Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/3IdW26hdn5L2eynu9ntfI1KpfJY.roa
File: 3IdW26hdn5L2eynu9ntfI1KpfJY.roa (raw, json)
Hash identifier: P5GiIVfbKVEWpWRckQFORmoEpzNUHzjYpyT1y7c1WtY=
Subject key identifier: DC:87:56:DB:A8:5D:9F:92:F6:7B:29:EE:F6:7B:5F:23:52:A9:7C:96
Certificate issuer: /CN=453f8ca684037c5433a4b4406211b31d76e13eab
Certificate serial: 018C8E7B5BD84B61DEDC2F6F52C00263F198
Authority key identifier: 45:3F:8C:A6:84:03:7C:54:33:A4:B4:40:62:11:B3:1D:76:E1:3E:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT-MpoQDfFQzpLRAYhGzHXbhPqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/3IdW26hdn5L2eynu9ntfI1KpfJY.roa
Signing time: Thu 21 Dec 2023 22:24:58 +0000
ROA not before: Thu 21 Dec 2023 22:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56704
IP address blocks: 31.15.112.0/21 maxlen: 21
185.154.117.0/24 maxlen: 24
185.154.116.0/22 maxlen: 24
2a03:eb80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8e:7b:5b:d8:4b:61:de:dc:2f:6f:52:c0:02:63:f1:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f8ca684037c5433a4b4406211b31d76e13eab
Validity
Not Before: Dec 21 22:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc8756dba85d9f92f67b29eef67b5f2352a97c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:39:2c:54:16:5e:c3:65:2b:06:bf:33:1a:04:
8e:5f:1f:5e:ee:ab:c0:f8:b5:f5:4f:c0:8b:6b:00:
1a:69:d4:a5:4f:84:34:9e:08:e8:e6:5d:e0:10:e3:
f0:3b:b8:2f:44:9d:89:7f:6c:11:7b:c3:87:8e:e8:
c5:0e:c3:4b:f9:98:89:f0:0f:09:4d:32:26:4b:07:
96:37:e8:49:c0:24:ca:c4:a6:04:0a:7f:dc:88:ba:
0b:69:c2:a7:78:a1:3e:f6:85:30:97:f3:59:13:ca:
33:a1:07:fc:97:77:df:f6:7a:c5:97:ca:c3:55:fa:
99:f5:55:97:89:15:7b:25:78:3b:50:75:b0:7f:d9:
8b:7e:2c:49:5d:bc:a2:c1:ef:6c:47:35:ed:76:95:
8c:01:0e:7a:a2:ae:5d:12:09:e1:6b:28:60:6a:48:
aa:82:d4:1d:95:04:0f:f8:78:6f:96:57:e5:18:88:
af:96:09:54:d7:dc:59:76:df:c6:47:f9:1c:57:7d:
9d:aa:ed:63:02:83:9c:66:11:ed:a9:e4:f1:9d:68:
c4:e6:33:4a:81:2b:38:21:7d:e5:4f:f3:8a:d0:19:
c0:17:fb:bc:37:77:10:20:00:b4:7d:3c:ab:16:dc:
fd:3d:7d:f6:b0:db:b6:2a:3a:78:ca:89:72:c7:35:
34:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:87:56:DB:A8:5D:9F:92:F6:7B:29:EE:F6:7B:5F:23:52:A9:7C:96
X509v3 Authority Key Identifier:
keyid:45:3F:8C:A6:84:03:7C:54:33:A4:B4:40:62:11:B3:1D:76:E1:3E:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT-MpoQDfFQzpLRAYhGzHXbhPqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/3IdW26hdn5L2eynu9ntfI1KpfJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/RT-MpoQDfFQzpLRAYhGzHXbhPqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.112.0/21
185.154.116.0/22
IPv6:
2a03:eb80::/32
Signature Algorithm: sha256WithRSAEncryption
72:2d:5e:66:2f:85:b4:d4:76:3b:8d:b5:c0:e8:b3:ee:b3:cc:
76:89:6d:bb:6e:4d:54:d9:35:89:d2:09:a3:f3:98:b5:c3:18:
d0:50:82:d2:4c:1f:f5:84:ff:34:e1:fe:a3:88:7c:1c:e5:03:
58:4d:1c:e7:c7:a3:7e:09:5c:63:1d:04:7d:c8:b5:ba:5e:34:
75:d2:86:e5:db:9e:4c:d9:1f:fc:bd:c1:ae:fb:28:cf:91:3d:
b5:88:10:2a:5a:3a:a9:4c:55:b2:8e:79:d3:e4:ec:02:62:c2:
73:b6:45:a6:9b:2b:ce:0e:4d:8c:60:6b:36:df:b1:eb:61:2e:
55:86:9f:d6:8e:d6:b8:85:19:4b:b8:14:86:f0:36:04:b7:de:
12:a8:f0:67:12:00:e7:dc:be:87:93:cf:3b:1e:02:65:36:80:
8f:83:f7:a0:d9:3a:94:23:94:df:7e:05:f2:0f:ec:d5:fe:b1:
a9:1f:9d:c6:e1:21:09:5a:42:bc:7b:72:93:8a:91:b7:57:e6:
e2:c1:28:a8:a4:34:59:96:ef:a5:dc:3d:99:05:01:67:68:d4:
d8:c9:d1:46:43:28:bc:11:a4:86:23:15:14:39:62:de:85:e2:
3d:e4:7a:0b:00:ba:dd:19:25:6e:3a:54:5c:3c:7b:23:75:ee:
97:52:2c:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYyOe1vYS2He3C9vUsACY/GYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1M2Y4Y2E2ODQwMzdjNTQzM2E0YjQ0MDYyMTFiMzFkNzZl
MTNlYWIwHhcNMjMxMjIxMjIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzg3NTZkYmE4NWQ5ZjkyZjY3YjI5ZWVmNjdiNWYyMzUyYTk3Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDksVBZew2UrBr8zGgSOXx9e7qvA
+LX1T8CLawAaadSlT4Q0ngjo5l3gEOPwO7gvRJ2Jf2wRe8OHjujFDsNL+ZiJ8A8J
TTImSweWN+hJwCTKxKYECn/ciLoLacKneKE+9oUwl/NZE8ozoQf8l3ff9nrFl8rD
VfqZ9VWXiRV7JXg7UHWwf9mLfixJXbyiwe9sRzXtdpWMAQ56oq5dEgnhayhgakiq
gtQdlQQP+HhvllflGIivlglU19xZdt/GR/kcV32dqu1jAoOcZhHtqeTxnWjE5jNK
gSs4IX3lT/OK0BnAF/u8N3cQIAC0fTyrFtz9PX32sNu2Kjp4yolyxzU0GQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNyHVtuoXZ+S9nsp7vZ7XyNSqXyWMB8GA1UdIwQY
MBaAFEU/jKaEA3xUM6S0QGIRsx124T6rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlQtTXBvUURmRlF6cExSQVloR3pIWGJoUHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8yZGMyMDgtNjkxMi00YTEyLThkYmIt
ZGJiNjlmMjg0ZjIzLzEvM0lkVzI2aGRuNUwyZXludTludGZJMUtwZkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8yZGMyMDgtNjkxMi00YTEyLThkYmItZGJiNjlmMjg0ZjIz
LzEvUlQtTXBvUURmRlF6cExSQVloR3pIWGJoUHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHw9wAwQC
uZp0MA0EAgACMAcDBQAqA+uAMA0GCSqGSIb3DQEBCwUAA4IBAQByLV5mL4W01HY7
jbXA6LPus8x2iW27bk1U2TWJ0gmj85i1wxjQUILSTB/1hP804f6jiHwc5QNYTRzn
x6N+CVxjHQR9yLW6XjR10obl255M2R/8vcGu+yjPkT21iBAqWjqpTFWyjnnT5OwC
YsJztkWmmyvODk2MYGs237HrYS5Vhp/Wjta4hRlLuBSG8DYEt94SqPBnEgDn3L6H
k887HgJlNoCPg/eg2TqUI5TffgXyD+zV/rGpH53G4SEJWkK8e3KTipG3V+biwSio
pDRZlu+l3D2ZBQFnaNTYydFGQyi8EaSGIxUUOWLeheI95HoLALrdGSVuOlRcPHsj
de6XUizd
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:14:57 2024 by rpki-client on console.sobornost.net