Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/3TxRmchuoGkpV9oEYr_QgvsnTm4.roa
File: 3TxRmchuoGkpV9oEYr_QgvsnTm4.roa (raw, json)
Hash identifier: Ush/f3tKAoN5b5zwshqfZXH1oImq89a2uOUF9zo8e08=
Subject key identifier: DD:3C:51:99:C8:6E:A0:69:29:57:DA:04:62:BF:D0:82:FB:27:4E:6E
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 01857246D4696CE7CBD434495893B1BDEB4C
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/3TxRmchuoGkpV9oEYr_QgvsnTm4.roa
Signing time: Mon 02 Jan 2023 11:38:42 +0000
ROA not before: Mon 02 Jan 2023 11:38:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23344
IP address blocks: 157.23.224.0/20 maxlen: 24
2a0e:bbc0:8000::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d4:69:6c:e7:cb:d4:34:49:58:93:b1:bd:eb:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jan 2 11:38:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd3c5199c86ea0692957da0462bfd082fb274e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:56:a1:c2:ce:6c:4f:8e:15:e8:dc:a9:cb:30:
72:6e:9b:55:61:d2:12:f6:6c:7a:50:e0:58:25:67:
1e:79:86:30:61:78:a7:09:6a:e3:f9:c5:92:7a:31:
e0:be:d2:b9:4f:3c:fc:d4:a3:8f:ad:ab:63:c2:80:
ab:a1:88:d0:7f:cc:ed:52:7a:cf:31:6e:fd:06:71:
ec:74:1c:f4:d5:a1:21:8c:54:92:65:81:bc:8c:83:
81:04:9f:54:cb:9d:23:37:8e:a1:8c:3f:82:00:27:
05:40:97:08:80:4e:39:c0:ef:40:c5:2b:9e:79:a8:
11:81:89:d0:af:9e:f0:63:d4:7c:80:b0:04:fa:be:
84:3a:8b:df:87:cc:a4:51:54:2a:37:d2:c4:b7:3f:
65:de:4d:7d:40:06:5a:ac:f1:e5:b5:c6:bd:57:7f:
1c:f0:d6:e0:64:43:6e:a1:0e:d8:b5:d7:00:7a:38:
d7:f4:96:94:31:b3:a3:cb:b4:7b:20:84:7a:35:fa:
97:9b:af:9b:b6:dd:90:78:9f:9f:c9:8d:d4:0c:44:
ad:17:e6:60:7e:f3:90:a3:4b:97:88:74:f1:4e:c2:
cf:cb:8e:f2:a6:d9:c6:e4:54:30:51:f5:43:a6:b7:
03:5b:d3:d6:36:fa:ad:5a:83:2e:2a:c4:52:15:c8:
0a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3C:51:99:C8:6E:A0:69:29:57:DA:04:62:BF:D0:82:FB:27:4E:6E
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/3TxRmchuoGkpV9oEYr_QgvsnTm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.224.0/20
IPv6:
2a0e:bbc0:8000::/40
Signature Algorithm: sha256WithRSAEncryption
45:7a:23:e6:61:fa:c9:a1:ae:1c:43:56:1f:fb:42:90:04:b6:
11:95:e4:d0:2f:53:4e:1c:57:b9:b2:81:56:ab:f2:b3:72:f4:
31:4a:8a:68:f1:53:34:54:81:33:82:24:78:5e:2f:6a:33:62:
a7:2d:f2:fe:63:b7:bb:bf:e5:cf:45:b4:98:0c:8e:f1:2d:cf:
8b:56:17:af:d2:10:c6:8e:03:06:33:c8:b7:1e:38:2d:df:f4:
bc:f0:f2:22:1d:84:e0:c9:75:2c:15:58:3b:62:ec:40:99:6f:
31:41:27:9b:da:62:2f:df:68:b8:bd:2b:48:ee:1a:1c:9a:7e:
8f:05:05:30:3a:d8:dd:2d:27:92:72:ee:93:9f:c5:89:95:af:
c6:c5:df:d0:3d:18:e3:b1:ac:8f:31:47:00:e3:1d:50:37:d4:
58:81:fe:81:4d:8c:a4:c8:ba:28:c8:a6:ae:0d:f8:6b:76:22:
77:6e:89:4d:a7:4e:38:4f:13:92:5d:dc:5e:a3:eb:91:9a:54:
36:5e:5c:6e:34:ea:7a:93:0e:25:d7:d0:be:a3:29:59:b2:85:
02:ec:71:12:29:7b:cb:10:0f:a0:5d:7e:35:bc:2c:fd:a0:7e:
50:a3:71:20:dc:e6:a8:74:3c:24:40:96:11:6c:13:0c:11:d4:
a6:43:2f:d8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyRtRpbOfL1DRJWJOxvetMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjMwMTAyMTEzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNjNTE5OWM4NmVhMDY5Mjk1N2RhMDQ2MmJmZDA4MmZiMjc0ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVahws5sT44V6NypyzBybptVYdIS
9mx6UOBYJWceeYYwYXinCWrj+cWSejHgvtK5Tzz81KOPratjwoCroYjQf8ztUnrP
MW79BnHsdBz01aEhjFSSZYG8jIOBBJ9Uy50jN46hjD+CACcFQJcIgE45wO9AxSue
eagRgYnQr57wY9R8gLAE+r6EOovfh8ykUVQqN9LEtz9l3k19QAZarPHltca9V38c
8NbgZENuoQ7YtdcAejjX9JaUMbOjy7R7IIR6NfqXm6+btt2QeJ+fyY3UDEStF+Zg
fvOQo0uXiHTxTsLPy47yptnG5FQwUfVDprcDW9PWNvqtWoMuKsRSFcgKqQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN08UZnIbqBpKVfaBGK/0IL7J05uMB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvM1R4Um1jaHVvR2twVjlvRVlyX1FndnNuVG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEnRfgMA4E
AgACMAgDBgAqDrvAgDANBgkqhkiG9w0BAQsFAAOCAQEARXoj5mH6yaGuHENWH/tC
kAS2EZXk0C9TThxXubKBVqvys3L0MUqKaPFTNFSBM4IkeF4vajNipy3y/mO3u7/l
z0W0mAyO8S3Pi1YXr9IQxo4DBjPItx44Ld/0vPDyIh2E4Ml1LBVYO2LsQJlvMUEn
m9piL99ouL0rSO4aHJp+jwUFMDrY3S0nknLuk5/FiZWvxsXf0D0Y47GsjzFHAOMd
UDfUWIH+gU2MpMi6KMimrg34a3Yid26JTadOOE8Tkl3cXqPrkZpUNl5cbjTqepMO
JdfQvqMpWbKFAuxxEil7yxAPoF1+Nbws/aB+UKNxINzmqHQ8JECWEWwTDBHUpkMv
2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:32 2024 by rpki-client on console-fra.rpki-client.org