Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-qmWZPd5o8jZe8A1FnwVXxZzmOc.roa
File: 1-qmWZPd5o8jZe8A1FnwVXxZzmOc.roa (raw, json)
Hash identifier: UjnBiPXkko+GpaUQVIOJIQSQkpdXFVG4Okp6aW9AxAY=
Subject key identifier: FA:A9:96:64:F7:79:A3:C8:D9:7B:C0:35:16:7C:15:5F:16:73:98:E7
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01893F62DF07F1E6F7995B44EDA90327AF25
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-qmWZPd5o8jZe8A1FnwVXxZzmOc.roa
Signing time: Mon 10 Jul 2023 10:39:51 +0000
ROA not before: Mon 10 Jul 2023 10:39:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 185.199.214.0/23 maxlen: 24
185.221.26.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3f:62:df:07:f1:e6:f7:99:5b:44:ed:a9:03:27:af:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 10 10:39:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faa99664f779a3c8d97bc035167c155f167398e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c5:6f:42:08:f6:ab:05:09:76:cd:49:d9:ef:
e6:4c:c1:e9:3d:ad:73:82:90:ec:23:79:21:fb:0d:
b9:1f:0b:96:75:f1:b0:67:73:d8:a7:84:ba:ac:5f:
f3:e0:55:1e:a6:aa:a5:c0:b8:38:9d:17:40:c1:d3:
19:18:d8:2a:28:60:f3:4e:37:61:58:24:8f:5e:e7:
3d:5f:80:97:5a:0e:84:04:76:16:17:04:49:53:86:
7b:16:fd:fb:90:a5:59:60:fd:4f:ea:08:a3:51:48:
4e:27:9e:6d:b1:fd:58:2a:f5:dd:ae:b6:07:52:88:
98:4f:39:55:4b:e3:0a:c2:d0:b7:e5:10:5c:a4:bb:
2e:99:fd:92:9e:10:b7:09:3b:35:06:ec:10:5e:f7:
00:ae:8b:9f:81:39:de:21:f5:b4:57:1f:d7:5f:4b:
4c:de:3d:a7:30:4f:73:88:61:f2:24:ce:86:52:f5:
9a:b0:d0:04:62:c7:7f:b4:3b:e7:26:cc:69:64:4f:
94:03:85:d3:4f:00:7b:5f:63:eb:58:93:12:ba:cb:
d2:96:41:8e:22:ca:51:9f:8d:c7:91:aa:1b:f2:84:
c9:6d:26:dc:11:ae:12:ab:1e:c8:f8:20:2e:7e:1c:
fc:2e:3a:35:f8:22:d3:4c:61:37:46:ee:2a:fc:ff:
8d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A9:96:64:F7:79:A3:C8:D9:7B:C0:35:16:7C:15:5F:16:73:98:E7
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-qmWZPd5o8jZe8A1FnwVXxZzmOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.214.0/23
185.221.26.0/23
Signature Algorithm: sha256WithRSAEncryption
cb:c3:8e:04:df:40:46:a5:23:e0:76:11:32:7a:aa:e5:46:96:
af:90:12:f4:37:b3:a3:d0:af:86:17:de:08:fe:59:f8:a6:2b:
04:01:cc:4c:dd:b9:78:61:29:35:2d:21:c2:c5:a0:93:ff:92:
84:ee:24:ef:ec:05:59:ff:2e:d6:51:7e:bd:2a:ef:6c:8a:0a:
3e:8f:8a:25:16:d4:43:29:ab:5f:56:53:44:14:00:80:0c:3e:
66:d1:7c:8f:35:18:e6:3f:7a:d3:f6:63:1a:e0:1a:a3:38:ed:
63:39:85:5f:ec:ea:3a:a6:b3:75:2b:92:f1:13:46:fa:25:78:
39:03:a7:3c:b7:f3:ca:27:3f:a7:eb:77:d6:1f:1d:eb:2c:5c:
9c:18:9a:82:ba:8a:c4:de:e9:d2:98:cc:3f:4e:4a:2c:0a:68:
8c:3d:07:8e:49:d4:48:78:4f:5e:50:29:df:3e:09:b3:eb:37:
ed:f8:fa:ce:bb:b6:98:38:b4:3a:1b:76:d9:50:c3:2e:aa:a9:
c0:06:61:e2:a8:5d:4d:2d:83:c0:8c:14:00:6c:d0:98:01:a3:
c7:bc:d5:72:be:10:ad:fc:3a:42:24:68:d0:5b:fe:00:c8:e4:
3e:7e:ec:e8:68:65:28:41:91:b3:d9:9a:41:6a:75:c3:c8:80:
3f:ca:65:4a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYk/Yt8H8eb3mVtE7akDJ68lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNzEwMTAzOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE5OTY2NGY3NzlhM2M4ZDk3YmMwMzUxNjdjMTU1ZjE2NzM5OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsVvQgj2qwUJds1J2e/mTMHpPa1z
gpDsI3kh+w25HwuWdfGwZ3PYp4S6rF/z4FUepqqlwLg4nRdAwdMZGNgqKGDzTjdh
WCSPXuc9X4CXWg6EBHYWFwRJU4Z7Fv37kKVZYP1P6gijUUhOJ55tsf1YKvXdrrYH
UoiYTzlVS+MKwtC35RBcpLsumf2SnhC3CTs1BuwQXvcAroufgTneIfW0Vx/XX0tM
3j2nME9ziGHyJM6GUvWasNAEYsd/tDvnJsxpZE+UA4XTTwB7X2PrWJMSusvSlkGO
IspRn43Hkaob8oTJbSbcEa4Sqx7I+CAufhz8Ljo1+CLTTGE3Ru4q/P+NAQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqplmT3eaPI2XvANRZ8FV8Wc5jnMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMS1xbVdaUGQ1bzhqWmU4QTFGbndWWHhaem1PYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5
Mi8xL05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAbnH1gME
AbndGjANBgkqhkiG9w0BAQsFAAOCAQEAy8OOBN9ARqUj4HYRMnqq5UaWr5AS9Dez
o9CvhhfeCP5Z+KYrBAHMTN25eGEpNS0hwsWgk/+ShO4k7+wFWf8u1lF+vSrvbIoK
Po+KJRbUQymrX1ZTRBQAgAw+ZtF8jzUY5j960/ZjGuAaozjtYzmFX+zqOqazdSuS
8RNG+iV4OQOnPLfzyic/p+t31h8d6yxcnBiagrqKxN7p0pjMP05KLApojD0HjknU
SHhPXlAp3z4Js+s37fj6zru2mDi0Oht22VDDLqqpwAZh4qhdTS2DwIwUAGzQmAGj
x7zVcr4Qrfw6QiRo0Fv+AMjkPn7s6GhlKEGRs9maQWp1w8iAP8plSg==
-----END CERTIFICATE-----
Generated at Thu Aug 10 11:51:24 2023 by rpki-client on console-ams.rpki-client.org