Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2QtFvwFQVjqJbe4rGqsMfmNtWNk.roa
File: 2QtFvwFQVjqJbe4rGqsMfmNtWNk.roa (raw, json)
Hash identifier: WjZGuBX7+Nmdlf77wzUTGk49rtPYSIqKorzNs76oXNU=
Subject key identifier: D9:0B:45:BF:01:50:56:3A:89:6D:EE:2B:1A:AB:0C:7E:63:6D:58:D9
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01903A204F7DF4066E6895743685E0BDA99B
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2QtFvwFQVjqJbe4rGqsMfmNtWNk.roa
Signing time: Fri 21 Jun 2024 09:28:34 +0000
ROA not before: Fri 21 Jun 2024 09:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 07:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:20:4f:7d:f4:06:6e:68:95:74:36:85:e0:bd:a9:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 21 09:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d90b45bf0150563a896dee2b1aab0c7e636d58d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6f:68:f5:3e:d6:74:e5:b4:6b:66:34:1a:64:
5e:9c:cc:a7:08:95:9d:1f:fe:b4:9a:18:58:e2:cf:
c4:b6:82:22:5a:62:23:3e:56:05:d9:ae:a6:66:81:
4f:a6:e1:8c:a9:ff:7e:ef:0d:e9:96:b8:38:f2:41:
56:03:d4:e0:f8:a5:98:5a:ad:f6:e4:e9:dc:ae:a1:
da:c1:bb:89:e2:67:39:35:d2:12:99:73:b8:35:a6:
1f:bc:4d:9a:9f:ac:e0:da:3d:fa:fe:90:c5:4e:20:
43:c8:00:27:59:28:0e:4a:03:46:c0:8e:b2:be:68:
b7:aa:91:2a:82:64:21:c7:48:7d:b9:b4:ce:0f:1f:
28:57:00:1f:74:b4:3f:36:c3:9d:7f:35:fc:20:2f:
58:4b:10:ab:66:e2:a2:58:68:e4:64:5e:1f:18:b0:
03:e5:12:5f:f3:31:a9:59:25:9c:04:05:d4:48:47:
ab:a1:26:81:de:ed:4d:d6:37:2d:9f:48:f9:21:eb:
79:72:27:62:95:1d:0a:e8:21:b3:45:b2:97:67:d9:
21:47:6e:4b:11:26:0b:54:48:56:83:1c:01:64:c0:
42:fd:cf:49:f4:4f:6e:89:b9:91:b4:1a:b4:fb:62:
5b:68:48:dd:e4:b0:e2:d1:02:56:cd:81:1b:6d:de:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0B:45:BF:01:50:56:3A:89:6D:EE:2B:1A:AB:0C:7E:63:6D:58:D9
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2QtFvwFQVjqJbe4rGqsMfmNtWNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:a2:58:99:89:5f:df:7c:87:c9:f1:41:ca:49:77:56:2a:93:
a5:f8:8a:73:b8:89:d7:f4:92:d1:45:8c:ae:3e:88:25:e3:57:
d5:a1:c2:89:a2:cb:96:8e:aa:10:26:e5:db:bd:bf:ac:8b:92:
fc:70:eb:57:71:cf:23:fc:2f:33:15:a7:2e:0f:96:ef:ea:ed:
55:82:ce:8d:ca:4f:d3:88:a2:08:71:a5:4b:66:2c:dd:ab:15:
66:fa:c9:ae:6f:38:c8:f6:c9:5b:f3:34:1a:02:08:2d:22:c1:
7f:e5:74:c6:5b:c0:e4:b8:81:d5:c5:36:32:11:9f:c2:0f:40:
30:d1:fc:3a:89:82:a2:20:09:f7:e0:db:73:e9:18:c1:64:47:
42:82:f6:0a:cb:4d:a4:93:96:84:c6:7d:e0:f7:41:8b:9c:ff:
30:1a:dc:69:1d:39:b0:3e:f6:92:f9:42:d3:d6:0a:ff:d7:33:
25:58:89:40:5a:21:e4:1c:2b:39:e5:61:7b:2b:7c:a2:fe:4b:
82:0f:f9:23:7b:21:a9:09:fc:3a:c1:19:d0:f6:fb:91:76:eb:
78:ce:67:97:87:07:99:58:55:4b:86:de:cc:a9:1d:63:33:65:
b6:3d:9e:ef:d7:66:de:3b:b7:cc:1e:6c:d5:6a:28:8d:d3:e0:
fd:b2:e9:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZA6IE999AZuaJV0NoXgvambMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNjIxMDkyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBiNDViZjAxNTA1NjNhODk2ZGVlMmIxYWFiMGM3ZTYzNmQ1OGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG9o9T7WdOW0a2Y0GmRenMynCJWd
H/60mhhY4s/EtoIiWmIjPlYF2a6mZoFPpuGMqf9+7w3plrg48kFWA9Tg+KWYWq32
5OncrqHawbuJ4mc5NdISmXO4NaYfvE2an6zg2j36/pDFTiBDyAAnWSgOSgNGwI6y
vmi3qpEqgmQhx0h9ubTODx8oVwAfdLQ/NsOdfzX8IC9YSxCrZuKiWGjkZF4fGLAD
5RJf8zGpWSWcBAXUSEeroSaB3u1N1jctn0j5Iet5cidilR0K6CGzRbKXZ9khR25L
ESYLVEhWgxwBZMBC/c9J9E9uibmRtBq0+2JbaEjd5LDi0QJWzYEbbd5gwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNkLRb8BUFY6iW3uKxqrDH5jbVjZMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMlF0RnZ3RlFWanFKYmU0ckdxc01mbU50V05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucfVAwQA
wpJcMA0GCSqGSIb3DQEBCwUAA4IBAQDOoliZiV/ffIfJ8UHKSXdWKpOl+IpzuInX
9JLRRYyuPogl41fVocKJosuWjqoQJuXbvb+si5L8cOtXcc8j/C8zFacuD5bv6u1V
gs6Nyk/TiKIIcaVLZizdqxVm+smubzjI9slb8zQaAggtIsF/5XTGW8DkuIHVxTYy
EZ/CD0Aw0fw6iYKiIAn34Ntz6RjBZEdCgvYKy02kk5aExn3g90GLnP8wGtxpHTmw
PvaS+ULT1gr/1zMlWIlAWiHkHCs55WF7K3yi/kuCD/kjeyGpCfw6wRnQ9vuRdut4
zmeXhweZWFVLht7MqR1jM2W2PZ7v12beO7fMHmzVaiiN0+D9sumL
-----END CERTIFICATE-----
Generated at Tue Jun 25 12:08:04 2024 by rpki-client on console-fra.rpki-client.org