Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/629cb2-2b4d-4748-bb11-c9fe0ba28647/1/36UBhVNXGmX6a-nnuJOlRdXl2PU.roa
File: 36UBhVNXGmX6a-nnuJOlRdXl2PU.roa (raw, json)
Hash identifier: UO6AsJD5C0yQkR3CZSjSwaMWuHD+L6bCj6DIUO6gfGg=
Subject key identifier: DF:A5:01:85:53:57:1A:65:FA:6B:E9:E7:B8:93:A5:45:D5:E5:D8:F5
Certificate issuer: /CN=40fac6a32fe4baa7d89b91ec5165a3d96688e144
Certificate serial: 0185711E6628D0C24A8979D3F35251EDCED1
Authority key identifier: 40:FA:C6:A3:2F:E4:BA:A7:D8:9B:91:EC:51:65:A3:D9:66:88:E1:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPrGoy_kuqfYm5HsUWWj2WaI4UQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/629cb2-2b4d-4748-bb11-c9fe0ba28647/1/36UBhVNXGmX6a-nnuJOlRdXl2PU.roa
Signing time: Mon 02 Jan 2023 06:14:55 +0000
ROA not before: Mon 02 Jan 2023 06:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202223
IP address blocks: 185.49.164.0/22 maxlen: 22
185.49.164.0/24 maxlen: 24
185.49.166.0/24 maxlen: 24
185.49.165.0/24 maxlen: 24
185.49.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:66:28:d0:c2:4a:89:79:d3:f3:52:51:ed:ce:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40fac6a32fe4baa7d89b91ec5165a3d96688e144
Validity
Not Before: Jan 2 06:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfa5018553571a65fa6be9e7b893a545d5e5d8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:99:64:ef:28:d2:1d:ed:1e:f9:f5:2a:c3:30:
a0:26:59:74:5f:bc:53:db:2a:6b:89:7e:ce:99:9f:
12:04:25:55:66:55:b2:88:fc:f4:e2:e9:78:10:ee:
e4:94:29:a0:98:11:aa:40:8a:6f:31:3b:8b:ad:e2:
13:45:a5:08:d2:cd:28:17:7e:35:ff:45:35:3a:75:
a6:a5:dd:6d:e6:65:f8:2c:55:9c:e5:97:a7:7b:75:
1b:4f:8d:c5:14:d0:fa:09:d8:dc:b4:70:e0:3a:66:
d3:2f:90:cf:73:35:34:8b:29:00:8e:43:ab:d2:c2:
47:3c:d5:98:35:ba:4d:5c:a3:76:c2:fc:fd:e4:23:
27:54:fc:d9:53:bb:23:c9:93:68:fa:c9:31:d4:62:
f6:9e:69:45:8a:13:f6:37:62:17:38:c4:d8:f8:bf:
91:35:7c:21:11:73:f5:d8:51:1e:0f:4d:20:96:69:
9c:96:1a:8e:35:ed:ec:f1:18:fb:6e:6c:e9:21:cd:
bf:ee:21:82:8f:29:46:fd:1c:a0:df:18:a5:b4:d7:
41:d1:fc:0e:f4:94:dc:20:93:f4:f9:15:e4:e5:c9:
b0:fc:df:cd:01:25:1e:ee:16:04:37:da:77:7b:b6:
7f:e4:b8:91:12:ba:f7:8e:17:f0:01:56:44:0c:c3:
fe:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A5:01:85:53:57:1A:65:FA:6B:E9:E7:B8:93:A5:45:D5:E5:D8:F5
X509v3 Authority Key Identifier:
keyid:40:FA:C6:A3:2F:E4:BA:A7:D8:9B:91:EC:51:65:A3:D9:66:88:E1:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPrGoy_kuqfYm5HsUWWj2WaI4UQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/629cb2-2b4d-4748-bb11-c9fe0ba28647/1/36UBhVNXGmX6a-nnuJOlRdXl2PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/629cb2-2b4d-4748-bb11-c9fe0ba28647/1/QPrGoy_kuqfYm5HsUWWj2WaI4UQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.164.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:a2:88:c1:ad:fe:0c:9b:37:13:58:54:8b:92:f4:61:71:61:
a2:81:e0:6f:69:64:57:31:69:06:b4:8e:1e:73:30:d0:cc:88:
d3:00:d4:03:5b:dd:70:dd:37:5c:c1:5d:1d:a4:a6:9b:cd:25:
cb:b3:bb:c3:9a:ba:90:fd:a9:18:80:e9:49:49:d3:f2:d8:d1:
36:07:1f:bd:51:ff:ae:d8:f9:c9:82:a3:52:71:15:8a:95:af:
25:1b:cb:19:f7:1b:a2:ff:76:46:75:f1:e2:c6:3e:1a:20:ea:
c0:ae:ca:46:29:7d:ad:be:fc:59:5d:ad:cb:0e:94:9b:d4:6d:
75:7f:ac:c3:cb:df:1f:0b:b9:93:50:72:c4:a7:30:93:cd:47:
96:24:d9:d4:f0:1b:23:b9:a5:50:c1:80:ee:da:c3:63:83:f2:
81:af:53:3e:83:e5:a6:b5:ce:79:59:ec:89:93:cd:b2:20:cd:
1c:4c:5c:7e:cb:3c:8f:27:e6:d2:ba:4f:32:74:54:d5:65:f6:
e0:54:35:6a:e8:61:91:01:70:ce:d2:3e:b2:cb:f5:aa:1f:67:
f6:be:47:8f:84:84:01:3f:35:97:96:06:3e:ac:f2:19:bc:fb:
1c:bf:51:7e:f5:38:69:2f:2c:b2:3c:10:f9:32:55:f3:29:59:
ea:bc:34:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHmYo0MJKiXnT81JR7c7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZmFjNmEzMmZlNGJhYTdkODliOTFlYzUxNjVhM2Q5NjY4
OGUxNDQwHhcNMjMwMTAyMDYxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmE1MDE4NTUzNTcxYTY1ZmE2YmU5ZTdiODkzYTU0NWQ1ZTVkOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5lk7yjSHe0e+fUqwzCgJll0X7xT
2ypriX7OmZ8SBCVVZlWyiPz04ul4EO7klCmgmBGqQIpvMTuLreITRaUI0s0oF341
/0U1OnWmpd1t5mX4LFWc5Zene3UbT43FFND6CdjctHDgOmbTL5DPczU0iykAjkOr
0sJHPNWYNbpNXKN2wvz95CMnVPzZU7sjyZNo+skx1GL2nmlFihP2N2IXOMTY+L+R
NXwhEXP12FEeD00glmmclhqONe3s8Rj7bmzpIc2/7iGCjylG/Ryg3xiltNdB0fwO
9JTcIJP0+RXk5cmw/N/NASUe7hYEN9p3e7Z/5LiRErr3jhfwAVZEDMP+gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+lAYVTVxpl+mvp57iTpUXV5dj1MB8GA1UdIwQY
MBaAFED6xqMv5Lqn2JuR7FFlo9lmiOFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVByR295X2t1cWZZbTVIc1VXV2oyV2FJNFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82MjljYjItMmI0ZC00NzQ4LWJiMTEt
YzlmZTBiYTI4NjQ3LzEvMzZVQmhWTlhHbVg2YS1ubnVKT2xSZFhsMlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82MjljYjItMmI0ZC00NzQ4LWJiMTEtYzlmZTBiYTI4NjQ3
LzEvUVByR295X2t1cWZZbTVIc1VXV2oyV2FJNFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTGkMA0G
CSqGSIb3DQEBCwUAA4IBAQA8oojBrf4MmzcTWFSLkvRhcWGigeBvaWRXMWkGtI4e
czDQzIjTANQDW91w3TdcwV0dpKabzSXLs7vDmrqQ/akYgOlJSdPy2NE2Bx+9Uf+u
2PnJgqNScRWKla8lG8sZ9xui/3ZGdfHixj4aIOrArspGKX2tvvxZXa3LDpSb1G11
f6zDy98fC7mTUHLEpzCTzUeWJNnU8BsjuaVQwYDu2sNjg/KBr1M+g+Wmtc55WeyJ
k82yIM0cTFx+yzyPJ+bSuk8ydFTVZfbgVDVq6GGRAXDO0j6yy/WqH2f2vkePhIQB
PzWXlgY+rPIZvPscv1F+9ThpLyyyPBD5MlXzKVnqvDSt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:00 2024 by rpki-client on console-ams.rpki-client.org