Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/75d4fd-90f5-4baa-a35c-87a6333d6e64/1/3FzsTknlv4icoHpoT_QAWSJZFUU.roa
File: 3FzsTknlv4icoHpoT_QAWSJZFUU.roa (raw, json)
Hash identifier: 6eF9FLkwB32C92SXP+i6uQ3p7IpNpHlGT9JlGlozWUE=
Subject key identifier: DC:5C:EC:4E:49:E5:BF:88:9C:A0:7A:68:4F:F4:00:59:22:59:15:45
Certificate issuer: /CN=bbe6fe14b8755d9ff7466fa97c4a55f735183249
Certificate serial: 01916F2E5300E670E0A15158E06992889C0A
Authority key identifier: BB:E6:FE:14:B8:75:5D:9F:F7:46:6F:A9:7C:4A:55:F7:35:18:32:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u-b-FLh1XZ_3Rm-pfEpV9zUYMkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/75d4fd-90f5-4baa-a35c-87a6333d6e64/1/3FzsTknlv4icoHpoT_QAWSJZFUU.roa
Signing time: Tue 20 Aug 2024 09:46:32 +0000
ROA not before: Tue 20 Aug 2024 09:46:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210036
IP address blocks: 193.36.104.0/24 maxlen: 24
193.36.105.0/24 maxlen: 24
193.36.106.0/24 maxlen: 24
2a0d:d740::/48 maxlen: 48
2a0d:d740:105::/48 maxlen: 48
2a0d:d742::/45 maxlen: 45
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:2e:53:00:e6:70:e0:a1:51:58:e0:69:92:88:9c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbe6fe14b8755d9ff7466fa97c4a55f735183249
Validity
Not Before: Aug 20 09:46:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc5cec4e49e5bf889ca07a684ff4005922591545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:84:c8:ce:54:c5:9e:5f:4a:33:a2:5f:36:49:
95:ed:de:bc:bc:7a:81:6a:3b:60:58:27:57:75:7b:
3f:64:91:f4:42:4b:1f:5d:d3:49:89:ce:7d:e9:53:
94:20:fd:22:c2:69:26:08:77:c9:18:f3:f5:e1:5e:
a2:85:ec:97:ce:73:b7:ea:2e:2c:49:5b:e3:11:cc:
82:ef:b4:b7:a4:46:10:b2:f3:69:b7:e2:1b:da:a3:
19:bb:82:57:c3:84:e7:d1:33:be:36:63:e9:f8:6e:
58:32:1b:92:aa:e0:8d:33:69:53:76:21:a7:7d:0a:
5d:e2:29:63:61:25:1e:80:14:f6:87:7d:f9:15:fc:
96:b5:81:67:89:3b:6f:fa:1d:97:b6:2b:91:0b:d0:
a5:dd:fc:07:ba:12:82:42:52:91:51:93:f8:55:b5:
1f:65:fa:e1:e4:a3:aa:0e:a2:9f:4c:cd:25:84:f8:
3a:c7:39:07:6b:ae:1a:b0:0e:81:9f:75:4e:99:f8:
c0:53:ef:96:2f:2b:d2:90:64:19:46:bd:64:5b:df:
a9:69:25:84:ce:d2:92:91:ca:f4:35:51:de:b3:b0:
b6:68:ad:d9:fc:eb:1d:05:bf:04:3b:7e:69:47:ca:
73:8f:70:54:2f:e8:50:ee:ff:ff:77:d9:b6:8e:9d:
39:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5C:EC:4E:49:E5:BF:88:9C:A0:7A:68:4F:F4:00:59:22:59:15:45
X509v3 Authority Key Identifier:
keyid:BB:E6:FE:14:B8:75:5D:9F:F7:46:6F:A9:7C:4A:55:F7:35:18:32:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-b-FLh1XZ_3Rm-pfEpV9zUYMkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/75d4fd-90f5-4baa-a35c-87a6333d6e64/1/3FzsTknlv4icoHpoT_QAWSJZFUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/75d4fd-90f5-4baa-a35c-87a6333d6e64/1/u-b-FLh1XZ_3Rm-pfEpV9zUYMkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.104.0-193.36.106.255
IPv6:
2a0d:d740::/48
2a0d:d740:105::/48
2a0d:d742::/45
Signature Algorithm: sha256WithRSAEncryption
3f:27:3a:9c:78:f0:f6:a9:79:94:26:5d:04:14:e3:36:a8:51:
cd:38:82:d1:bb:19:cd:20:71:ea:c8:59:9e:4b:6e:a9:39:fd:
eb:c9:af:99:2a:72:0d:a5:c9:31:0a:75:6f:50:2d:88:90:2f:
ea:06:0a:30:c0:d6:12:be:a4:e5:fd:cf:28:52:d6:a8:a5:49:
83:87:46:59:18:af:e8:53:9e:a6:81:b1:6a:7b:08:bc:16:3f:
aa:23:be:26:87:62:9c:8b:3b:fe:73:69:13:ef:29:58:19:ff:
65:b2:60:f3:e0:e4:dd:ca:ff:dc:59:d7:cf:b6:4d:05:92:44:
7b:80:f0:9c:a5:7b:3c:6a:e5:7f:5e:6c:fe:5c:ce:6f:34:a4:
1b:00:8f:dd:9a:2b:39:0f:67:8f:22:7a:68:da:63:33:ce:b7:
84:b0:a7:41:7c:98:40:ff:aa:10:aa:f3:1d:96:54:5f:27:2c:
77:05:d2:96:cd:5a:d4:eb:54:b7:09:9c:ca:35:a1:d0:b8:10:
4b:c4:39:45:dd:11:00:b3:2f:0c:09:1f:de:f0:90:0c:24:2b:
2f:42:97:64:5a:8b:4f:73:40:15:73:2a:e7:88:f2:ec:51:e4:
23:0f:40:e6:c6:35:32:4e:d7:bb:5c:b7:91:40:80:0d:05:04:
a1:a3:85:86
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZFvLlMA5nDgoVFY4GmSiJwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTZmZTE0Yjg3NTVkOWZmNzQ2NmZhOTdjNGE1NWY3MzUx
ODMyNDkwHhcNMjQwODIwMDk0NjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzVjZWM0ZTQ5ZTViZjg4OWNhMDdhNjg0ZmY0MDA1OTIyNTkxNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzITIzlTFnl9KM6JfNkmV7d68vHqB
ajtgWCdXdXs/ZJH0QksfXdNJic596VOUIP0iwmkmCHfJGPP14V6iheyXznO36i4s
SVvjEcyC77S3pEYQsvNpt+Ib2qMZu4JXw4Tn0TO+NmPp+G5YMhuSquCNM2lTdiGn
fQpd4iljYSUegBT2h335FfyWtYFniTtv+h2XtiuRC9Cl3fwHuhKCQlKRUZP4VbUf
Zfrh5KOqDqKfTM0lhPg6xzkHa64asA6Bn3VOmfjAU++WLyvSkGQZRr1kW9+paSWE
ztKSkcr0NVHes7C2aK3Z/OsdBb8EO35pR8pzj3BUL+hQ7v//d9m2jp05eQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNxc7E5J5b+InKB6aE/0AFkiWRVFMB8GA1UdIwQY
MBaAFLvm/hS4dV2f90ZvqXxKVfc1GDJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1iLUZMaDFYWl8zUm0tcGZFcFY5elVZTWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC83NWQ0ZmQtOTBmNS00YmFhLWEzNWMt
ODdhNjMzM2Q2ZTY0LzEvM0Z6c1Rrbmx2NGljb0hwb1RfUUFXU0paRlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC83NWQ0ZmQtOTBmNS00YmFhLWEzNWMtODdhNjMzM2Q2ZTY0
LzEvdS1iLUZMaDFYWl8zUm0tcGZFcFY5elVZTWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAUBAIAATAOMAwDBAPBJGgD
BADBJGowIQQCAAIwGwMHACoN10AAAAMHACoN10ABBQMHAyoN10IAADANBgkqhkiG
9w0BAQsFAAOCAQEAPyc6nHjw9ql5lCZdBBTjNqhRzTiC0bsZzSBx6shZnktuqTn9
68mvmSpyDaXJMQp1b1AtiJAv6gYKMMDWEr6k5f3PKFLWqKVJg4dGWRiv6FOepoGx
ansIvBY/qiO+JodinIs7/nNpE+8pWBn/ZbJg8+Dk3cr/3FnXz7ZNBZJEe4DwnKV7
PGrlf15s/lzObzSkGwCP3ZorOQ9njyJ6aNpjM863hLCnQXyYQP+qEKrzHZZUXycs
dwXSls1a1OtUtwmcyjWh0LgQS8Q5Rd0RALMvDAkf3vCQDCQrL0KXZFqLT3NAFXMq
54jy7FHkIw9A5sY1Mk7Xu1y3kUCADQUEoaOFhg==
-----END CERTIFICATE-----
Generated at Mon Oct 7 16:59:06 2024 by rpki-client on console-fra.rpki-client.org