Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3oJOI_0lMSwzW0djTP7KCmTFsxE.roa
File: 3oJOI_0lMSwzW0djTP7KCmTFsxE.roa (raw, json)
Hash identifier: lkjB53X1zPvN5m44oKLBvf6pdlXr2rNRSgUgakZAha8=
Subject key identifier: DE:82:4E:23:FD:25:31:2C:33:5B:47:63:4C:FE:CA:0A:64:C5:B3:11
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018C3ED9429D002758A3A128305BEBE8EB47
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3oJOI_0lMSwzW0djTP7KCmTFsxE.roa
Signing time: Wed 06 Dec 2023 11:17:54 +0000
ROA not before: Wed 06 Dec 2023 11:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204203
IP address blocks: 85.133.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:d9:42:9d:00:27:58:a3:a1:28:30:5b:eb:e8:eb:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 6 11:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de824e23fd25312c335b47634cfeca0a64c5b311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:1f:ae:31:7f:93:d5:dd:8c:bc:84:a6:1e:
a0:ab:0f:43:f8:b7:9d:af:1a:d8:c2:c1:6f:3b:9c:
e6:d6:aa:db:fb:0e:81:4b:c0:4f:7c:2e:fb:f2:dd:
af:a2:09:56:cd:fe:9d:0c:18:57:9d:9f:74:fc:e6:
cf:75:58:6c:6d:bd:4d:07:77:48:e4:83:2b:21:4b:
d6:ce:83:45:8d:62:6f:fb:24:e6:a2:9c:87:5a:63:
e9:73:32:79:c0:cb:4a:35:6e:fb:57:96:2d:47:bd:
bf:bb:f5:e5:fb:8e:9a:c3:d5:a8:b5:aa:04:a7:dd:
0d:8f:7e:fc:6b:db:a5:36:d3:df:fb:65:0e:3e:26:
9d:5d:1a:3f:25:0e:93:8f:42:e4:d0:a6:4d:d3:0e:
9f:c7:36:f1:ab:ad:48:27:e5:37:34:c8:27:4c:44:
6d:45:85:a4:d6:d8:50:2c:66:f8:42:6e:51:57:7d:
6f:cf:81:bd:a3:c3:57:78:c6:75:17:f3:c3:54:de:
5d:3a:36:8e:24:74:fe:37:dc:5c:dd:c2:ba:8b:9f:
7d:9f:1c:7a:22:b7:c5:8b:1c:3a:5a:80:4e:9b:5b:
c3:97:56:d2:bb:3f:76:96:14:7a:76:85:82:0f:7e:
13:61:7b:18:af:78:36:f3:af:6d:b1:d9:92:ac:96:
af:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:82:4E:23:FD:25:31:2C:33:5B:47:63:4C:FE:CA:0A:64:C5:B3:11
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3oJOI_0lMSwzW0djTP7KCmTFsxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.143.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d2:82:97:5a:e9:e4:15:d4:9c:b2:c8:fc:43:90:af:0b:3a:
44:0f:cb:2e:55:2d:70:ff:d7:e3:c7:b6:99:f6:97:b1:2f:97:
e1:5e:22:0d:3d:0d:50:56:51:3d:e2:ca:65:5e:bb:d5:42:42:
ed:ef:e6:d0:0d:76:39:ac:9d:6a:0f:bf:d2:98:28:70:c0:f0:
97:77:e9:c0:e9:dc:68:a5:43:de:1b:22:d5:c3:be:4b:31:a6:
56:11:f1:a6:42:23:90:ca:cd:5a:21:5c:c6:33:c9:2c:4d:94:
5d:d8:d8:0d:3e:a7:9c:bc:3b:37:2f:84:a8:3c:5a:a9:41:f6:
65:54:25:25:92:66:45:53:6d:e0:dc:50:bd:0d:9a:9e:38:04:
69:ce:4a:60:b8:32:3f:df:19:e8:5e:0c:21:0b:5d:62:c6:8c:
8c:7a:55:56:78:b1:92:73:2d:e2:fe:85:2f:a8:a7:77:e8:af:
63:89:c4:08:4c:e7:7a:82:b0:6c:38:3a:57:27:ca:f3:9d:9e:
a0:82:ae:f3:03:42:8b:f6:5a:6c:2b:ac:31:da:b0:71:ca:cc:
2f:f2:46:d0:c5:88:ae:7d:8a:b2:c5:aa:f7:ef:e0:f7:84:de:
57:57:9b:4f:f5:39:a0:b2:d1:8b:f0:fd:d0:1f:dd:b8:7e:ff:
e6:68:44:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw+2UKdACdYo6EoMFvr6OtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMjA2MTExNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTgyNGUyM2ZkMjUzMTJjMzM1YjQ3NjM0Y2ZlY2EwYTY0YzViMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1wfrjF/k9XdjLyEph6gqw9D+Led
rxrYwsFvO5zm1qrb+w6BS8BPfC778t2voglWzf6dDBhXnZ90/ObPdVhsbb1NB3dI
5IMrIUvWzoNFjWJv+yTmopyHWmPpczJ5wMtKNW77V5YtR72/u/Xl+46aw9WotaoE
p90Nj378a9ulNtPf+2UOPiadXRo/JQ6Tj0Lk0KZN0w6fxzbxq61IJ+U3NMgnTERt
RYWk1thQLGb4Qm5RV31vz4G9o8NXeMZ1F/PDVN5dOjaOJHT+N9xc3cK6i599nxx6
IrfFixw6WoBOm1vDl1bSuz92lhR6doWCD34TYXsYr3g2869tsdmSrJavXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6CTiP9JTEsM1tHY0z+ygpkxbMRMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvM29KT0lfMGxNU3d6VzBkalRQN0tDbVRGc3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWPMA0G
CSqGSIb3DQEBCwUAA4IBAQBa0oKXWunkFdScssj8Q5CvCzpED8suVS1w/9fjx7aZ
9pexL5fhXiINPQ1QVlE94splXrvVQkLt7+bQDXY5rJ1qD7/SmChwwPCXd+nA6dxo
pUPeGyLVw75LMaZWEfGmQiOQys1aIVzGM8ksTZRd2NgNPqecvDs3L4SoPFqpQfZl
VCUlkmZFU23g3FC9DZqeOARpzkpguDI/3xnoXgwhC11ixoyMelVWeLGScy3i/oUv
qKd36K9jicQITOd6grBsODpXJ8rznZ6ggq7zA0KL9lpsK6wx2rBxyswv8kbQxYiu
fYqyxar37+D3hN5XV5tP9TmgstGL8P3QH924fv/maERZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org