Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/1-DAAol40_gcmJumldvRyG5BxOSU.roa
File: 1-DAAol40_gcmJumldvRyG5BxOSU.roa (raw, json)
Hash identifier: AF+vZei7BVI5F7928oC/5wqI7yXmbE6TSzLwQNJLQSo=
Subject key identifier: F8:30:00:A2:5E:34:FE:07:26:26:E9:A5:76:F4:72:1B:90:71:39:25
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 01879EAF4E5CDD39FAEE97AE8F76A372602A
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/1-DAAol40_gcmJumldvRyG5BxOSU.roa
Signing time: Thu 20 Apr 2023 12:41:41 +0000
ROA not before: Thu 20 Apr 2023 12:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52125
IP address blocks: 185.236.23.0/24 maxlen: 24
185.236.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 06:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:af:4e:5c:dd:39:fa:ee:97:ae:8f:76:a3:72:60:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Apr 20 12:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f83000a25e34fe072626e9a576f4721b90713925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:03:1c:ce:8b:63:1c:30:a1:67:eb:e0:d6:6f:
53:0e:01:c4:70:d8:b8:ba:b7:6d:ef:5f:85:01:6d:
c9:3e:b4:78:22:15:ab:40:66:a7:51:b6:20:fb:d6:
b2:64:7b:a7:e4:a3:84:22:a7:f7:2b:47:1d:db:44:
cb:a3:e7:1a:b2:54:d3:94:68:e6:c7:b0:91:d8:bd:
a1:bb:68:41:85:35:16:03:56:b8:09:72:1b:7f:3b:
f6:5e:aa:71:f4:3e:bb:ee:1f:ad:d7:84:74:fd:1d:
46:93:d5:9b:e4:b7:6c:ce:db:e9:c3:4c:69:b5:d6:
02:67:9f:aa:47:86:ac:eb:97:25:79:54:e0:45:90:
ab:8b:44:65:8c:4c:d4:33:59:70:f7:ce:3c:37:40:
f9:0e:e4:1f:32:0a:c3:15:f8:c8:1b:7a:08:b9:f9:
a5:8d:b2:38:a9:24:3f:8d:f6:15:28:7a:6d:79:94:
3e:e4:4c:b9:15:c4:04:55:1e:1c:06:1c:27:cd:72:
b7:0b:7d:d7:2f:e3:89:e1:be:6c:49:75:93:2b:00:
b7:9e:92:c0:c9:fb:a1:b8:88:ac:b5:2c:fd:02:6a:
c9:b7:f6:f5:ee:bf:49:60:8f:9c:c3:92:95:ba:55:
cd:98:3a:0b:1a:66:3f:64:f2:36:d0:fe:1b:65:1e:
f5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:30:00:A2:5E:34:FE:07:26:26:E9:A5:76:F4:72:1B:90:71:39:25
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/1-DAAol40_gcmJumldvRyG5BxOSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.22.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:d8:53:40:be:be:5d:f1:4e:96:da:b7:c7:63:ec:1b:cb:ed:
5d:0f:02:e7:0f:b9:f9:78:1a:e7:46:36:6a:9b:88:95:c9:32:
7a:45:f4:35:d4:5d:41:db:87:d2:57:b0:2a:b4:22:03:b4:bb:
5a:e2:ec:37:f1:ef:81:c4:79:f2:ac:5f:b0:7f:d8:c0:f5:50:
7a:a8:7e:f3:21:ce:8e:a5:82:69:2a:0e:82:77:f2:c1:b3:29:
2d:d2:f6:ae:b7:ba:80:87:02:74:44:e5:45:10:3e:38:9d:08:
5e:35:b5:05:b3:b3:43:a0:5a:84:0c:24:03:8c:31:a0:4f:b2:
80:d7:24:24:3f:2b:38:31:c1:2e:04:e7:f0:d7:0f:3c:af:65:
9e:a1:19:64:8f:8b:13:b6:89:aa:40:fb:81:9a:59:1a:e7:54:
ca:4f:30:20:86:ef:1c:e7:57:49:d5:21:4e:18:95:9b:db:c2:
3e:e5:ec:af:f3:9a:2f:fa:9f:38:db:f9:af:16:a9:43:ab:8d:
cd:34:57:95:e1:9e:12:4a:76:d5:24:c0:c5:0c:d1:e7:23:dc:
c5:81:a8:7b:f1:37:1f:21:49:cd:3d:5e:88:d6:e1:69:6d:10:
0b:e6:17:7b:9d:c6:73:2c:ef:ea:96:08:ce:bb:1c:98:a5:3d:
f9:36:87:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYeer05c3Tn67peuj3ajcmAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjMwNDIwMTI0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODMwMDBhMjVlMzRmZTA3MjYyNmU5YTU3NmY0NzIxYjkwNzEzOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgMczotjHDChZ+vg1m9TDgHEcNi4
urdt71+FAW3JPrR4IhWrQGanUbYg+9ayZHun5KOEIqf3K0cd20TLo+caslTTlGjm
x7CR2L2hu2hBhTUWA1a4CXIbfzv2Xqpx9D677h+t14R0/R1Gk9Wb5Ldsztvpw0xp
tdYCZ5+qR4as65cleVTgRZCri0RljEzUM1lw9848N0D5DuQfMgrDFfjIG3oIufml
jbI4qSQ/jfYVKHpteZQ+5Ey5FcQEVR4cBhwnzXK3C33XL+OJ4b5sSXWTKwC3npLA
yfuhuIistSz9AmrJt/b17r9JYI+cw5KVulXNmDoLGmY/ZPI20P4bZR71gwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgwAKJeNP4HJibppXb0chuQcTklMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvMS1EQUFvbDQwX2djbUp1bWxkdlJ5RzVCeE9TVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvMzI3NzlkLTM2NTYtNDRjMC04YWI1LTk4MWZiYjM0NDJk
ZC8xLzdQZktuX3ItY3FNSlp2ZmtQWksxam5kTTUwRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnsFjAN
BgkqhkiG9w0BAQsFAAOCAQEAO9hTQL6+XfFOltq3x2PsG8vtXQ8C5w+5+Xga50Y2
apuIlckyekX0NdRdQduH0lewKrQiA7S7WuLsN/HvgcR58qxfsH/YwPVQeqh+8yHO
jqWCaSoOgnfywbMpLdL2rre6gIcCdETlRRA+OJ0IXjW1BbOzQ6BahAwkA4wxoE+y
gNckJD8rODHBLgTn8NcPPK9lnqEZZI+LE7aJqkD7gZpZGudUyk8wIIbvHOdXSdUh
ThiVm9vCPuXsr/OaL/qfONv5rxapQ6uNzTRXleGeEkp21STAxQzR5yPcxYGoe/E3
HyFJzT1eiNbhaW0QC+YXe53Gcyzv6pYIzrscmKU9+TaHlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:18 2024 by rpki-client on console-ams.rpki-client.org