Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/349HTzOTVAy3MxgAiWR6WRY1cWA.roa
File: 349HTzOTVAy3MxgAiWR6WRY1cWA.roa (raw, json)
Hash identifier: 4Vl2HkxYegnbPRKqTju16mCHQ8jjkvEZcbYrFUFf4Bw=
Subject key identifier: DF:8F:47:4F:33:93:54:0C:B7:33:18:00:89:64:7A:59:16:35:71:60
Certificate issuer: /CN=45cf9dc0c7b7fc4a336e4eee57b1ec1948c8ddf3
Certificate serial: 01856B80F35521DE47A9BFB08109C7F82E78
Authority key identifier: 45:CF:9D:C0:C7:B7:FC:4A:33:6E:4E:EE:57:B1:EC:19:48:C8:DD:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/349HTzOTVAy3MxgAiWR6WRY1cWA.roa
Signing time: Sun 01 Jan 2023 04:04:51 +0000
ROA not before: Sun 01 Jan 2023 04:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199710
IP address blocks: 185.42.236.0/23 maxlen: 23
185.42.236.0/24 maxlen: 24
185.42.239.0/24 maxlen: 24
185.42.238.0/24 maxlen: 24
185.42.238.0/23 maxlen: 23
185.42.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:f3:55:21:de:47:a9:bf:b0:81:09:c7:f8:2e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45cf9dc0c7b7fc4a336e4eee57b1ec1948c8ddf3
Validity
Not Before: Jan 1 04:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df8f474f3393540cb733180089647a5916357160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:68:e5:e6:6c:5d:9d:83:9d:c2:cf:15:c1:49:
7e:f6:7c:a1:2e:25:8b:e8:a0:ed:e3:2e:45:24:fb:
f8:3d:4c:c2:1d:2f:88:86:a8:20:df:18:cc:c7:f7:
61:9a:00:94:a2:15:02:28:c3:16:04:70:05:f1:8b:
fc:a9:33:ce:d1:3a:f6:89:28:f4:c5:12:06:b3:a7:
5a:c2:14:04:fb:29:d5:76:a5:e0:8f:41:05:b7:15:
4d:7b:85:d6:60:5b:d8:14:30:65:81:b1:40:b0:21:
31:e1:a7:5f:85:02:58:68:0f:b4:73:a2:d5:d3:ac:
a9:94:b7:25:2e:5c:94:f4:7a:f0:95:fb:1f:4e:2c:
67:ff:1a:43:82:6e:22:23:8c:8f:ad:ff:32:4f:e0:
9a:31:67:bc:b0:36:9b:78:04:38:43:53:9b:30:e9:
f5:3c:d4:41:68:0f:cb:e5:d7:71:4a:8a:bf:a9:f4:
fb:0c:5a:06:6f:84:8c:d0:6e:c0:6c:e7:03:55:07:
8e:48:1f:f7:25:5f:1a:80:a3:26:e9:d4:86:65:5d:
db:51:aa:40:c8:23:1f:3b:7e:2e:e9:ba:05:66:26:
92:1b:52:93:64:40:46:32:53:35:06:1a:cf:7b:03:
44:de:74:04:13:b9:e4:f7:4b:73:2b:bb:fc:97:2a:
b2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8F:47:4F:33:93:54:0C:B7:33:18:00:89:64:7A:59:16:35:71:60
X509v3 Authority Key Identifier:
keyid:45:CF:9D:C0:C7:B7:FC:4A:33:6E:4E:EE:57:B1:EC:19:48:C8:DD:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/349HTzOTVAy3MxgAiWR6WRY1cWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.236.0/22
Signature Algorithm: sha256WithRSAEncryption
11:51:f1:aa:af:7a:71:3c:1c:1c:fd:aa:89:3e:01:51:c9:46:
db:b9:fd:55:37:9c:60:61:43:85:96:d9:0c:f2:69:1b:19:6e:
c8:1a:31:8a:51:3f:c5:c2:83:35:d4:27:ca:5a:c6:d3:36:e4:
8c:b7:49:2d:4f:80:88:1e:9e:3f:82:ad:d1:23:eb:65:2c:8d:
21:8c:b4:77:9a:2e:a9:e9:05:6d:ea:d6:10:17:23:b9:46:67:
f7:22:90:0e:42:36:8d:fb:0f:d9:39:3c:d3:d5:8c:d5:23:3d:
34:8d:23:4d:a1:cd:c9:b9:e7:7b:4e:92:2c:af:e6:b8:8f:6e:
ec:04:a9:89:99:37:28:85:59:9c:69:f8:f0:db:af:41:54:a4:
79:8e:f6:6e:43:7d:32:ca:b7:6a:bf:25:5f:1a:d0:da:31:30:
a2:89:f9:94:b5:77:05:05:c2:cf:a6:f0:58:c5:3b:9d:e9:dc:
61:30:4b:60:e1:93:99:f5:8b:2c:1d:22:f7:4d:1d:7a:a9:4d:
80:bb:c2:63:43:ba:a2:18:2a:a8:ec:67:65:9b:60:6d:6d:34:
f2:af:ff:64:88:5c:86:a4:29:5e:f3:ff:c2:3e:de:dd:4e:88:
4c:04:3b:60:aa:dc:6e:3a:fc:90:10:29:7f:3e:bf:9e:fb:d7:
36:ea:e0:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgPNVId5Hqb+wgQnH+C54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1Y2Y5ZGMwYzdiN2ZjNGEzMzZlNGVlZTU3YjFlYzE5NDhj
OGRkZjMwHhcNMjMwMTAxMDQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhmNDc0ZjMzOTM1NDBjYjczMzE4MDA4OTY0N2E1OTE2MzU3MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGjl5mxdnYOdws8VwUl+9nyhLiWL
6KDt4y5FJPv4PUzCHS+Ihqgg3xjMx/dhmgCUohUCKMMWBHAF8Yv8qTPO0Tr2iSj0
xRIGs6dawhQE+ynVdqXgj0EFtxVNe4XWYFvYFDBlgbFAsCEx4adfhQJYaA+0c6LV
06yplLclLlyU9HrwlfsfTixn/xpDgm4iI4yPrf8yT+CaMWe8sDabeAQ4Q1ObMOn1
PNRBaA/L5ddxSoq/qfT7DFoGb4SM0G7AbOcDVQeOSB/3JV8agKMm6dSGZV3bUapA
yCMfO34u6boFZiaSG1KTZEBGMlM1BhrPewNE3nQEE7nk90tzK7v8lyqyQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+PR08zk1QMtzMYAIlkelkWNXFgMB8GA1UdIwQY
MBaAFEXPncDHt/xKM25O7lex7BlIyN3zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmMtZHdNZTNfRW96Yms3dVY3SHNHVWpJM2ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy84OTIwZmMtYmJhZS00MTMyLWI3NTIt
ZWU3MmYyYjNhNDczLzEvMzQ5SFR6T1RWQXkzTXhnQWlXUjZXUlkxY1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy84OTIwZmMtYmJhZS00MTMyLWI3NTItZWU3MmYyYjNhNDcz
LzEvUmMtZHdNZTNfRW96Yms3dVY3SHNHVWpJM2ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSrsMA0G
CSqGSIb3DQEBCwUAA4IBAQARUfGqr3pxPBwc/aqJPgFRyUbbuf1VN5xgYUOFltkM
8mkbGW7IGjGKUT/FwoM11CfKWsbTNuSMt0ktT4CIHp4/gq3RI+tlLI0hjLR3mi6p
6QVt6tYQFyO5Rmf3IpAOQjaN+w/ZOTzT1YzVIz00jSNNoc3Jued7TpIsr+a4j27s
BKmJmTcohVmcafjw269BVKR5jvZuQ30yyrdqvyVfGtDaMTCiifmUtXcFBcLPpvBY
xTud6dxhMEtg4ZOZ9YssHSL3TR16qU2Au8JjQ7qiGCqo7Gdlm2BtbTTyr/9kiFyG
pCle8//CPt7dTohMBDtgqtxuOvyQECl/Pr+e+9c26uAU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:04 2024 by rpki-client on console-ams.rpki-client.org