Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1umzFiFwlQszamoTXng6HC8NFFs.roa
File: 1umzFiFwlQszamoTXng6HC8NFFs.roa (raw, json)
Hash identifier: 1c178jOBfqgOSdEwIbZJEjbkbvOtRwrV5vQYvwp0M9k=
Subject key identifier: D6:E9:B3:16:21:70:95:0B:33:6A:6A:13:5E:78:3A:1C:2F:0D:14:5B
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0187F7797709F5DB979C1A96C7CD73BC41F3
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1umzFiFwlQszamoTXng6HC8NFFs.roa
Signing time: Sun 07 May 2023 18:29:05 +0000
ROA not before: Sun 07 May 2023 18:29:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.146.92.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 06:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f7:79:77:09:f5:db:97:9c:1a:96:c7:cd:73:bc:41:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 7 18:29:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6e9b3162170950b336a6a135e783a1c2f0d145b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:bd:28:40:ac:fc:65:c9:86:25:c4:17:7d:
4c:b3:f8:e8:38:e5:c6:ac:c1:34:5b:95:c8:4e:e5:
c0:e0:cb:c4:f2:56:c8:03:4c:de:93:34:69:5c:c9:
e0:35:ea:b9:3e:de:88:4e:3d:b8:49:6c:ef:22:7d:
dc:38:a1:26:2f:18:74:ca:8b:63:f5:ec:34:10:24:
98:e7:52:92:4a:d5:58:62:22:9e:04:31:b4:87:a4:
ac:e8:72:d8:75:6e:8e:84:bf:68:88:30:1f:a5:17:
1b:ad:8b:17:67:cf:a5:f3:60:51:ff:7c:1d:86:68:
88:e1:5d:0a:6f:a3:98:9f:3e:d3:9b:53:0f:87:2d:
30:5f:63:9c:f1:a2:2b:69:68:b3:70:f6:aa:df:28:
96:66:09:97:60:c1:68:41:23:9c:bb:d6:d2:b9:8d:
b5:1b:e3:5a:1b:bf:5e:e9:6d:b9:d9:3a:1c:14:bd:
a4:80:c0:df:dd:7c:6b:7b:7f:ef:26:7d:32:44:e6:
e5:5e:5e:f6:0f:9b:31:b9:0f:06:3f:a6:44:b6:f5:
af:81:53:d8:8b:0d:1c:dc:6f:e2:68:b8:6c:9b:ef:
3f:93:64:d2:e2:a4:fe:98:06:27:fc:2c:fd:ba:23:
00:74:83:52:c8:1f:2d:25:50:35:29:91:96:9a:28:
9e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E9:B3:16:21:70:95:0B:33:6A:6A:13:5E:78:3A:1C:2F:0D:14:5B
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1umzFiFwlQszamoTXng6HC8NFFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.246.0/23
185.199.148.0/24
185.225.170.0/23
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:73:8f:02:e3:0d:8e:67:9a:65:41:1c:29:b7:5d:13:a3:d9:
84:bd:89:85:2e:16:c3:f8:55:c7:3d:0a:34:d5:92:a4:54:5b:
6d:fe:0e:5b:a4:e1:7a:9a:e4:81:0b:5c:40:5f:43:45:52:9c:
ab:2b:49:c3:36:30:fa:6a:e8:d3:20:3c:4d:62:0f:d9:46:86:
e0:3f:e5:6f:e2:ec:fa:17:cc:a6:09:ed:22:60:59:62:63:7f:
da:f3:c5:08:14:87:e3:2e:2e:7e:e4:19:cb:42:c7:49:b9:2f:
46:ed:2c:98:29:cb:e5:86:58:5a:5c:a5:fc:86:4e:07:cc:55:
a5:3e:e0:0d:04:b6:05:f8:ce:f8:25:47:62:5e:b2:33:f7:76:
32:37:9e:37:a6:01:44:4b:66:3c:99:3d:e0:5a:08:8a:06:b8:
33:10:13:9a:65:de:d8:f1:9b:64:74:bd:09:83:c7:c2:ef:ac:
fe:ba:32:3b:0b:b9:25:2f:35:b1:9b:bb:7a:5b:9b:a1:a1:41:
7f:75:13:5d:d4:20:3b:3e:17:de:74:51:f0:43:41:02:b7:5e:
08:de:7e:c1:f4:a8:46:85:30:37:ba:45:71:f3:60:1e:0f:7e:
66:2b:32:85:a9:61:a5:4e:89:6f:0d:0c:57:2b:a0:84:08:4b:
70:c6:17:6d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYf3eXcJ9duXnBqWx81zvEHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTA3MTgyOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU5YjMxNjIxNzA5NTBiMzM2YTZhMTM1ZTc4M2ExYzJmMGQxNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgq9KECs/GXJhiXEF31Ms/joOOXG
rME0W5XITuXA4MvE8lbIA0zekzRpXMngNeq5Pt6ITj24SWzvIn3cOKEmLxh0yotj
9ew0ECSY51KSStVYYiKeBDG0h6Ss6HLYdW6OhL9oiDAfpRcbrYsXZ8+l82BR/3wd
hmiI4V0Kb6OYnz7Tm1MPhy0wX2Oc8aIraWizcPaq3yiWZgmXYMFoQSOcu9bSuY21
G+NaG79e6W252TocFL2kgMDf3Xxre3/vJn0yROblXl72D5sxuQ8GP6ZEtvWvgVPY
iw0c3G/iaLhsm+8/k2TS4qT+mAYn/Cz9uiMAdINSyB8tJVA1KZGWmiiemwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNbpsxYhcJULM2pqE154OhwvDRRbMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMXVtekZpRndsUXN6YW1vVFhuZzZIQzhORkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBT2L2AwQA
uceUAwQBueGqAwQAwpJcMA0GCSqGSIb3DQEBCwUAA4IBAQAac48C4w2OZ5plQRwp
t10To9mEvYmFLhbD+FXHPQo01ZKkVFtt/g5bpOF6muSBC1xAX0NFUpyrK0nDNjD6
aujTIDxNYg/ZRobgP+Vv4uz6F8ymCe0iYFliY3/a88UIFIfjLi5+5BnLQsdJuS9G
7SyYKcvlhlhaXKX8hk4HzFWlPuANBLYF+M74JUdiXrIz93YyN543pgFES2Y8mT3g
WgiKBrgzEBOaZd7Y8ZtkdL0Jg8fC76z+ujI7C7klLzWxm7t6W5uhoUF/dRNd1CA7
PhfedFHwQ0ECt14I3n7B9KhGhTA3ukVx82AeD35mKzKFqWGlTolvDQxXK6CECEtw
xhdt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org