Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/3fzCxQynwPm7h72QaV4oVvuZScc.roa
File: 3fzCxQynwPm7h72QaV4oVvuZScc.roa (raw, json)
Hash identifier: z7nn6GGxYdOo5u0q1Tc7AZLTAkWZlu3y8jgNqA0Y9IA=
Subject key identifier: DD:FC:C2:C5:0C:A7:C0:F9:BB:87:BD:90:69:5E:28:56:FB:99:49:C7
Certificate issuer: /CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Certificate serial: 018CC3B68BBA9A78CB6FA947198562A000DA
Authority key identifier: 3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/3fzCxQynwPm7h72QaV4oVvuZScc.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 185.150.172.0/22 maxlen: 24
5.100.144.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8b:ba:9a:78:cb:6f:a9:47:19:85:62:a0:00:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddfcc2c50ca7c0f9bb87bd90695e2856fb9949c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:f1:44:5e:24:d2:73:f9:66:a4:78:d9:b7:
ff:55:2a:5a:7b:17:25:1b:f8:56:f1:4b:8f:d2:13:
d7:21:47:2e:96:e8:34:83:10:91:25:f6:c4:20:7a:
45:5f:ac:57:31:74:c3:87:76:05:66:17:ff:50:9b:
a8:e6:b4:3d:5f:9b:d7:40:35:cb:50:99:e3:ed:9e:
4b:92:ea:59:ab:db:ae:77:4d:42:21:33:c1:31:4e:
2e:90:67:61:88:76:a3:4a:05:20:20:97:20:50:ca:
41:26:14:4f:ba:e5:78:4a:5a:55:2d:2f:78:87:4b:
f6:61:0c:97:7a:65:24:03:b8:67:47:6d:67:54:91:
e9:e8:75:b2:14:f4:8e:a6:b8:90:25:2d:66:9a:6d:
18:94:78:be:09:4a:21:15:d6:85:c8:98:96:49:41:
dd:3e:73:78:47:d1:bc:fa:88:f7:0f:74:15:d0:8a:
94:f8:f5:6f:d7:5f:98:33:87:8a:3b:52:31:9c:f6:
b5:5b:40:50:8d:fe:38:c3:68:e1:c8:29:d6:b4:02:
a2:e6:ea:02:8f:ab:66:75:21:e0:9b:e1:a0:e9:88:
89:08:4e:3b:24:99:84:ef:68:62:be:d5:d2:96:ea:
4d:df:62:1a:b0:73:83:15:be:d0:53:41:a9:de:f5:
37:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FC:C2:C5:0C:A7:C0:F9:BB:87:BD:90:69:5E:28:56:FB:99:49:C7
X509v3 Authority Key Identifier:
keyid:3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/3fzCxQynwPm7h72QaV4oVvuZScc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.144.0/21
185.150.172.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:17:ae:fd:c9:fb:07:f6:13:e7:55:0b:a4:39:b5:18:cc:c0:
7b:41:2c:47:ae:e3:9f:f5:ac:16:8b:ed:f9:ad:da:c0:0e:23:
03:26:86:51:f7:08:f1:a1:4c:d4:a1:05:e7:82:c3:2f:64:ec:
9d:f2:7e:7e:94:7a:ef:64:c9:56:83:82:ef:54:4f:32:cd:74:
ca:ae:ef:53:f6:c3:8b:8d:16:53:12:72:7c:ff:f3:35:de:b5:
d5:ef:e1:f0:46:cb:19:fb:45:5c:8a:d9:d1:54:f7:fa:67:4a:
08:3e:f2:a0:b6:46:bd:f0:cd:18:25:d1:12:5b:06:d8:da:5c:
82:06:7e:fc:54:58:0a:01:cd:d5:df:6d:c9:81:5f:a9:04:28:
9e:9d:45:4a:cf:ec:34:85:61:93:d6:5d:6b:57:7c:83:1f:0d:
5c:50:87:ab:ed:8f:f7:46:8f:fd:a4:40:bf:cb:09:97:26:d4:
28:9f:c7:33:b6:d0:ea:e4:7f:b1:a7:e0:b2:72:65:f3:74:de:
84:62:aa:6d:b2:ef:24:b4:23:b4:8f:c5:bf:ef:f8:bb:5a:ee:
ff:91:77:1e:24:14:f0:e2:c7:c3:4e:63:fb:40:b8:0f:5b:09:
c6:c8:f9:66:d6:5a:00:07:1c:83:9f:a2:4e:4e:3d:f4:bf:fd:
ea:a2:ff:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtou6mnjLb6lHGYVioADaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTY4YzU5ZDdhODMxOTljM2E3OWVhMGU4Mzc1Yjk0NmVk
ODg0ZTIwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGZjYzJjNTBjYTdjMGY5YmI4N2JkOTA2OTVlMjg1NmZiOTk0OWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttTxRF4k0nP5ZqR42bf/VSpaexcl
G/hW8UuP0hPXIUculug0gxCRJfbEIHpFX6xXMXTDh3YFZhf/UJuo5rQ9X5vXQDXL
UJnj7Z5LkupZq9uud01CITPBMU4ukGdhiHajSgUgIJcgUMpBJhRPuuV4SlpVLS94
h0v2YQyXemUkA7hnR21nVJHp6HWyFPSOpriQJS1mmm0YlHi+CUohFdaFyJiWSUHd
PnN4R9G8+oj3D3QV0IqU+PVv11+YM4eKO1IxnPa1W0BQjf44w2jhyCnWtAKi5uoC
j6tmdSHgm+Gg6YiJCE47JJmE72hivtXSlupN32IasHODFb7QU0Gp3vU3ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN38wsUMp8D5u4e9kGleKFb7mUnHMB8GA1UdIwQY
MBaAFDxWjFnXqDGZw6eeoOg3W5Ru2ITiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQt
NWUzN2U3ZjNmMTVkLzEvM2Z6Q3hReW53UG03aDcyUWFWNG9WdnVaU2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQtNWUzN2U3ZjNmMTVk
LzEvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBWSQAwQC
uZasMA0GCSqGSIb3DQEBCwUAA4IBAQDWF679yfsH9hPnVQukObUYzMB7QSxHruOf
9awWi+35rdrADiMDJoZR9wjxoUzUoQXngsMvZOyd8n5+lHrvZMlWg4LvVE8yzXTK
ru9T9sOLjRZTEnJ8//M13rXV7+HwRssZ+0VcitnRVPf6Z0oIPvKgtka98M0YJdES
WwbY2lyCBn78VFgKAc3V323JgV+pBCienUVKz+w0hWGT1l1rV3yDHw1cUIer7Y/3
Ro/9pEC/ywmXJtQon8czttDq5H+xp+CycmXzdN6EYqptsu8ktCO0j8W/7/i7Wu7/
kXceJBTw4sfDTmP7QLgPWwnGyPlm1loABxyDn6JOTj30v/3qov94
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:27:13 2025 by rpki-client