Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-WHvAlRtaA5tVECpU7bD9rOLeyE.roa
File: 1-WHvAlRtaA5tVECpU7bD9rOLeyE.roa (raw, json)
Hash identifier: /9XpGDjO+CdQ9yLX6AcsUvsQ76HLCSW1fMvUbkiAQmo=
Subject key identifier: F9:61:EF:02:54:6D:68:0E:6D:54:40:A9:53:B6:C3:F6:B3:8B:7B:21
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01933EAA53FDB976D219FBE594000D445218
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-WHvAlRtaA5tVECpU7bD9rOLeyE.roa
Signing time: Mon 18 Nov 2024 09:46:10 +0000
ROA not before: Mon 18 Nov 2024 09:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 10:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:aa:53:fd:b9:76:d2:19:fb:e5:94:00:0d:44:52:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 18 09:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f961ef02546d680e6d5440a953b6c3f6b38b7b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a8:c5:64:77:dd:38:ae:58:ad:2f:61:28:d4:
fe:57:a1:1a:f0:c3:91:6b:55:72:6a:83:35:76:39:
b3:ed:95:f7:b8:1f:7a:8d:ad:ea:9b:b3:a6:fa:51:
3f:4e:1c:5a:73:1a:c7:4f:6b:c9:d2:06:4c:f7:d1:
ee:12:ad:7b:9d:30:aa:be:39:41:d3:bd:80:8a:4f:
01:d5:52:af:a1:41:1b:56:04:23:08:b8:8e:88:57:
ef:86:84:a2:ab:9e:83:6f:d5:26:40:ab:d5:0c:c6:
df:e5:03:d9:08:04:9d:b4:a5:e8:c4:69:ad:f4:6a:
de:f4:35:a0:d6:09:88:25:34:f1:fb:7b:4f:5c:2c:
0f:99:03:39:e7:ec:2d:86:c5:38:c8:a1:16:3d:c7:
41:16:cc:cb:95:b9:d6:4f:25:bb:e6:a0:7c:97:99:
1a:75:f7:8a:8e:6a:e8:e2:f7:0d:53:2e:ad:30:e5:
55:1b:30:c8:c3:5b:44:14:1d:9e:42:af:14:b3:bc:
8a:2b:08:66:1a:8a:ae:5e:1d:f3:20:38:be:dc:da:
17:43:11:ef:44:37:0e:b0:77:e2:69:c6:94:16:a6:
33:11:33:06:74:10:a6:43:76:9f:8d:2a:1e:b4:29:
31:53:ef:ac:4c:5f:a8:c3:65:8b:f6:4c:2c:f6:10:
b8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:61:EF:02:54:6D:68:0E:6D:54:40:A9:53:B6:C3:F6:B3:8B:7B:21
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-WHvAlRtaA5tVECpU7bD9rOLeyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
185.221.26.0/24
185.226.181.0/24
185.250.27.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:11:c2:ed:22:f1:c0:68:a7:ad:aa:45:4c:d8:81:a3:5e:e5:
31:ff:06:a6:61:b0:12:4f:27:5e:3e:83:ac:be:cd:32:d7:9e:
6c:f2:20:0d:45:88:49:70:7d:ad:43:5e:67:93:a4:b2:2e:13:
5a:70:97:a2:b3:70:e1:8f:ba:a7:7e:6f:f3:6f:ea:e5:53:5d:
0d:ed:61:80:2c:90:60:48:13:2d:ea:ab:90:6e:71:ac:c5:4f:
8d:9f:21:36:11:5c:2c:f8:57:62:24:5d:2f:f8:c2:82:a7:63:
f7:b2:4a:42:6a:4d:56:0d:a6:89:80:99:ab:f5:1a:21:45:ee:
e6:b8:9d:79:75:7f:f5:9c:c0:86:9a:46:a1:2e:89:de:51:59:
41:69:70:44:39:26:21:58:10:bb:55:9b:86:05:59:68:03:6a:
93:4d:4e:c4:1d:f8:29:0e:08:f7:34:a1:9e:16:87:d8:19:74:
62:92:7b:70:cc:c2:29:b3:ee:1e:7e:8b:3a:21:10:9f:07:55:
db:ac:c5:8c:dc:9d:67:bf:84:ed:db:18:02:69:8d:1c:31:af:
32:43:0e:f2:10:c5:fb:73:a5:ed:a1:04:83:75:c0:f1:68:1a:
ae:f4:48:81:2a:8f:4d:95:b8:17:39:8c:a9:e4:9c:c6:44:5f:
45:a9:cd:11
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZM+qlP9uXbSGfvllAANRFIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMTE4MDk0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTYxZWYwMjU0NmQ2ODBlNmQ1NDQwYTk1M2I2YzNmNmIzOGI3YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKjFZHfdOK5YrS9hKNT+V6Ea8MOR
a1VyaoM1djmz7ZX3uB96ja3qm7Om+lE/ThxacxrHT2vJ0gZM99HuEq17nTCqvjlB
072Aik8B1VKvoUEbVgQjCLiOiFfvhoSiq56Db9UmQKvVDMbf5QPZCASdtKXoxGmt
9Gre9DWg1gmIJTTx+3tPXCwPmQM55+wthsU4yKEWPcdBFszLlbnWTyW75qB8l5ka
dfeKjmro4vcNUy6tMOVVGzDIw1tEFB2eQq8Us7yKKwhmGoquXh3zIDi+3NoXQxHv
RDcOsHfiacaUFqYzETMGdBCmQ3afjSoetCkxU++sTF+ow2WL9kws9hC46wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPlh7wJUbWgObVRAqVO2w/azi3shMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMS1XSHZBbFJ0YUE1dFZFQ3BVN2JEOXJPTGV5RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5
Mi8xL05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEALnH1QME
ALndGgMEALnitQMEALn6GzANBgkqhkiG9w0BAQsFAAOCAQEAOhHC7SLxwGinrapF
TNiBo17lMf8GpmGwEk8nXj6DrL7NMteebPIgDUWISXB9rUNeZ5Oksi4TWnCXorNw
4Y+6p35v82/q5VNdDe1hgCyQYEgTLeqrkG5xrMVPjZ8hNhFcLPhXYiRdL/jCgqdj
97JKQmpNVg2miYCZq/UaIUXu5rideXV/9ZzAhppGoS6J3lFZQWlwRDkmIVgQu1Wb
hgVZaANqk01OxB34KQ4I9zShnhaH2Bl0YpJ7cMzCKbPuHn6LOiEQnwdV26zFjNyd
Z7+E7dsYAmmNHDGvMkMO8hDF+3Ol7aEEg3XA8WgarvRIgSqPTZW4FzmMqeScxkRf
RanNEQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:24 2025 by rpki-client