Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3DSCU4sEq3w8CO97gvLan2BZQwA.roa
File: 3DSCU4sEq3w8CO97gvLan2BZQwA.roa (raw, json)
Hash identifier: wATjCLgBAymJH2Co2FGmOjVtkbaUm5ZKkwiysTecb58=
Subject key identifier: DC:34:82:53:8B:04:AB:7C:3C:08:EF:7B:82:F2:DA:9F:60:59:43:00
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01856D9415E25BD466390E21395BDF917E53
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3DSCU4sEq3w8CO97gvLan2BZQwA.roa
Signing time: Sun 01 Jan 2023 13:44:59 +0000
ROA not before: Sun 01 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202335
IP address blocks: 164.215.100.0/24 maxlen: 24
85.158.146.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:15:e2:5b:d4:66:39:0e:21:39:5b:df:91:7e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc3482538b04ab7c3c08ef7b82f2da9f60594300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:54:69:65:f7:85:5b:df:80:e6:47:5a:5a:0a:
12:d4:cf:f1:1d:6f:bc:bb:3d:ed:c0:58:a5:86:24:
fe:57:3d:a7:7a:0e:f2:b1:59:00:a7:9d:d6:15:5d:
57:6c:fb:f5:24:27:46:3d:87:eb:d1:5a:38:cb:ee:
5f:93:ef:5d:72:fd:e8:f2:78:c8:ce:f9:06:0a:1b:
6e:0c:d8:5a:69:bf:3f:0e:e2:e8:7a:1d:f2:a0:24:
87:7c:04:d2:82:e9:e9:90:e9:eb:5b:fe:5f:b3:af:
06:3c:d9:79:99:1d:e9:4e:f6:96:fe:03:cb:6e:68:
35:5a:7e:e2:46:b8:c0:04:50:d8:ff:e1:bf:a8:b4:
97:7a:a2:5c:61:64:a1:32:c6:93:24:7f:20:55:74:
4a:ed:28:8f:3b:2d:17:63:94:9f:b3:56:df:c0:f9:
a7:1d:12:67:52:81:fb:bf:a1:04:eb:68:3b:e4:4e:
9a:fa:03:1d:0d:50:10:23:82:d2:68:a2:a9:a5:89:
e5:d2:4a:87:9c:f1:8d:ff:1e:72:38:72:df:bf:f8:
df:6b:68:39:17:80:e0:82:c2:e7:67:86:64:ff:d0:
a9:1a:67:9c:0c:27:12:6f:a8:cc:0a:20:fb:a7:cc:
37:87:d8:be:42:15:46:db:76:c6:e2:c5:2d:2a:a4:
8f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:34:82:53:8B:04:AB:7C:3C:08:EF:7B:82:F2:DA:9F:60:59:43:00
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3DSCU4sEq3w8CO97gvLan2BZQwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.146.0/24
109.205.212.0/24
164.215.100.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:90:ea:c8:ff:a7:6b:2f:7e:2c:68:9e:6e:e1:dd:b0:f2:b8:
5c:02:39:f4:27:e5:7d:c8:82:9d:cc:5a:36:dd:81:78:fe:25:
a5:3c:0d:56:84:9b:0d:34:a6:ab:29:03:42:45:d7:f5:38:17:
f8:29:d1:c0:61:b5:6f:e3:71:0c:b2:ba:d0:99:e2:ba:0b:c8:
e7:cc:5d:40:53:e1:52:22:0a:0a:b8:b2:80:a6:53:75:ff:62:
fb:51:ca:5a:19:c0:fe:63:99:6c:b1:30:2b:cc:63:f8:63:9c:
9e:77:54:b8:cb:e1:a0:fa:e6:0a:27:fb:23:3f:72:dc:bf:0c:
de:d5:57:ed:bd:30:1c:ca:80:7b:a7:9b:d5:3c:f5:5c:9f:2e:
0a:b3:5f:16:82:7a:ec:96:db:fc:e9:df:15:d1:02:7a:c0:79:
71:c3:dc:6a:3a:07:b8:c0:ac:17:77:96:9b:54:e3:87:89:99:
d0:f5:96:fb:bf:35:77:6e:7a:5e:40:08:d1:07:08:d1:b1:c1:
38:1d:ff:52:1b:5a:63:4a:4e:87:c1:de:af:7a:f4:a2:39:f4:
5c:19:d7:bd:fd:61:94:67:8b:89:11:0c:67:51:65:7d:6b:64:
31:b8:aa:28:61:9b:b5:43:85:28:28:9a:d3:ed:36:b8:03:12:
7c:1e:a9:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtlBXiW9RmOQ4hOVvfkX5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTAxMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM0ODI1MzhiMDRhYjdjM2MwOGVmN2I4MmYyZGE5ZjYwNTk0MzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1RpZfeFW9+A5kdaWgoS1M/xHW+8
uz3twFilhiT+Vz2neg7ysVkAp53WFV1XbPv1JCdGPYfr0Vo4y+5fk+9dcv3o8njI
zvkGChtuDNhaab8/DuLoeh3yoCSHfATSgunpkOnrW/5fs68GPNl5mR3pTvaW/gPL
bmg1Wn7iRrjABFDY/+G/qLSXeqJcYWShMsaTJH8gVXRK7SiPOy0XY5Sfs1bfwPmn
HRJnUoH7v6EE62g75E6a+gMdDVAQI4LSaKKppYnl0kqHnPGN/x5yOHLfv/jfa2g5
F4DggsLnZ4Zk/9CpGmecDCcSb6jMCiD7p8w3h9i+QhVG23bG4sUtKqSPxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNw0glOLBKt8PAjve4Ly2p9gWUMAMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvM0RTQ1U0c0VxM3c4Q085N2d2TGFuMkJaUXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVZ6SAwQA
bc3UAwQApNdkMA0GCSqGSIb3DQEBCwUAA4IBAQCbkOrI/6drL34saJ5u4d2w8rhc
Ajn0J+V9yIKdzFo23YF4/iWlPA1WhJsNNKarKQNCRdf1OBf4KdHAYbVv43EMsrrQ
meK6C8jnzF1AU+FSIgoKuLKAplN1/2L7UcpaGcD+Y5lssTArzGP4Y5yed1S4y+Gg
+uYKJ/sjP3Lcvwze1VftvTAcyoB7p5vVPPVcny4Ks18Wgnrsltv86d8V0QJ6wHlx
w9xqOge4wKwXd5abVOOHiZnQ9Zb7vzV3bnpeQAjRBwjRscE4Hf9SG1pjSk6Hwd6v
evSiOfRcGde9/WGUZ4uJEQxnUWV9a2QxuKooYZu1Q4UoKJrT7Ta4AxJ8Hqnf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org