Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/3aKb-SEtBkYP6CWzErYls2qYx7M.roa
File: 3aKb-SEtBkYP6CWzErYls2qYx7M.roa (raw, json)
Hash identifier: DUWYMFCWvbgaboX8LtTTIOPnoZQo4bnQ+uQOcAiYSdo=
Subject key identifier: DD:A2:9B:F9:21:2D:06:46:0F:E8:25:B3:12:B6:25:B3:6A:98:C7:B3
Certificate issuer: /CN=2e5d85dc24e97d5811a30ff4fd7cf7aec12ccc6e
Certificate serial: 0185715554F9C048E3CA1D23D23A59FE604A
Authority key identifier: 2E:5D:85:DC:24:E9:7D:58:11:A3:0F:F4:FD:7C:F7:AE:C1:2C:CC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ll2F3CTpfVgRow_0_Xz3rsEszG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/3aKb-SEtBkYP6CWzErYls2qYx7M.roa
Signing time: Mon 02 Jan 2023 07:14:55 +0000
ROA not before: Mon 02 Jan 2023 07:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24806
IP address blocks: 81.2.192.0/18 maxlen: 32
185.129.136.0/22 maxlen: 32
195.181.208.0/20 maxlen: 32
185.28.100.0/22 maxlen: 32
2001:15e8::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:54:f9:c0:48:e3:ca:1d:23:d2:3a:59:fe:60:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e5d85dc24e97d5811a30ff4fd7cf7aec12ccc6e
Validity
Not Before: Jan 2 07:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dda29bf9212d06460fe825b312b625b36a98c7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:ac:29:d8:06:c7:3a:d7:31:b6:71:d5:67:
fa:04:b6:8c:81:97:92:a5:ec:12:2c:d9:10:5d:1d:
ee:6c:e2:86:89:1a:62:79:25:39:2c:f2:2a:1d:a3:
f6:20:3d:68:e6:08:54:1a:37:0c:8a:7c:b6:1d:15:
22:59:25:7a:0a:3a:94:fe:22:25:ba:eb:68:bc:88:
28:8a:47:cf:cb:fb:9d:c3:a3:df:cb:39:a8:97:52:
ec:1a:19:65:3f:5e:9c:e6:20:fb:4d:b5:57:2a:92:
02:04:55:51:a0:a9:c4:ae:fc:cf:7f:2b:94:cd:e9:
26:df:9e:5c:f0:5b:ba:87:c1:99:20:33:b8:cf:e9:
13:e9:b7:39:cb:1f:9c:19:ff:5f:e1:07:c8:8c:57:
d6:e9:9f:11:c3:9e:1e:fa:c8:d8:3b:4d:a3:93:8c:
73:91:35:32:08:c7:23:86:36:61:3a:db:88:e4:94:
0b:61:64:32:a1:7e:21:06:09:ef:11:0b:d3:ef:cc:
9a:ed:87:f0:5a:6b:2e:47:63:39:98:56:c2:a7:06:
4f:f6:f1:0a:6e:4a:06:0e:a3:45:29:5c:05:9b:e1:
74:74:36:90:98:e9:ce:49:30:c4:ee:ed:3d:84:b7:
c3:be:8d:88:43:eb:35:bd:eb:07:52:c2:4c:b2:d5:
15:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A2:9B:F9:21:2D:06:46:0F:E8:25:B3:12:B6:25:B3:6A:98:C7:B3
X509v3 Authority Key Identifier:
keyid:2E:5D:85:DC:24:E9:7D:58:11:A3:0F:F4:FD:7C:F7:AE:C1:2C:CC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ll2F3CTpfVgRow_0_Xz3rsEszG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/3aKb-SEtBkYP6CWzErYls2qYx7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/Ll2F3CTpfVgRow_0_Xz3rsEszG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.2.192.0/18
185.28.100.0/22
185.129.136.0/22
195.181.208.0/20
IPv6:
2001:15e8::/29
Signature Algorithm: sha256WithRSAEncryption
77:58:99:9b:6e:3e:92:fb:58:95:09:c3:ee:b3:a1:73:d8:22:
98:3d:31:08:73:a5:5c:47:a2:67:38:66:f4:12:b9:e8:1e:7f:
87:44:74:b6:25:64:7d:8e:6a:33:46:5e:f5:a2:02:4b:fe:51:
e5:bc:7c:72:df:68:c4:49:12:4b:51:21:8b:31:a9:af:77:d4:
3d:10:1c:3e:b2:df:e1:80:8d:47:79:a9:40:3a:6f:b6:df:fe:
d5:c3:86:f1:a8:2d:d6:ff:64:0e:05:1b:1d:ee:50:69:9b:7b:
b4:19:0e:61:2f:5b:24:39:68:be:2a:64:be:24:71:ee:57:92:
a5:16:2b:30:28:6c:ec:d9:4f:0e:18:60:75:cb:bc:a5:8a:8f:
71:dd:3b:34:e2:b2:80:8b:f7:a1:56:44:9c:36:5a:da:f0:37:
41:f9:bf:b7:0e:4f:e5:8c:40:27:d8:50:75:7a:bc:1f:22:9c:
54:c8:03:93:8c:e3:ed:ee:c5:2e:37:a4:ff:47:a8:e3:26:de:
f2:fa:12:0c:e0:3f:18:a8:89:49:91:d7:4b:e5:7b:fa:1f:87:
8c:23:44:fb:21:2a:e1:6f:44:d9:43:a8:ec:cd:e7:ed:93:d5:
79:5c:72:f6:c7:8e:6d:42:b8:82:5c:0b:d2:cc:75:9c:7a:b8:
d7:01:fc:0b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxVVT5wEjjyh0j0jpZ/mBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNWQ4NWRjMjRlOTdkNTgxMWEzMGZmNGZkN2NmN2FlYzEy
Y2NjNmUwHhcNMjMwMTAyMDcxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGEyOWJmOTIxMmQwNjQ2MGZlODI1YjMxMmI2MjViMzZhOThjN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw6sKdgGxzrXMbZx1Wf6BLaMgZeS
pewSLNkQXR3ubOKGiRpieSU5LPIqHaP2ID1o5ghUGjcMiny2HRUiWSV6CjqU/iIl
uutovIgoikfPy/udw6Pfyzmol1LsGhllP16c5iD7TbVXKpICBFVRoKnErvzPfyuU
zekm355c8Fu6h8GZIDO4z+kT6bc5yx+cGf9f4QfIjFfW6Z8Rw54e+sjYO02jk4xz
kTUyCMcjhjZhOtuI5JQLYWQyoX4hBgnvEQvT78ya7YfwWmsuR2M5mFbCpwZP9vEK
bkoGDqNFKVwFm+F0dDaQmOnOSTDE7u09hLfDvo2IQ+s1vesHUsJMstUVLQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN2im/khLQZGD+glsxK2JbNqmMezMB8GA1UdIwQY
MBaAFC5dhdwk6X1YEaMP9P18967BLMxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGwyRjNDVHBmVmdSb3dfMF9YejNyc0Vzekc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYTgzODMtYWFiMC00MzY3LTg5YzMt
OTJiNDdhZGIyYjkwLzEvM2FLYi1TRXRCa1lQNkNXekVyWWxzMnFZeDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYTgzODMtYWFiMC00MzY3LTg5YzMtOTJiNDdhZGIyYjkw
LzEvTGwyRjNDVHBmVmdSb3dfMF9YejNyc0Vzekc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUQLAAwQC
uRxkAwQCuYGIAwQEw7XQMA0EAgACMAcDBQMgARXoMA0GCSqGSIb3DQEBCwUAA4IB
AQB3WJmbbj6S+1iVCcPus6Fz2CKYPTEIc6VcR6JnOGb0ErnoHn+HRHS2JWR9jmoz
Rl71ogJL/lHlvHxy32jESRJLUSGLMamvd9Q9EBw+st/hgI1HealAOm+23/7Vw4bx
qC3W/2QOBRsd7lBpm3u0GQ5hL1skOWi+KmS+JHHuV5KlFiswKGzs2U8OGGB1y7yl
io9x3Ts04rKAi/ehVkScNlra8DdB+b+3Dk/ljEAn2FB1erwfIpxUyAOTjOPt7sUu
N6T/R6jjJt7y+hIM4D8YqIlJkddL5Xv6H4eMI0T7ISrhb0TZQ6jszeftk9V5XHL2
x45tQriCXAvSzHWcerjXAfwL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:51 2024 by rpki-client on console-fra.rpki-client.org