Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/3bq-XXDYDsUWBI71eVIiLG10kXU.roa
File: 3bq-XXDYDsUWBI71eVIiLG10kXU.roa (raw, json)
Hash identifier: n8UYql2sXAZ5ND+jR6gdHencdCbJ3oSUaXZDiXPOu5E=
Subject key identifier: DD:BA:BE:5D:70:D8:0E:C5:16:04:8E:F5:79:52:22:2C:6D:74:91:75
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018DBE8BAEF3D3F79C795CD01B41CEF1CF00
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/3bq-XXDYDsUWBI71eVIiLG10kXU.roa
Signing time: Sun 18 Feb 2024 23:27:21 +0000
ROA not before: Sun 18 Feb 2024 23:27:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215484
IP address blocks: 188.128.128.0/22 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
2a02:25af:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Feb 2024 07:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:be:8b:ae:f3:d3:f7:9c:79:5c:d0:1b:41:ce:f1:cf:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Feb 18 23:27:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddbabe5d70d80ec516048ef57952222c6d749175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:56:14:80:23:80:22:af:81:bc:1f:02:ab:c7:
ec:08:93:09:40:e6:ff:64:aa:f2:bf:9f:05:fe:66:
d1:62:36:5b:e8:e2:b7:df:f2:4c:74:7b:25:13:e9:
89:61:0d:54:50:c9:d5:a1:d7:e6:d8:5f:12:6a:98:
a7:63:29:92:73:d8:5b:cf:f2:9d:0b:9c:ae:05:89:
68:0c:2d:1c:bc:91:fa:2c:1b:9a:ac:95:94:fd:81:
bc:82:9f:b4:a9:2c:08:5b:83:d2:4c:d8:d8:62:ad:
62:a0:6d:a8:04:90:8c:c4:8a:28:d0:9c:59:0d:8a:
18:1f:7a:1f:eb:12:a5:38:cc:61:e4:03:b6:6c:a4:
8e:24:75:6c:6b:09:df:e4:25:2b:16:83:ae:42:85:
42:2f:c6:fe:ed:a0:be:a8:f5:2c:cf:cc:cb:55:f6:
4a:5c:dc:ff:c0:b2:97:60:7a:72:02:d2:cc:0d:a3:
23:ee:3e:63:c7:c3:1f:4e:0f:02:31:b7:7b:77:7b:
9b:7b:ee:e0:58:e8:d5:98:ff:e2:8b:66:ee:f2:b8:
49:63:97:d1:ea:5a:44:c2:45:7f:12:6a:1d:ab:76:
84:5d:bf:e0:d7:55:9f:91:67:e7:97:74:13:69:a7:
8d:9f:f8:72:56:75:53:90:36:68:a0:14:11:6f:ff:
42:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BA:BE:5D:70:D8:0E:C5:16:04:8E:F5:79:52:22:2C:6D:74:91:75
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/3bq-XXDYDsUWBI71eVIiLG10kXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.128.128.0/22
IPv6:
2a02:25a8:dead::/48
2a02:25af:dead::/48
Signature Algorithm: sha256WithRSAEncryption
45:32:ed:fd:75:83:a6:c4:c5:76:31:1b:f3:c7:ec:76:99:ab:
ee:c5:cc:30:50:49:59:70:32:ed:9b:9e:85:1a:f7:56:e4:cc:
ff:0d:06:4d:60:93:19:3d:91:f6:30:a6:fd:2c:41:b5:e2:29:
4f:ba:29:b6:59:5f:a6:43:59:7e:5b:0e:ba:36:b0:87:1e:cc:
40:cd:c9:aa:24:1b:63:74:26:55:d9:f3:63:68:de:0c:28:dc:
38:fe:82:60:a8:9b:c4:09:34:ee:27:83:66:1b:8e:bf:35:5d:
78:df:db:c0:ee:d0:40:f2:c1:29:bf:0b:e7:02:47:04:e7:b6:
f7:cf:f1:a9:b7:d8:97:80:54:fc:23:5c:ec:68:a3:ed:81:e9:
a7:15:cf:31:64:37:05:32:24:28:82:cf:ab:ab:12:16:c9:f7:
e2:a8:5d:93:76:17:4e:21:19:d0:91:6e:14:f8:a3:2d:7e:5a:
bd:54:83:d5:4d:93:b8:2f:a5:3f:0f:b7:63:56:43:8d:7a:de:
80:16:d9:85:11:91:6f:49:a5:9a:5a:c9:97:c9:dd:1c:46:af:
98:1f:8b:0f:4d:3a:f5:b8:e5:ed:85:53:92:ce:d3:90:81:ab:
d0:36:4f:d2:38:12:fc:c1:c4:0b:6c:2e:ea:17:a5:da:f3:bd:
d6:8e:53:25
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY2+i67z0/eceVzQG0HO8c8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMjE4MjMyNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJhYmU1ZDcwZDgwZWM1MTYwNDhlZjU3OTUyMjIyYzZkNzQ5MTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlYUgCOAIq+BvB8Cq8fsCJMJQOb/
ZKryv58F/mbRYjZb6OK33/JMdHslE+mJYQ1UUMnVodfm2F8SapinYymSc9hbz/Kd
C5yuBYloDC0cvJH6LBuarJWU/YG8gp+0qSwIW4PSTNjYYq1ioG2oBJCMxIoo0JxZ
DYoYH3of6xKlOMxh5AO2bKSOJHVsawnf5CUrFoOuQoVCL8b+7aC+qPUsz8zLVfZK
XNz/wLKXYHpyAtLMDaMj7j5jx8MfTg8CMbd7d3ube+7gWOjVmP/ii2bu8rhJY5fR
6lpEwkV/Emodq3aEXb/g11WfkWfnl3QTaaeNn/hyVnVTkDZooBQRb/9C6QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN26vl1w2A7FFgSO9XlSIixtdJF1MB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvM2JxLVhYRFlEc1VXQkk3MWVWSWlMRzEwa1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCvICAMBgE
AgACMBIDBwAqAiWo3q0DBwAqAiWv3q0wDQYJKoZIhvcNAQELBQADggEBAEUy7f11
g6bExXYxG/PH7HaZq+7FzDBQSVlwMu2bnoUa91bkzP8NBk1gkxk9kfYwpv0sQbXi
KU+6KbZZX6ZDWX5bDro2sIcezEDNyaokG2N0JlXZ82No3gwo3Dj+gmCom8QJNO4n
g2Ybjr81XXjf28Du0EDywSm/C+cCRwTntvfP8am32JeAVPwjXOxoo+2B6acVzzFk
NwUyJCiCz6urEhbJ9+KoXZN2F04hGdCRbhT4oy1+Wr1Ug9VNk7gvpT8Pt2NWQ416
3oAW2YURkW9JpZpayZfJ3RxGr5gfiw9NOvW45e2FU5LO05CBq9A2T9I4EvzBxAts
LuoXpdrzvdaOUyU=
Generated at Mon Feb 19 12:16:57 2024 by rpki-client on console-ams.rpki-client.org