Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/3XsfA_4teGB-v8r74akw5gvNOYM.roa
File: 3XsfA_4teGB-v8r74akw5gvNOYM.roa (raw, json)
Hash identifier: Npgrki3nIu+QIlToJuLVChXFdnIjKA0kn0eZR4j1P8A=
Subject key identifier: DD:7B:1F:03:FE:2D:78:60:7E:BF:CA:FB:E1:A9:30:E6:0B:CD:39:83
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018C1EA46E42CEC60E1BBDF37A65D76D31F4
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/3XsfA_4teGB-v8r74akw5gvNOYM.roa
Signing time: Thu 30 Nov 2023 05:12:21 +0000
ROA not before: Thu 30 Nov 2023 05:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199614
IP address blocks: 188.240.83.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1e:a4:6e:42:ce:c6:0e:1b:bd:f3:7a:65:d7:6d:31:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 30 05:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd7b1f03fe2d78607ebfcafbe1a930e60bcd3983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c6:28:a0:28:92:51:00:0e:c2:9f:20:f5:76:
44:a9:da:73:8d:ac:62:fc:d7:ab:5d:fd:06:0c:e7:
9a:13:71:a1:5a:4f:6e:49:7f:ed:34:a2:b0:dc:b9:
89:7b:80:fb:3b:65:0d:9a:63:99:41:14:24:8b:be:
ce:81:43:2e:92:8f:cc:ed:66:b1:2f:e4:f6:47:c7:
2d:1d:88:76:f2:eb:72:2f:4b:0b:75:a9:69:2d:35:
95:7d:bb:68:e8:64:28:0b:3a:08:16:e2:8a:2a:c3:
af:1f:1f:46:b6:f8:80:4a:20:4f:34:92:55:fb:0e:
07:aa:32:57:d6:25:8b:d8:0f:2f:6c:f2:88:fa:8b:
49:56:2a:85:bf:67:48:cf:1c:ee:27:d3:5c:42:5c:
48:8a:5a:e1:05:f3:be:65:27:ed:11:9c:49:42:5f:
33:db:82:a2:d7:b9:62:46:82:22:90:c1:81:68:03:
d8:be:47:b9:a0:7b:8b:79:44:3f:05:6a:97:15:30:
48:0e:78:f6:3b:69:46:52:b7:6a:23:2f:d7:0d:9a:
5e:57:de:cc:a0:e4:dd:24:f9:15:29:6d:a3:fc:5f:
69:1c:c9:7d:73:54:f9:f7:a0:16:1f:01:24:b8:d7:
f7:9e:51:20:55:5d:9d:65:08:47:15:b5:a6:e6:e9:
0b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7B:1F:03:FE:2D:78:60:7E:BF:CA:FB:E1:A9:30:E6:0B:CD:39:83
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/3XsfA_4teGB-v8r74akw5gvNOYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
176.223.190.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:e0:4e:db:52:98:0c:3b:a0:61:83:6a:82:12:8f:8f:5f:0f:
ec:60:44:f6:60:88:4d:e6:33:72:d4:ad:cd:80:54:8c:5c:ee:
e5:c1:54:20:d8:bb:64:19:1c:fb:65:97:67:03:27:54:1d:fc:
3e:b5:a9:bf:80:35:af:9b:e6:74:71:7e:9c:1c:44:d6:84:84:
36:0d:a0:d9:c2:10:60:fd:21:1d:9b:b9:71:61:c8:7c:bb:94:
8c:c5:3b:51:cc:ef:eb:2e:9f:f1:a9:fc:be:0d:f0:27:86:1b:
d3:18:ce:7d:4f:3f:55:e1:fa:40:b6:c4:18:58:8a:05:68:01:
12:cb:9b:30:67:c5:61:14:4f:c1:8e:f1:29:df:bf:5c:e1:34:
82:ce:4a:7e:21:c0:75:d8:8d:10:66:c5:ce:8b:40:79:92:a6:
52:83:58:65:67:3b:cf:f3:82:cd:d6:f9:65:78:f4:4a:43:74:
60:4f:60:e1:eb:52:ce:58:1e:e5:f7:54:a9:51:36:b0:26:65:
ce:2c:ff:c0:f3:82:10:16:62:32:33:86:32:a6:f4:0f:b5:7e:
c9:fe:b9:27:81:8a:7c:3a:81:c5:1f:5b:11:53:36:7b:13:e9:
29:36:58:3b:af:11:18:3a:5d:d3:2d:bc:d1:81:28:ed:f0:0d:
2a:4a:b3:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwepG5CzsYOG73zemXXbTH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTMwMDUxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdiMWYwM2ZlMmQ3ODYwN2ViZmNhZmJlMWE5MzBlNjBiY2QzOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisYooCiSUQAOwp8g9XZEqdpzjaxi
/NerXf0GDOeaE3GhWk9uSX/tNKKw3LmJe4D7O2UNmmOZQRQki77OgUMuko/M7Wax
L+T2R8ctHYh28utyL0sLdalpLTWVfbto6GQoCzoIFuKKKsOvHx9GtviASiBPNJJV
+w4HqjJX1iWL2A8vbPKI+otJViqFv2dIzxzuJ9NcQlxIilrhBfO+ZSftEZxJQl8z
24Ki17liRoIikMGBaAPYvke5oHuLeUQ/BWqXFTBIDnj2O2lGUrdqIy/XDZpeV97M
oOTdJPkVKW2j/F9pHMl9c1T596AWHwEkuNf3nlEgVV2dZQhHFbWm5ukLnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN17HwP+LXhgfr/K++GpMOYLzTmDMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvM1hzZkFfNHRlR0ItdjhyNzRha3c1Z3ZOT1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSWAAwQA
sN++AwQAvPBTMA0GCSqGSIb3DQEBCwUAA4IBAQBP4E7bUpgMO6Bhg2qCEo+PXw/s
YET2YIhN5jNy1K3NgFSMXO7lwVQg2LtkGRz7ZZdnAydUHfw+tam/gDWvm+Z0cX6c
HETWhIQ2DaDZwhBg/SEdm7lxYch8u5SMxTtRzO/rLp/xqfy+DfAnhhvTGM59Tz9V
4fpAtsQYWIoFaAESy5swZ8VhFE/BjvEp379c4TSCzkp+IcB12I0QZsXOi0B5kqZS
g1hlZzvP84LN1vllePRKQ3RgT2Dh61LOWB7l91SpUTawJmXOLP/A84IQFmIyM4Yy
pvQPtX7J/rkngYp8OoHFH1sRUzZ7E+kpNlg7rxEYOl3TLbzRgSjt8A0qSrOy
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:45 2024 by rpki-client on console-fra.rpki-client.org