Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-Yrkvi9LrxDJujbv1IgBy5CuE28.roa
File: 1-Yrkvi9LrxDJujbv1IgBy5CuE28.roa (raw, json)
Hash identifier: qltWptUJsfHqeFKEl1jFK8om6Pf+7C6Sn/O4LgRFlx4=
Subject key identifier: F9:8A:E4:BE:2F:4B:AF:10:C9:BA:36:EF:D4:88:01:CB:90:AE:13:6F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0187776555460C128169A855DAB52A81FFAC
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-Yrkvi9LrxDJujbv1IgBy5CuE28.roa
Signing time: Wed 12 Apr 2023 21:35:42 +0000
ROA not before: Wed 12 Apr 2023 21:35:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 185.225.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 16:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:77:65:55:46:0c:12:81:69:a8:55:da:b5:2a:81:ff:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 12 21:35:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f98ae4be2f4baf10c9ba36efd48801cb90ae136f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e5:b0:84:09:a9:dd:ba:94:c9:21:3d:a3:06:
52:f4:4c:34:b6:85:a6:be:24:38:5d:0f:6a:92:90:
73:c2:84:9a:37:e6:cf:30:dd:ee:55:d6:39:d3:09:
2e:87:5c:98:7e:18:09:08:79:65:91:7f:ab:ee:97:
7a:7e:66:b2:67:9c:e2:25:cf:76:4f:62:ad:77:49:
d0:49:d3:d4:ae:4d:6e:54:1f:91:d1:f3:82:d2:3e:
17:3f:7e:36:65:15:ec:e3:85:55:9e:a8:a8:7c:dc:
72:85:3e:6e:cd:71:f0:37:c5:8a:51:73:1b:b5:7b:
0f:cd:56:a9:0c:72:09:6a:f1:3d:2b:84:6e:fd:00:
b8:2c:80:de:0b:15:8e:29:4e:39:e4:45:17:aa:7e:
79:e8:38:5c:71:2e:48:e9:0c:ea:fd:aa:7f:92:fb:
4f:85:1b:ec:0b:5b:84:18:bf:32:21:92:28:d3:b8:
fb:bf:3a:ab:7d:01:b7:f0:3d:c7:39:b7:88:a5:9b:
34:cb:d9:cf:24:d3:df:8f:a1:2c:e3:08:e5:5e:2f:
10:93:4c:ef:a0:74:1c:d4:a5:a6:60:38:8e:90:56:
8d:85:4f:8a:ab:d9:0f:db:55:31:a0:19:fe:0d:e3:
9f:5b:a7:93:6a:81:70:28:c3:0d:1b:72:29:ff:02:
57:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8A:E4:BE:2F:4B:AF:10:C9:BA:36:EF:D4:88:01:CB:90:AE:13:6F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-Yrkvi9LrxDJujbv1IgBy5CuE28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.171.0/24
Signature Algorithm: sha256WithRSAEncryption
76:db:03:4e:9e:25:53:06:bf:80:72:c5:fc:ee:45:d3:df:fa:
e9:3b:77:3a:bd:e3:bf:75:51:66:be:fa:52:b9:ee:27:12:16:
fd:91:76:3c:f5:57:d2:c5:38:96:f5:a7:74:a6:e9:03:a5:e1:
a2:28:79:1f:9c:31:b6:67:0f:dc:73:d6:c1:1f:5d:d0:0b:e3:
59:01:fc:f9:bf:a3:b2:97:e7:06:1b:06:64:8c:06:d6:6c:1c:
77:5f:86:c1:78:5d:b2:94:98:52:f1:5d:2c:38:2b:1f:7b:ab:
10:ff:9e:76:03:3d:47:db:04:89:81:1d:a8:b9:87:c6:2e:13:
c8:68:c0:f4:d3:31:83:cc:3b:bd:41:3b:d8:9f:cc:7c:d0:d3:
ba:c8:9f:77:8d:10:34:c8:05:61:f6:91:ef:e7:6c:19:5c:0d:
4d:ec:cf:f2:be:30:5c:23:78:fe:49:eb:14:f6:97:8f:51:b1:
02:f7:13:84:bd:85:78:8c:52:e3:4e:06:6f:28:f5:b5:a6:34:
7b:4a:06:a3:24:7d:14:fb:55:cf:73:2c:5a:bc:93:0a:25:ed:
3c:43:f6:c8:cb:73:ce:74:a3:e9:37:3b:93:62:04:9a:ec:c4:
6a:e9:6a:85:9d:8f:48:2a:0c:42:e2:1b:4d:71:b5:0c:c7:d3:
56:b8:0d:f5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYd3ZVVGDBKBaahV2rUqgf+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDEyMjEzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThhZTRiZTJmNGJhZjEwYzliYTM2ZWZkNDg4MDFjYjkwYWUxMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeWwhAmp3bqUySE9owZS9Ew0toWm
viQ4XQ9qkpBzwoSaN+bPMN3uVdY50wkuh1yYfhgJCHllkX+r7pd6fmayZ5ziJc92
T2Ktd0nQSdPUrk1uVB+R0fOC0j4XP342ZRXs44VVnqiofNxyhT5uzXHwN8WKUXMb
tXsPzVapDHIJavE9K4Ru/QC4LIDeCxWOKU455EUXqn556DhccS5I6Qzq/ap/kvtP
hRvsC1uEGL8yIZIo07j7vzqrfQG38D3HObeIpZs0y9nPJNPfj6Es4wjlXi8Qk0zv
oHQc1KWmYDiOkFaNhU+Kq9kP21UxoBn+DeOfW6eTaoFwKMMNG3Ip/wJXVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmK5L4vS68Qybo279SIAcuQrhNvMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMS1Zcmt2aTlMcnhESnVqYnYxSWdCeTVDdUUyOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5
Mi8xL05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnhqzAN
BgkqhkiG9w0BAQsFAAOCAQEAdtsDTp4lUwa/gHLF/O5F09/66Tt3Or3jv3VRZr76
UrnuJxIW/ZF2PPVX0sU4lvWndKbpA6Xhoih5H5wxtmcP3HPWwR9d0AvjWQH8+b+j
spfnBhsGZIwG1mwcd1+GwXhdspSYUvFdLDgrH3urEP+edgM9R9sEiYEdqLmHxi4T
yGjA9NMxg8w7vUE72J/MfNDTusifd40QNMgFYfaR7+dsGVwNTezP8r4wXCN4/knr
FPaXj1GxAvcThL2FeIxS404Gbyj1taY0e0oGoyR9FPtVz3MsWryTCiXtPEP2yMtz
znSj6Tc7k2IEmuzEaulqhZ2PSCoMQuIbTXG1DMfTVrgN9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org