Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/3EgVZABfdq4uHDCWyd2jCVwKnT0.roa
File: 3EgVZABfdq4uHDCWyd2jCVwKnT0.roa (raw, json)
Hash identifier: HeoiazVUWtsOot9QumdFSBbs1gm4PVLZkIFcbEWzftU=
Subject key identifier: DC:48:15:64:00:5F:76:AE:2E:1C:30:96:C9:DD:A3:09:5C:0A:9D:3D
Certificate issuer: /CN=4a8095927ee57ccee256aa439f163686b58c570c
Certificate serial: 01857169D05261A0F28EB20B469118A6E3AC
Authority key identifier: 4A:80:95:92:7E:E5:7C:CE:E2:56:AA:43:9F:16:36:86:B5:8C:57:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SoCVkn7lfM7iVqpDnxY2hrWMVww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/3EgVZABfdq4uHDCWyd2jCVwKnT0.roa
Signing time: Mon 02 Jan 2023 07:37:18 +0000
ROA not before: Mon 02 Jan 2023 07:37:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39582
IP address blocks: 185.29.192.0/24 maxlen: 24
185.29.194.0/24 maxlen: 24
185.29.193.0/24 maxlen: 24
185.29.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:d0:52:61:a0:f2:8e:b2:0b:46:91:18:a6:e3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8095927ee57ccee256aa439f163686b58c570c
Validity
Not Before: Jan 2 07:37:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc481564005f76ae2e1c3096c9dda3095c0a9d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7e:f9:4f:68:a0:ef:fa:1c:c7:9c:1a:d1:7d:
f1:7f:7f:a8:e2:06:13:83:26:84:b0:bc:64:cc:4a:
6b:e3:8c:71:81:97:2a:a7:67:83:35:54:ab:b5:de:
51:37:69:64:46:5d:84:d9:50:cf:80:34:25:50:65:
f6:d1:7e:c9:a0:36:74:d0:3b:b5:0e:b7:0b:c1:48:
1d:6b:57:93:22:4f:d3:7c:9b:ba:99:d5:dd:63:79:
d1:c5:76:77:3d:28:ea:98:ef:9b:45:56:d3:e6:90:
28:0f:8d:79:bd:d3:63:ef:25:bd:f4:a0:8c:21:8e:
c8:53:16:47:58:db:16:b8:a7:47:75:7a:18:a4:88:
88:30:50:38:ef:e5:c6:12:18:68:b5:7f:81:51:1a:
e4:55:c5:e4:43:f7:87:58:2e:1d:2d:d7:b1:dc:88:
fa:c0:74:fc:e7:7a:b4:45:ea:12:00:de:d8:8d:b3:
21:1d:48:90:7f:34:a9:87:18:11:2e:c2:76:8a:64:
c8:9d:c7:f7:2b:aa:03:00:3c:b0:31:39:3e:0e:7d:
98:d9:ab:df:87:a0:80:b5:0b:f6:ac:bc:58:83:36:
25:5a:c3:c0:a9:16:19:d1:bb:2c:7c:d5:09:28:c8:
12:56:52:bc:11:a0:73:9a:84:91:e2:21:56:1e:b1:
d7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:48:15:64:00:5F:76:AE:2E:1C:30:96:C9:DD:A3:09:5C:0A:9D:3D
X509v3 Authority Key Identifier:
keyid:4A:80:95:92:7E:E5:7C:CE:E2:56:AA:43:9F:16:36:86:B5:8C:57:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SoCVkn7lfM7iVqpDnxY2hrWMVww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/3EgVZABfdq4uHDCWyd2jCVwKnT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c1e3b4-2d61-44cc-9081-0f9d43d864bb/1/SoCVkn7lfM7iVqpDnxY2hrWMVww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.192.0/22
Signature Algorithm: sha256WithRSAEncryption
07:1a:18:b1:1c:34:1c:42:e3:e1:2b:5d:1e:79:59:5b:8f:ec:
86:c2:aa:d8:4e:2c:fd:79:18:ee:4e:7f:00:e9:c8:17:7b:84:
32:b4:d8:96:74:b2:20:88:47:9d:a2:27:64:6a:84:18:5d:23:
18:73:eb:0a:1a:cb:63:06:2e:bb:1c:3f:91:de:26:c3:72:7a:
62:91:d6:37:90:c6:f6:b5:57:62:44:33:9b:2d:4d:1a:c6:bb:
39:59:44:eb:71:f3:19:86:43:d6:df:c5:03:eb:39:6b:7d:d3:
8e:b4:0f:f8:aa:0f:ee:87:b7:be:47:fb:8a:2b:3f:3e:03:45:
e5:b8:e5:fe:51:2b:81:18:d5:ed:99:1e:28:6e:84:c9:ab:f8:
ae:8a:7d:e3:c0:df:5e:6d:41:8f:f2:90:58:b8:e1:a7:16:0b:
9b:2b:f7:84:1e:07:7f:22:7b:c1:a7:c2:76:90:e0:53:f7:f6:
4d:91:45:9a:9b:6c:c6:55:39:62:46:9b:c3:f8:54:07:04:0f:
f5:7c:dd:53:b6:02:48:64:fe:d8:9c:24:6d:6b:8d:ee:b9:3c:
8d:84:f3:06:2c:54:d0:a2:b5:3c:eb:57:90:9a:ed:b6:0e:24:
f0:14:d0:01:89:13:96:35:bb:1b:c1:a8:c2:be:07:d5:d8:8d:
b2:fc:6d:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxadBSYaDyjrILRpEYpuOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhODA5NTkyN2VlNTdjY2VlMjU2YWE0MzlmMTYzNjg2YjU4
YzU3MGMwHhcNMjMwMTAyMDczNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ4MTU2NDAwNWY3NmFlMmUxYzMwOTZjOWRkYTMwOTVjMGE5ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn75T2ig7/ocx5wa0X3xf3+o4gYT
gyaEsLxkzEpr44xxgZcqp2eDNVSrtd5RN2lkRl2E2VDPgDQlUGX20X7JoDZ00Du1
DrcLwUgda1eTIk/TfJu6mdXdY3nRxXZ3PSjqmO+bRVbT5pAoD415vdNj7yW99KCM
IY7IUxZHWNsWuKdHdXoYpIiIMFA47+XGEhhotX+BURrkVcXkQ/eHWC4dLdex3Ij6
wHT853q0ReoSAN7YjbMhHUiQfzSphxgRLsJ2imTIncf3K6oDADywMTk+Dn2Y2avf
h6CAtQv2rLxYgzYlWsPAqRYZ0bssfNUJKMgSVlK8EaBzmoSR4iFWHrHXuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxIFWQAX3auLhwwlsndowlcCp09MB8GA1UdIwQY
MBaAFEqAlZJ+5XzO4laqQ58WNoa1jFcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU29DVmtuN2xmTTdpVnFwRG54WTJocldNVnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9jMWUzYjQtMmQ2MS00NGNjLTkwODEt
MGY5ZDQzZDg2NGJiLzEvM0VnVlpBQmZkcTR1SERDV3lkMmpDVndLblQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9jMWUzYjQtMmQ2MS00NGNjLTkwODEtMGY5ZDQzZDg2NGJi
LzEvU29DVmtuN2xmTTdpVnFwRG54WTJocldNVnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR3AMA0G
CSqGSIb3DQEBCwUAA4IBAQAHGhixHDQcQuPhK10eeVlbj+yGwqrYTiz9eRjuTn8A
6cgXe4QytNiWdLIgiEedoidkaoQYXSMYc+sKGstjBi67HD+R3ibDcnpikdY3kMb2
tVdiRDObLU0axrs5WUTrcfMZhkPW38UD6zlrfdOOtA/4qg/uh7e+R/uKKz8+A0Xl
uOX+USuBGNXtmR4oboTJq/iuin3jwN9ebUGP8pBYuOGnFgubK/eEHgd/InvBp8J2
kOBT9/ZNkUWam2zGVTliRpvD+FQHBA/1fN1TtgJIZP7YnCRta43uuTyNhPMGLFTQ
orU861eQmu22DiTwFNABiROWNbsbwajCvgfV2I2y/G0X
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:15 2024 by rpki-client on console-fra.rpki-client.org