Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/3p0HD-r5uH5BhKnImbEsNHvu51I.roa
File: 3p0HD-r5uH5BhKnImbEsNHvu51I.roa (raw, json)
Hash identifier: jcwRsiEb0sUjokIoPeHznuA86lrNGhJ3bHNIAEOndjM=
Subject key identifier: DE:9D:07:0F:EA:F9:B8:7E:41:84:A9:C8:99:B1:2C:34:7B:EE:E7:52
Certificate issuer: /CN=079d9053717a16a76c10ae838f5625055be0481f
Certificate serial: 01856E0AF7DE5A9A2B776E7421C2DB747DF9
Authority key identifier: 07:9D:90:53:71:7A:16:A7:6C:10:AE:83:8F:56:25:05:5B:E0:48:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B52QU3F6FqdsEK6Dj1YlBVvgSB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/3p0HD-r5uH5BhKnImbEsNHvu51I.roa
Signing time: Sun 01 Jan 2023 15:54:50 +0000
ROA not before: Sun 01 Jan 2023 15:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206192
IP address blocks: 185.93.249.0/24 maxlen: 24
185.193.4.0/23 maxlen: 23
185.193.6.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:f7:de:5a:9a:2b:77:6e:74:21:c2:db:74:7d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=079d9053717a16a76c10ae838f5625055be0481f
Validity
Not Before: Jan 1 15:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de9d070feaf9b87e4184a9c899b12c347beee752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2b:a5:8b:30:f1:3e:1d:8d:f3:46:d6:81:c5:
4e:13:1d:45:1f:f0:99:0c:99:44:e4:ed:5f:ea:63:
04:51:af:af:68:92:77:e7:7b:4a:fe:63:93:29:76:
4a:52:11:9e:5a:c7:c6:88:41:4e:dd:5b:d8:6f:4e:
8a:12:3d:f8:d9:7a:2d:5a:09:dd:5a:32:b1:7e:97:
38:df:a2:b8:0f:a1:f6:b7:d3:a4:70:ab:90:87:91:
f8:1a:02:b3:20:e4:e1:00:bb:3f:18:b2:30:f0:91:
f8:8a:1c:07:52:09:a2:67:6c:1c:a0:38:89:1c:10:
cc:2d:f4:41:34:c9:4e:f0:40:50:72:ce:c1:b1:6c:
f2:b8:89:58:1b:88:89:c1:0c:39:86:cd:c4:6d:10:
49:8b:22:b0:aa:f9:6b:37:b1:d7:2b:16:90:07:23:
15:55:8b:5b:67:d2:cb:aa:c7:d5:50:08:1e:bc:8a:
75:15:33:35:4b:34:72:e3:e8:44:e3:45:7d:8f:b0:
5d:34:0f:0b:7b:95:24:27:f9:7c:91:35:91:18:a1:
8c:29:12:84:36:5b:97:d9:53:b4:ae:3a:ca:68:7c:
de:d2:c7:37:c0:b4:d3:a0:91:5c:6f:ca:cc:b6:4c:
c6:bd:f7:82:89:d4:2e:53:9a:6d:49:cf:3b:44:76:
f1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9D:07:0F:EA:F9:B8:7E:41:84:A9:C8:99:B1:2C:34:7B:EE:E7:52
X509v3 Authority Key Identifier:
keyid:07:9D:90:53:71:7A:16:A7:6C:10:AE:83:8F:56:25:05:5B:E0:48:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B52QU3F6FqdsEK6Dj1YlBVvgSB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/3p0HD-r5uH5BhKnImbEsNHvu51I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/B52QU3F6FqdsEK6Dj1YlBVvgSB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.249.0/24
185.193.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:c7:33:34:6e:61:7a:eb:c1:b6:c7:5e:3b:7f:9a:d7:25:10:
f0:7d:21:31:30:97:ac:ea:e1:ea:12:d1:2f:10:8e:ec:61:e0:
10:49:f7:09:d6:9e:9e:0f:be:2d:c1:86:cf:ba:47:0c:6e:22:
b2:db:a5:d0:0b:0e:2a:6d:a3:1c:05:7a:e7:50:b7:9c:0b:b1:
fe:86:74:d4:5d:75:5a:47:49:96:80:51:6f:e1:a7:2e:4a:21:
5f:0e:b4:2f:3e:de:d2:37:c5:88:9f:93:18:b3:99:3a:d7:08:
53:78:98:5a:4c:9d:ae:b8:ed:5c:6e:52:dd:fd:79:f0:6b:19:
92:21:dc:a3:f2:2d:2f:06:c6:7f:38:0d:6a:f3:9e:64:b0:bb:
e7:c2:90:5a:bf:97:a5:31:41:9e:d9:fb:b7:c3:9e:17:4a:0c:
31:da:19:e8:0c:ba:33:93:32:c0:d7:69:2f:cc:1c:ca:a4:e2:
1d:73:07:09:df:9d:8d:29:5b:d7:76:62:80:43:be:ff:9d:51:
da:ff:6f:01:ed:04:6c:ca:48:c2:fb:fa:52:1c:72:b1:10:85:
7b:1c:82:0c:4d:fc:2a:87:d1:72:ed:74:9c:90:a9:e7:1a:07:
f7:d4:aa:28:32:3e:9b:0a:2b:ac:b0:60:ea:61:9e:ba:bf:3c:
ab:ac:57:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuCvfeWpord250IcLbdH35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OWQ5MDUzNzE3YTE2YTc2YzEwYWU4MzhmNTYyNTA1NWJl
MDQ4MWYwHhcNMjMwMTAxMTU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTlkMDcwZmVhZjliODdlNDE4NGE5Yzg5OWIxMmMzNDdiZWVlNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SulizDxPh2N80bWgcVOEx1FH/CZ
DJlE5O1f6mMEUa+vaJJ353tK/mOTKXZKUhGeWsfGiEFO3VvYb06KEj342XotWgnd
WjKxfpc436K4D6H2t9OkcKuQh5H4GgKzIOThALs/GLIw8JH4ihwHUgmiZ2wcoDiJ
HBDMLfRBNMlO8EBQcs7BsWzyuIlYG4iJwQw5hs3EbRBJiyKwqvlrN7HXKxaQByMV
VYtbZ9LLqsfVUAgevIp1FTM1SzRy4+hE40V9j7BdNA8Le5UkJ/l8kTWRGKGMKRKE
NluX2VO0rjrKaHze0sc3wLTToJFcb8rMtkzGvfeCidQuU5ptSc87RHbxQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6dBw/q+bh+QYSpyJmxLDR77udSMB8GA1UdIwQY
MBaAFAedkFNxehanbBCug49WJQVb4EgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjUyUVUzRjZGcWRzRUs2RGoxWWxCVnZnU0I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OGQxNmEtODJlNS00ZjRhLTg3MzAt
MjdkMDNlMzkzZmI3LzEvM3AwSEQtcjV1SDVCaEtuSW1iRXNOSHZ1NTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OGQxNmEtODJlNS00ZjRhLTg3MzAtMjdkMDNlMzkzZmI3
LzEvQjUyUVUzRjZGcWRzRUs2RGoxWWxCVnZnU0I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuV35AwQC
ucEEMA0GCSqGSIb3DQEBCwUAA4IBAQBMxzM0bmF668G2x147f5rXJRDwfSExMJes
6uHqEtEvEI7sYeAQSfcJ1p6eD74twYbPukcMbiKy26XQCw4qbaMcBXrnULecC7H+
hnTUXXVaR0mWgFFv4acuSiFfDrQvPt7SN8WIn5MYs5k61whTeJhaTJ2uuO1cblLd
/XnwaxmSIdyj8i0vBsZ/OA1q855ksLvnwpBav5elMUGe2fu3w54XSgwx2hnoDLoz
kzLA12kvzBzKpOIdcwcJ352NKVvXdmKAQ77/nVHa/28B7QRsykjC+/pSHHKxEIV7
HIIMTfwqh9Fy7XSckKnnGgf31KooMj6bCiussGDqYZ66vzyrrFf1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org