Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-ONgT94miIvZf0W2K3cw0LcbUco.roa
File: 1-ONgT94miIvZf0W2K3cw0LcbUco.roa (raw, json)
Hash identifier: FIppJ3I1A5kks9Zu+ZQ6qL0ZQGTi7dWZ87csnWa8U1s=
Subject key identifier: F8:E3:60:4F:DE:26:88:8B:D9:7F:45:B6:2B:77:30:D0:B7:1B:51:CA
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0189BB0A40C1147890FB1BFD2F74228D263B
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-ONgT94miIvZf0W2K3cw0LcbUco.roa
Signing time: Thu 03 Aug 2023 10:55:58 +0000
ROA not before: Thu 03 Aug 2023 10:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 185.225.171.0/24 maxlen: 24
79.98.246.0/23 maxlen: 23
185.250.25.0/24 maxlen: 24
79.98.244.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 26 Aug 2023 00:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:0a:40:c1:14:78:90:fb:1b:fd:2f:74:22:8d:26:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 3 10:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8e3604fde26888bd97f45b62b7730d0b71b51ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:db:01:88:a7:4d:d6:d9:46:3d:4f:a3:0d:fc:
65:80:17:3b:d7:5e:03:24:90:3d:ed:5e:ed:7a:86:
7d:79:76:1f:da:ac:f3:fe:5d:34:17:bf:5b:47:c8:
7c:0e:61:cf:c7:82:31:59:a5:00:22:14:8e:60:67:
d7:a1:98:38:4f:d3:28:17:9e:05:c3:79:9c:63:6b:
a8:0e:63:cb:e0:05:df:c8:ae:11:e5:29:82:0b:81:
9f:32:c2:ff:8a:4c:2c:96:52:33:ae:ee:bb:6b:03:
f9:64:36:5e:13:b1:fe:f5:03:78:d3:6a:eb:3f:fd:
53:47:ac:6f:b6:ec:af:08:b3:74:44:65:ee:50:ad:
05:44:c0:d0:26:19:58:a7:83:6f:d6:8c:f3:8e:9e:
78:92:7e:17:20:b2:4a:96:03:62:a1:75:70:1c:16:
14:32:f3:4e:d5:bf:7d:de:00:aa:ff:3c:f9:4c:bc:
2d:e2:4e:f5:b8:4f:43:19:f8:d0:5d:ea:d5:e3:d4:
f1:27:0c:03:ea:f1:da:4b:65:a0:08:ac:11:74:b4:
00:ce:d7:40:20:6a:c4:b7:e6:3a:cd:3d:3a:97:f6:
e5:4e:57:85:f5:0a:b2:b1:1a:e5:d9:37:8c:92:ad:
48:1a:51:25:1d:49:ea:28:94:be:2e:b9:4b:82:1e:
d0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E3:60:4F:DE:26:88:8B:D9:7F:45:B6:2B:77:30:D0:B7:1B:51:CA
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-ONgT94miIvZf0W2K3cw0LcbUco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/22
185.225.171.0/24
185.250.25.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:56:0c:6a:7f:0d:27:17:80:c6:3e:a1:2c:ac:27:f6:92:b9:
9d:ac:18:84:01:b5:77:4d:d3:fd:91:4a:51:bb:b1:6f:78:ff:
40:c9:bf:b6:a9:4c:0b:22:5f:50:69:2a:98:2c:13:fa:4d:da:
23:69:2e:a7:55:8d:a4:07:87:1f:79:ff:55:d0:7f:4d:59:20:
86:26:0a:d1:ca:d9:0e:5b:a2:e7:fd:d9:92:61:dd:a1:bd:0d:
ad:e8:27:e9:07:28:83:85:5f:66:38:90:57:8c:d7:6f:30:77:
31:e9:3e:73:c1:e0:80:bb:35:c6:ac:77:a6:6b:b3:c3:32:7c:
a0:b6:3f:ec:b4:9e:57:d1:f5:0d:30:13:2b:ba:a5:ad:e2:b5:
84:84:13:54:49:80:3c:a4:6c:ca:37:0a:c2:e5:b9:36:39:fc:
13:78:ca:83:55:e8:5b:1e:ca:31:e4:17:53:20:2e:0e:02:99:
83:73:40:41:ce:4d:3f:aa:6f:b4:21:9a:36:50:21:c2:69:15:
df:4a:91:ef:3e:15:a6:30:4c:d3:80:69:b7:b4:7e:87:49:03:
52:ee:4c:a5:84:e3:3e:e9:ae:bb:2b:21:35:f3:9c:76:8a:2a:
9c:eb:f1:b0:3f:78:3d:ca:f0:b5:58:cd:03:3b:e2:b3:8d:fb:
8e:cd:1a:d9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYm7CkDBFHiQ+xv9L3QijSY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODAzMTA1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUzNjA0ZmRlMjY4ODhiZDk3ZjQ1YjYyYjc3MzBkMGI3MWI1MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19sBiKdN1tlGPU+jDfxlgBc7114D
JJA97V7teoZ9eXYf2qzz/l00F79bR8h8DmHPx4IxWaUAIhSOYGfXoZg4T9MoF54F
w3mcY2uoDmPL4AXfyK4R5SmCC4GfMsL/ikwsllIzru67awP5ZDZeE7H+9QN402rr
P/1TR6xvtuyvCLN0RGXuUK0FRMDQJhlYp4Nv1ozzjp54kn4XILJKlgNioXVwHBYU
MvNO1b993gCq/zz5TLwt4k71uE9DGfjQXerV49TxJwwD6vHaS2WgCKwRdLQAztdA
IGrEt+Y6zT06l/blTleF9QqysRrl2TeMkq1IGlElHUnqKJS+LrlLgh7QRwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPjjYE/eJoiL2X9Ftit3MNC3G1HKMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMS1PTmdUOTRtaUl2WmYwVzJLM2N3MExjYlVjby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5
Mi8xL05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAk9i9AME
ALnhqwMEALn6GTANBgkqhkiG9w0BAQsFAAOCAQEAK1YMan8NJxeAxj6hLKwn9pK5
nawYhAG1d03T/ZFKUbuxb3j/QMm/tqlMCyJfUGkqmCwT+k3aI2kup1WNpAeHH3n/
VdB/TVkghiYK0crZDlui5/3ZkmHdob0Nregn6Qcog4VfZjiQV4zXbzB3Mek+c8Hg
gLs1xqx3pmuzwzJ8oLY/7LSeV9H1DTATK7qlreK1hIQTVEmAPKRsyjcKwuW5Njn8
E3jKg1XoWx7KMeQXUyAuDgKZg3NAQc5NP6pvtCGaNlAhwmkV30qR7z4VpjBM04Bp
t7R+h0kDUu5MpYTjPumuuyshNfOcdooqnOvxsD94PcrwtVjNAzvis437js0a2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org