Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/3s5qNEcQCew4ExwArZqjwPiRc5M.roa
File: 3s5qNEcQCew4ExwArZqjwPiRc5M.roa (raw, json)
Hash identifier: lcx0HXk4tNKBQmHsBBUkWIAkx1tdr/v5eEzo8IduKrI=
Subject key identifier: DE:CE:6A:34:47:10:09:EC:38:13:1C:00:AD:9A:A3:C0:F8:91:73:93
Certificate issuer: /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial: 018BA3691B1B5331ED1E266D19450B8846E1
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/3s5qNEcQCew4ExwArZqjwPiRc5M.roa
Signing time: Mon 06 Nov 2023 06:54:16 +0000
ROA not before: Mon 06 Nov 2023 06:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204834
IP address blocks: 185.129.240.0/24 maxlen: 24
185.129.241.0/24 maxlen: 24
185.129.242.0/24 maxlen: 24
185.129.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:69:1b:1b:53:31:ed:1e:26:6d:19:45:0b:88:46:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Validity
Not Before: Nov 6 06:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dece6a34471009ec38131c00ad9aa3c0f8917393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c7:0d:5a:1b:ff:04:86:c2:30:a9:b3:64:fa:
07:24:11:37:ca:ea:5e:b1:8f:c4:a3:a8:10:8c:fb:
c9:d9:ac:fa:ba:ca:1c:5a:d7:0c:ed:3f:38:6b:da:
0d:32:73:e0:63:81:9a:ab:ab:38:01:fe:8b:b1:84:
51:d5:7f:1f:b6:76:ff:52:76:34:b8:2f:12:23:80:
ac:a1:03:37:37:d6:36:c1:5f:9c:42:07:73:e9:8a:
04:08:fe:bf:22:8b:bd:80:10:68:bf:e9:11:1c:31:
a4:d8:d8:9b:85:81:3e:c8:e9:a7:0c:d2:1a:e5:1f:
be:dd:96:dc:26:2e:fa:a7:0a:80:bc:97:14:0b:13:
ca:18:17:4b:2b:35:75:f0:10:6c:8e:79:d5:da:74:
58:c8:40:0e:5e:b0:43:97:30:06:1b:1b:e4:58:94:
8c:a3:ee:56:7f:7a:a7:45:73:9e:de:74:19:b7:fb:
e0:30:ae:54:f9:71:96:2d:7a:01:2d:c3:df:e7:9e:
ec:39:bb:60:4b:19:60:02:6c:4b:dc:d5:07:93:40:
ea:20:d0:43:7e:c7:9a:fd:58:27:57:22:40:51:a7:
21:ce:55:08:01:29:3b:57:ce:61:34:b1:e1:38:4b:
a4:49:ca:54:ad:ca:34:cc:95:b0:23:e4:85:79:bd:
07:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CE:6A:34:47:10:09:EC:38:13:1C:00:AD:9A:A3:C0:F8:91:73:93
X509v3 Authority Key Identifier:
keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/3s5qNEcQCew4ExwArZqjwPiRc5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:46:20:2c:61:36:48:86:25:41:fb:3d:ac:56:af:53:59:5c:
e2:05:72:57:3b:86:bb:86:70:c2:86:d3:12:0c:00:88:35:2e:
d6:52:71:aa:32:4a:86:00:d1:0b:b2:13:54:6c:15:c0:25:dd:
84:4f:58:4c:4d:2e:7e:21:73:5d:55:c7:ca:66:49:d5:3e:8c:
5b:c7:c8:87:87:a5:2f:f6:e7:21:79:f4:05:30:62:3d:74:34:
57:fc:95:07:6f:e3:21:c6:dc:e0:2a:64:3e:8b:3a:b1:1c:6d:
36:d3:61:7c:5f:7a:ff:6f:36:05:4e:1c:eb:f5:5e:0f:97:51:
94:6c:bb:5f:9a:cd:4e:4b:51:08:dc:71:d4:84:43:c4:74:c6:
f0:65:31:af:69:74:df:8d:bf:28:9e:06:f4:de:00:38:78:8c:
37:96:bc:ed:db:7f:c7:ea:a3:97:9b:b5:38:56:74:9c:64:60:
fe:cc:ac:60:d2:ed:b7:a0:90:fd:fd:dd:b4:5a:f3:4f:b6:f1:
b9:f1:59:48:d6:8c:16:7e:1d:69:81:ef:c8:10:b0:3b:c3:02:
29:b3:46:66:99:4a:b5:87:22:71:60:1f:40:be:b8:cb:58:3b:
f4:51:ac:2d:23:64:1e:5d:b2:d8:ca:9b:51:2f:60:b6:19:1e:
c5:6e:74:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYujaRsbUzHtHiZtGUULiEbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYmQ1MTI3MjA2NGI2M2IyYzY2M2MwMjk2YmExMWRiNWVh
MjM4YzAwHhcNMjMxMTA2MDY1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWNlNmEzNDQ3MTAwOWVjMzgxMzFjMDBhZDlhYTNjMGY4OTE3MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjscNWhv/BIbCMKmzZPoHJBE3yupe
sY/Eo6gQjPvJ2az6usocWtcM7T84a9oNMnPgY4Gaq6s4Af6LsYRR1X8ftnb/UnY0
uC8SI4CsoQM3N9Y2wV+cQgdz6YoECP6/Iou9gBBov+kRHDGk2NibhYE+yOmnDNIa
5R++3ZbcJi76pwqAvJcUCxPKGBdLKzV18BBsjnnV2nRYyEAOXrBDlzAGGxvkWJSM
o+5Wf3qnRXOe3nQZt/vgMK5U+XGWLXoBLcPf557sObtgSxlgAmxL3NUHk0DqINBD
fsea/VgnVyJAUachzlUIASk7V85hNLHhOEukScpUrco0zJWwI+SFeb0HuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7OajRHEAnsOBMcAK2ao8D4kXOTMB8GA1UdIwQY
MBaAFHu9UScgZLY7LGY8Apa6EdteojjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUt
OTdjOWFhYjgyOGYyLzEvM3M1cU5FY1FDZXc0RXh3QXJacWp3UGlSYzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUtOTdjOWFhYjgyOGYy
LzEvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYHwMA0G
CSqGSIb3DQEBCwUAA4IBAQC5RiAsYTZIhiVB+z2sVq9TWVziBXJXO4a7hnDChtMS
DACINS7WUnGqMkqGANELshNUbBXAJd2ET1hMTS5+IXNdVcfKZknVPoxbx8iHh6Uv
9uchefQFMGI9dDRX/JUHb+MhxtzgKmQ+izqxHG0202F8X3r/bzYFThzr9V4Pl1GU
bLtfms1OS1EI3HHUhEPEdMbwZTGvaXTfjb8ongb03gA4eIw3lrzt23/H6qOXm7U4
VnScZGD+zKxg0u23oJD9/d20WvNPtvG58VlI1owWfh1pge/IELA7wwIps0ZmmUq1
hyJxYB9AvrjLWDv0UawtI2QeXbLYyptRL2C2GR7FbnSk
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:43 2024 by rpki-client on console-fra.rpki-client.org