Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/3VkK-EtdPNxXo3H_QtEb8CzQoyk.roa
File: 3VkK-EtdPNxXo3H_QtEb8CzQoyk.roa (raw, json)
Hash identifier: VdhTVsW/nBkrwfI9D/nQEOQ6zrYfZfn1Fyc/lm20tfs=
Subject key identifier: DD:59:0A:F8:4B:5D:3C:DC:57:A3:71:FF:42:D1:1B:F0:2C:D0:A3:29
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 0187C727684F2300A9326B979ECF934F5624
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/3VkK-EtdPNxXo3H_QtEb8CzQoyk.roa
Signing time: Fri 28 Apr 2023 09:17:41 +0000
ROA not before: Fri 28 Apr 2023 09:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61108
IP address blocks: 185.226.40.0/22 maxlen: 22
62.249.96.0/22 maxlen: 22
88.218.52.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:27:68:4f:23:00:a9:32:6b:97:9e:cf:93:4f:56:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Apr 28 09:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd590af84b5d3cdc57a371ff42d11bf02cd0a329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:49:ee:b8:ec:3f:ce:4c:14:ba:30:1f:76:25:
0f:23:a7:26:c3:01:90:cb:c8:05:3c:68:7f:ed:64:
ec:0b:57:80:00:14:10:5f:69:47:cd:f7:bd:53:cd:
ab:6c:a3:d6:c1:84:8a:79:9c:57:37:db:80:39:a2:
7b:b0:ea:4c:3f:4f:dd:eb:61:31:2a:c6:11:3d:4d:
91:f0:14:95:45:73:e9:8c:42:a5:4b:69:6a:99:7f:
9f:8b:e9:40:66:b1:ce:72:22:fb:04:12:75:1a:c9:
e8:df:1f:3a:e4:a9:6b:04:de:40:1b:46:36:74:ce:
ff:60:38:94:ec:d9:32:5f:46:76:59:17:e3:60:43:
10:b1:10:0d:a4:63:27:d5:c7:43:aa:d9:d4:7f:d6:
e6:e1:85:3e:3d:91:48:5f:e2:8e:eb:7c:ac:14:79:
6b:cc:bf:0e:60:80:7f:01:ad:ce:cb:0d:ac:c1:6b:
7e:76:90:c4:77:51:64:67:ee:87:4d:8b:37:6a:06:
ee:c6:e8:6a:bf:74:d0:79:2c:08:08:6d:26:00:c4:
56:83:19:b4:48:68:a9:14:82:52:b2:03:fc:72:d7:
5c:aa:03:06:4a:f1:98:61:3c:0d:52:94:92:e6:c0:
31:a0:e8:05:5b:0d:ea:64:4e:9f:0e:c7:28:0d:23:
f9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:59:0A:F8:4B:5D:3C:DC:57:A3:71:FF:42:D1:1B:F0:2C:D0:A3:29
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/3VkK-EtdPNxXo3H_QtEb8CzQoyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.96.0/22
88.218.52.0/22
185.226.40.0/22
Signature Algorithm: sha256WithRSAEncryption
42:ea:d5:30:c4:96:fb:bb:e6:c5:a5:c5:06:8e:bb:ad:08:d1:
3f:fe:98:2c:68:62:70:a1:93:42:e7:57:d2:c2:99:07:cd:8e:
ed:f0:06:93:75:01:05:70:8a:8d:48:c5:59:2a:49:21:34:46:
c4:d3:93:a4:95:36:23:b6:9d:b1:01:4f:a7:65:1f:60:ef:f6:
66:c6:93:7e:31:42:0b:5b:32:62:cd:85:bc:ab:75:37:95:ad:
3d:45:05:77:2c:ee:96:35:db:98:a6:4d:06:7a:de:ac:d6:5e:
92:2e:d0:92:d1:1a:f2:a7:80:54:bc:4a:a4:a3:d7:33:c0:5b:
d2:0b:00:c5:99:43:63:a0:d2:11:1a:a9:57:f5:63:c8:7f:19:
58:f6:6a:27:ae:fb:97:e4:74:65:b1:1d:12:0e:db:53:b4:24:
be:47:51:e8:1b:00:e5:a3:d1:16:7c:60:9a:e9:5f:eb:20:f5:
90:32:58:1d:64:ce:14:d2:27:c5:a5:d3:c8:7f:bf:bc:ab:6a:
ad:1d:bb:70:f6:cb:22:20:c4:25:64:30:fc:ed:fd:aa:a8:fc:
10:1d:c5:d7:46:10:b4:99:bd:11:2a:f9:6b:78:e2:a6:ef:ad:
48:9c:7f:92:ff:80:9e:d1:63:54:fd:f2:61:63:fc:98:4e:91:
00:28:0f:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfHJ2hPIwCpMmuXns+TT1YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjMwNDI4MDkxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU5MGFmODRiNWQzY2RjNTdhMzcxZmY0MmQxMWJmMDJjZDBhMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0nuuOw/zkwUujAfdiUPI6cmwwGQ
y8gFPGh/7WTsC1eAABQQX2lHzfe9U82rbKPWwYSKeZxXN9uAOaJ7sOpMP0/d62Ex
KsYRPU2R8BSVRXPpjEKlS2lqmX+fi+lAZrHOciL7BBJ1Gsno3x865KlrBN5AG0Y2
dM7/YDiU7NkyX0Z2WRfjYEMQsRANpGMn1cdDqtnUf9bm4YU+PZFIX+KO63ysFHlr
zL8OYIB/Aa3Oyw2swWt+dpDEd1FkZ+6HTYs3agbuxuhqv3TQeSwICG0mAMRWgxm0
SGipFIJSsgP8ctdcqgMGSvGYYTwNUpSS5sAxoOgFWw3qZE6fDscoDSP5uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN1ZCvhLXTzcV6Nx/0LRG/As0KMpMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvM1ZrSy1FdGRQTnhYbzNIX1F0RWI4Q3pRb3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPvlgAwQC
WNo0AwQCueIoMA0GCSqGSIb3DQEBCwUAA4IBAQBC6tUwxJb7u+bFpcUGjrutCNE/
/pgsaGJwoZNC51fSwpkHzY7t8AaTdQEFcIqNSMVZKkkhNEbE05OklTYjtp2xAU+n
ZR9g7/ZmxpN+MUILWzJizYW8q3U3la09RQV3LO6WNduYpk0Get6s1l6SLtCS0Rry
p4BUvEqko9czwFvSCwDFmUNjoNIRGqlX9WPIfxlY9monrvuX5HRlsR0SDttTtCS+
R1HoGwDlo9EWfGCa6V/rIPWQMlgdZM4U0ifFpdPIf7+8q2qtHbtw9ssiIMQlZDD8
7f2qqPwQHcXXRhC0mb0RKvlreOKm761InH+S/4Ce0WNU/fJhY/yYTpEAKA9X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:09 2024 by rpki-client on console-ams.rpki-client.org