:58:8f:4d:89:
63:66:3c:60:4f:63:5c:1c:ae:ca:66:ce:21:ac:0e:
0b:0f:2d:e9:fa:a3:cd:a4:74:f7:bd:53:ff:19:58:
b2:84:e0:64:ee:46:78:f1:ff:32:f0:64:d5:09:78:
8d:ae:ae:63:10:d1:a8:f2:e2:d1:ae:0e:84:66:98:
de:7b:bd:8c:87:00:87:49:b9:5c:e0:01:26:70:95:
8d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3A:34:09:B8:BC:64:F7:B7:25:BF:E2:FC:4D:12:0B:20:77:CF:47
X509v3 Authority Key Identifier:
keyid:E7:26:92:6B:6E:89:70:CF:84:D6:B4:75:6F:A9:C5:62:11:20:05:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5yaSa26JcM-E1rR1b6nFYhEgBTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/3To0Cbi8ZPe3Jb_i_E0SCyB3z0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/5yaSa26JcM-E1rR1b6nFYhEgBTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:86:16:b0:9b:de:44:1d:b7:2d:a9:d8:4e:34:70:27:df:24:
20:ff:f6:af:a2:20:35:8d:d8:c0:e3:ee:89:85:ca:98:6d:04:
8a:fd:b5:3f:ab:98:70:54:3a:f5:16:37:5c:7f:fd:b7:2b:39:
b8:bf:cb:1e:fd:ac:4d:3f:07:ae:1a:eb:27:05:6a:a8:2f:28:
fc:c1:ed:72:4f:96:8f:22:0e:5e:6e:4c:57:12:54:4b:b4:cd:
9e:03:ec:a2:60:71:9c:44:d6:20:45:5c:f7:56:2c:ea:36:e2:
f0:c4:50:68:64:89:97:c3:a0:ce:1b:ba:23:37:35:dc:8b:a0:
12:e2:51:3d:f5:9b:eb:9a:83:03:2f:47:2e:d6:d0:4e:61:4e:
eb:75:c2:3f:13:f8:0a:d0:ee:74:13:ab:7a:d9:7a:53:8a:aa:
1c:ad:ee:9a:36:25:e7:a2:7f:0c:df:c1:87:53:86:e4:51:31:
6e:e2:f3:1b:74:ea:3f:51:0c:1c:e1:a3:e1:05:3d:13:d3:6d:
c2:88:48:aa:35:4c:c3:c8:5a:11:cf:7a:39:51:cf:77:9b:6c:
bb:27:c4:48:c2:fb:5f:6b:14:0c:45:74:64:5f:d0:10:63:4f:
b0:80:e9:48:25:f0:a6:60:b4:b2:00:c7:b7:a3:92:27:6e:86:
25:33:53:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb0lVQwV5BNp687LXWKOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MjY5MjZiNmU4OTcwY2Y4NGQ2YjQ3NTZmYTljNTYyMTEy
MDA1MzcwHhcNMjMwMTAxMTMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNhMzQwOWI4YmM2NGY3YjcyNWJmZTJmYzRkMTIwYjIwNzdjZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB4WBTOVnBUIi15CKmOKaBVx5+Tb
bOp1wxvWRbiDBZyL5KgN//LwMT/NQLdJkJWdE+OTnO+AaOraXmGu6z4B2Uw4bb/L
Le8JwYApoeuXRjLuyszIh/9rBSfJJE+s4uIGMx1eL4amIaVAT2SuBMKgbfHfcqcg
Ub+MfA6ifrEqS2KhkP/DkVNTUYc/isffkSwFEAE9ft8SBZIbFV08SQ1uXKS+uuZa
Kjfoo4qhJ/7KOFiPTYljZjxgT2NcHK7KZs4hrA4LDy3p+qPNpHT3vVP/GViyhOBk
7kZ48f8y8GTVCXiNrq5jENGo8uLRrg6EZpjee72MhwCHSblc4AEmcJWNEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN06NAm4vGT3tyW/4vxNEgsgd89HMB8GA1UdIwQY
MBaAFOcmkmtuiXDPhNa0dW+pxWIRIAU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXlhU2EyNkpjTS1FMXJSMWI2bkZZaEVnQlRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kNzE4ZTQtOGFiYy00YjIzLWFjMTAt
YzEwMmVlOTY4NThlLzEvM1RvMENiaThaUGUzSmJfaV9FMFNDeUIzejBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kNzE4ZTQtOGFiYy00YjIzLWFjMTAtYzEwMmVlOTY4NThl
LzEvNXlhU2EyNkpjTS1FMXJSMWI2bkZZaEVnQlRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZAoMA0G
CSqGSIb3DQEBCwUAA4IBAQCohhawm95EHbctqdhONHAn3yQg//avoiA1jdjA4+6J
hcqYbQSK/bU/q5hwVDr1Fjdcf/23Kzm4v8se/axNPweuGusnBWqoLyj8we1yT5aP
Ig5ebkxXElRLtM2eA+yiYHGcRNYgRVz3VizqNuLwxFBoZImXw6DOG7ojNzXci6AS
4lE99ZvrmoMDL0cu1tBOYU7rdcI/E/gK0O50E6t62XpTiqocre6aNiXnon8M38GH
U4bkUTFu4vMbdOo/UQwc4aPhBT0T023CiEiqNUzDyFoRz3o5Uc93m2y7J8RIwvtf
axQMRXRkX9AQY0+wgOlIJfCmYLSyAMe3o5InboYlM1P2
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:20:05 2024 by rpki-client on console-ams.rpki-client.org