Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/3QZNAE6oo4x8NC0lPtjffe3Xp5g.roa
File: 3QZNAE6oo4x8NC0lPtjffe3Xp5g.roa (raw, json)
Hash identifier: cHGkrC1nFpGKWUuU73lC6LHUb1tKGICdvG18Mqy5zq4=
Subject key identifier: DD:06:4D:00:4E:A8:A3:8C:7C:34:2D:25:3E:D8:DF:7D:ED:D7:A7:98
Certificate issuer: /CN=f25d9db2448fe97b9d17a44be5d644848fa018e1
Certificate serial: 01856F14CCF2BF215EE05F2BF0AF737ABECF
Authority key identifier: F2:5D:9D:B2:44:8F:E9:7B:9D:17:A4:4B:E5:D6:44:84:8F:A0:18:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8l2dskSP6XudF6RL5dZEhI-gGOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/3QZNAE6oo4x8NC0lPtjffe3Xp5g.roa
Signing time: Sun 01 Jan 2023 20:45:12 +0000
ROA not before: Sun 01 Jan 2023 20:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57090
IP address blocks: 194.53.208.0/22 maxlen: 24
194.53.209.0/24 maxlen: 24
194.53.210.0/23 maxlen: 24
194.53.211.0/24 maxlen: 24
185.143.30.0/23 maxlen: 24
185.143.31.0/24 maxlen: 24
185.143.28.0/22 maxlen: 24
185.143.29.0/24 maxlen: 24
2a03:a8e0::/32 maxlen: 48
2001:67c:28f0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:cc:f2:bf:21:5e:e0:5f:2b:f0:af:73:7a:be:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f25d9db2448fe97b9d17a44be5d644848fa018e1
Validity
Not Before: Jan 1 20:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd064d004ea8a38c7c342d253ed8df7dedd7a798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:01:4b:8e:a4:c6:60:07:b9:65:cc:25:29:2c:
e5:60:4f:33:76:e2:81:ee:0f:bb:4c:2f:17:57:3f:
ab:65:66:eb:c0:e1:da:0a:ef:47:a4:79:16:05:1f:
71:0e:b2:f2:0e:2b:29:92:1f:96:c4:cd:7e:da:24:
fd:eb:84:b6:5c:7d:0d:06:aa:38:5f:94:53:98:29:
e5:b5:fa:b3:d9:f4:d4:35:c4:c9:83:c4:54:1d:ec:
83:c8:46:c2:52:47:ee:d6:c3:7b:05:36:13:a9:19:
9f:7f:fb:3f:b9:77:1d:63:5b:7d:61:ae:19:52:e4:
c8:bc:8f:87:7c:f9:fb:91:3e:49:ea:09:72:c5:8e:
7d:8f:aa:4c:21:da:53:d7:fe:44:69:05:74:98:1f:
71:58:04:eb:d1:53:6d:9d:47:aa:83:1d:de:94:cc:
6a:f3:0f:e5:d0:91:c2:69:9e:af:b3:a6:16:8f:0b:
2f:13:dd:e5:4a:90:37:69:5f:98:1a:72:b4:b0:27:
b4:7c:b9:89:92:f6:0f:28:87:3a:20:54:01:59:b0:
89:62:26:22:0e:88:a2:63:7a:ab:ec:97:01:4c:75:
4e:25:85:6b:9e:d4:60:71:cf:2b:8a:d4:b3:1c:be:
68:f8:68:6b:c1:82:28:38:b8:e3:b3:a3:6f:e0:64:
d3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:06:4D:00:4E:A8:A3:8C:7C:34:2D:25:3E:D8:DF:7D:ED:D7:A7:98
X509v3 Authority Key Identifier:
keyid:F2:5D:9D:B2:44:8F:E9:7B:9D:17:A4:4B:E5:D6:44:84:8F:A0:18:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8l2dskSP6XudF6RL5dZEhI-gGOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/3QZNAE6oo4x8NC0lPtjffe3Xp5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/8l2dskSP6XudF6RL5dZEhI-gGOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.28.0/22
194.53.208.0/22
IPv6:
2001:67c:28f0::/48
2a03:a8e0::/32
Signature Algorithm: sha256WithRSAEncryption
32:b9:ab:ed:70:b3:d4:d1:f9:12:de:14:c1:c5:8d:03:a7:21:
d4:ed:64:6f:ce:46:42:40:65:99:60:60:d5:cf:e5:73:bc:2e:
40:7b:33:36:28:d9:2c:65:00:97:09:fd:b9:75:ab:0e:7c:57:
5d:bd:b0:fe:eb:5f:bb:dc:b8:44:16:4c:a5:64:10:48:c7:90:
76:50:e3:65:5f:ee:f4:13:64:37:f3:49:25:1c:66:62:fe:25:
bb:dc:93:f2:12:a2:01:fa:63:94:e6:33:c1:f7:21:6e:aa:3b:
56:3e:db:f1:72:ea:d4:4a:00:77:92:ef:2b:c5:ee:8a:a0:e4:
91:77:f0:0e:68:a9:7e:2d:b7:9e:7e:6c:49:da:29:e6:69:24:
2d:e6:33:a7:34:84:15:68:c5:87:d0:99:00:8c:db:6a:08:50:
15:95:d6:0d:50:0c:7f:0c:59:44:d4:b5:80:d2:5a:b0:a7:0e:
6f:b9:d5:63:f0:22:4e:9f:06:52:78:d2:ba:9b:e0:cd:8c:f1:
31:53:29:0a:a1:b9:eb:6c:a6:21:18:5b:02:58:1c:4d:17:2b:
05:a4:30:d2:39:5a:44:6e:16:61:99:92:2c:a2:64:27:48:72:
af:cc:58:2d:5f:78:03:94:d6:97:0c:8b:62:e1:20:e3:86:a2:
26:8d:78:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvFMzyvyFe4F8r8K9zer7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNWQ5ZGIyNDQ4ZmU5N2I5ZDE3YTQ0YmU1ZDY0NDg0OGZh
MDE4ZTEwHhcNMjMwMTAxMjA0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA2NGQwMDRlYThhMzhjN2MzNDJkMjUzZWQ4ZGY3ZGVkZDdhNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwFLjqTGYAe5ZcwlKSzlYE8zduKB
7g+7TC8XVz+rZWbrwOHaCu9HpHkWBR9xDrLyDispkh+WxM1+2iT964S2XH0NBqo4
X5RTmCnltfqz2fTUNcTJg8RUHeyDyEbCUkfu1sN7BTYTqRmff/s/uXcdY1t9Ya4Z
UuTIvI+HfPn7kT5J6glyxY59j6pMIdpT1/5EaQV0mB9xWATr0VNtnUeqgx3elMxq
8w/l0JHCaZ6vs6YWjwsvE93lSpA3aV+YGnK0sCe0fLmJkvYPKIc6IFQBWbCJYiYi
DoiiY3qr7JcBTHVOJYVrntRgcc8ritSzHL5o+GhrwYIoOLjjs6Nv4GTT0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN0GTQBOqKOMfDQtJT7Y333t16eYMB8GA1UdIwQY
MBaAFPJdnbJEj+l7nRekS+XWRISPoBjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGwyZHNrU1A2WHVkRjZSTDVkWkVoSS1nR09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81MTYwOGYtZmQ0Yi00MjY4LWE2ZTMt
NWVjYjIxZmNmYTc1LzEvM1FaTkFFNm9vNHg4TkMwbFB0amZmZTNYcDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81MTYwOGYtZmQ0Yi00MjY4LWE2ZTMtNWVjYjIxZmNmYTc1
LzEvOGwyZHNrU1A2WHVkRjZSTDVkWkVoSS1nR09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuY8cAwQC
wjXQMBYEAgACMBADBwAgAQZ8KPADBQAqA6jgMA0GCSqGSIb3DQEBCwUAA4IBAQAy
uavtcLPU0fkS3hTBxY0DpyHU7WRvzkZCQGWZYGDVz+VzvC5AezM2KNksZQCXCf25
dasOfFddvbD+61+73LhEFkylZBBIx5B2UONlX+70E2Q380klHGZi/iW73JPyEqIB
+mOU5jPB9yFuqjtWPtvxcurUSgB3ku8rxe6KoOSRd/AOaKl+LbeefmxJ2inmaSQt
5jOnNIQVaMWH0JkAjNtqCFAVldYNUAx/DFlE1LWA0lqwpw5vudVj8CJOnwZSeNK6
m+DNjPExUykKobnrbKYhGFsCWBxNFysFpDDSOVpEbhZhmZIsomQnSHKvzFgtX3gD
lNaXDIti4SDjhqImjXio
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:11 2024 by rpki-client on console-ams.rpki-client.org