Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/3r3JQgydKWU0frZG658iV_Ya0T4.roa
File: 3r3JQgydKWU0frZG658iV_Ya0T4.roa (raw, json)
Hash identifier: MzIZcJjIg23sOHVCbp0O5Rs0DfM2HR+J/kXnRWIqaW0=
Subject key identifier: DE:BD:C9:42:0C:9D:29:65:34:7E:B6:46:EB:9F:22:57:F6:1A:D1:3E
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 018DDB4CED8EA6161E5EA1E8E754CDC1A9FF
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/3r3JQgydKWU0frZG658iV_Ya0T4.roa
Signing time: Sat 24 Feb 2024 13:27:48 +0000
ROA not before: Sat 24 Feb 2024 13:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 24
5.180.112.0/24 maxlen: 24
5.180.113.0/24 maxlen: 24
185.194.208.0/22 maxlen: 22
2a10:7040::/29 maxlen: 29
2a10:7041::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 24 Feb 2024 13:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:4c:ed:8e:a6:16:1e:5e:a1:e8:e7:54:cd:c1:a9:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Feb 24 13:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=debdc9420c9d2965347eb646eb9f2257f61ad13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d9:e9:5c:ab:18:f3:70:af:e7:2a:6a:af:31:
c7:24:b4:83:04:f8:e8:52:89:9d:4f:1c:86:eb:90:
c6:4c:4e:44:56:34:9f:69:6f:92:8d:db:e8:72:62:
48:11:50:a3:86:aa:80:26:2d:c7:b1:d9:13:68:ba:
5a:c7:cd:16:d4:c9:12:1c:f6:77:b7:95:e0:d3:88:
87:87:78:d8:8e:f4:e1:ba:88:12:fc:18:22:b9:ee:
0f:19:38:ee:7f:ca:4f:f4:f2:1f:70:35:2a:a2:8d:
f3:04:aa:02:1f:84:42:e1:25:d6:17:62:63:97:6e:
43:69:17:14:4a:fe:0d:1d:ab:56:1d:9a:6a:cb:12:
39:98:e9:0c:3f:83:f6:8e:ff:88:d1:b5:dc:4c:ee:
73:3c:c5:ec:62:46:1a:56:ca:7d:c5:7d:e0:12:f6:
e8:ef:17:3c:12:fe:79:f5:68:ae:8e:93:2b:bf:0a:
dd:38:98:5d:ee:37:87:f9:33:9f:ac:59:f1:02:1d:
69:ee:06:fc:2f:e9:3a:10:47:f4:97:64:e4:a5:47:
f5:6a:16:43:c4:44:a4:cd:65:ca:a4:1c:ee:75:aa:
5b:a4:1b:1d:b9:7f:ed:33:a2:29:14:9f:80:96:a8:
47:9b:e9:46:64:1f:34:2f:12:0a:28:a1:66:38:3c:
1f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BD:C9:42:0C:9D:29:65:34:7E:B6:46:EB:9F:22:57:F6:1A:D1:3E
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/3r3JQgydKWU0frZG658iV_Ya0T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
5c:89:52:46:f9:72:ab:94:df:a3:48:06:4e:a6:e3:83:34:5d:
22:3e:14:bc:11:2c:72:d5:ac:2a:fe:b0:4a:c2:03:95:44:44:
89:94:ab:5d:df:54:a2:c8:f7:61:26:e0:29:5d:9c:bc:1b:8a:
cc:d2:0b:73:52:9a:ad:63:d8:19:8d:47:3c:79:33:b6:56:bb:
4b:24:41:4a:5f:23:4f:63:8a:05:be:96:49:50:6b:c3:bd:1d:
01:8c:c4:32:11:b5:19:15:f7:db:46:69:95:4f:0f:8b:bb:27:
58:da:fd:ea:08:e8:57:63:30:e1:a3:a7:e5:95:40:bf:67:08:
db:c0:7e:82:d1:64:15:2d:7c:ed:a4:18:37:42:0d:2e:b4:ef:
ce:cc:09:83:87:42:f4:d9:a0:a8:2e:ae:00:ed:23:e3:94:e6:
2d:d8:fd:27:7b:56:23:15:6e:50:84:d4:9f:21:2b:39:b7:38:
94:f8:b3:b3:82:b1:27:cd:c0:60:84:5f:04:0b:3c:e7:1e:51:
0e:6b:23:e3:7d:39:81:5a:23:40:40:07:b4:87:b1:3b:cf:6d:
48:e7:6e:75:5e:5d:9d:65:5c:74:b1:42:46:40:64:1a:70:75:
ae:18:2d:e2:4b:8d:51:80:04:6e:d8:6c:26:6e:24:7b:2f:fb:
df:66:2b:14
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY3bTO2OphYeXqHo51TNwan/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjQwMjI0MTMyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWJkYzk0MjBjOWQyOTY1MzQ3ZWI2NDZlYjlmMjI1N2Y2MWFkMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9npXKsY83Cv5ypqrzHHJLSDBPjo
UomdTxyG65DGTE5EVjSfaW+SjdvocmJIEVCjhqqAJi3HsdkTaLpax80W1MkSHPZ3
t5Xg04iHh3jYjvThuogS/Bgiue4PGTjuf8pP9PIfcDUqoo3zBKoCH4RC4SXWF2Jj
l25DaRcUSv4NHatWHZpqyxI5mOkMP4P2jv+I0bXcTO5zPMXsYkYaVsp9xX3gEvbo
7xc8Ev559WiujpMrvwrdOJhd7jeH+TOfrFnxAh1p7gb8L+k6EEf0l2TkpUf1ahZD
xESkzWXKpBzudapbpBsduX/tM6IpFJ+AlqhHm+lGZB80LxIKKKFmODwfOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN69yUIMnSllNH62RuufIlf2GtE+MB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvM3IzSlFneWRLV1UwZnJaRzY1OGlWX1lhMFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABYVyAwQB
BbRwAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQBciVJG
+XKrlN+jSAZOpuODNF0iPhS8ESxy1awq/rBKwgOVRESJlKtd31SiyPdhJuApXZy8
G4rM0gtzUpqtY9gZjUc8eTO2VrtLJEFKXyNPY4oFvpZJUGvDvR0BjMQyEbUZFffb
RmmVTw+LuydY2v3qCOhXYzDho6fllUC/ZwjbwH6C0WQVLXztpBg3Qg0utO/OzAmD
h0L02aCoLq4A7SPjlOYt2P0ne1YjFW5QhNSfISs5tziU+LOzgrEnzcBghF8ECzzn
HlEOayPjfTmBWiNAQAe0h7E7z21I5251Xl2dZVx0sUJGQGQacHWuGC3iS41RgARu
2GwmbiR7L/vfZisU
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:14:15 2025 by rpki-client