Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/7beDLD951DC7gQC284_UnQ_6Wig.roa
File: 7beDLD951DC7gQC284_UnQ_6Wig.roa (raw, json)
Hash identifier: DV5wtPrdqO8l+ow1kEx7NqBsaB/2ZwlR0RaR3BC4nmc=
Subject key identifier: ED:B7:83:2C:3F:79:D4:30:BB:81:00:B6:F3:8F:D4:9D:0F:FA:5A:28
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01887C213AD77C751EADCEE5672ECF808750
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/7beDLD951DC7gQC284_UnQ_6Wig.roa
Signing time: Fri 02 Jun 2023 12:42:12 +0000
ROA not before: Fri 02 Jun 2023 12:42:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.225.171.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.226.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:21:3a:d7:7c:75:1e:ad:ce:e5:67:2e:cf:80:87:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 2 12:42:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edb7832c3f79d430bb8100b6f38fd49d0ffa5a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:e4:d8:ef:4c:45:76:6b:50:13:35:0a:93:
74:5c:dc:86:da:58:6d:ee:9d:66:e9:51:ea:d2:f0:
51:76:63:12:c2:91:af:3a:8b:35:eb:1c:1e:55:e9:
3d:a5:20:40:ac:e1:60:ae:1e:fe:cf:ea:4b:e5:ff:
2a:16:b6:83:d9:fe:c2:26:d1:21:89:36:f2:61:26:
28:2c:fa:9b:c3:f8:33:ae:ca:82:e5:4c:94:3a:3a:
fd:93:1a:ed:14:88:d0:32:b7:8a:5e:23:38:38:f4:
1e:8e:c1:c2:d3:79:e0:09:e9:33:6e:14:6c:bd:65:
56:77:6c:7d:79:ba:86:37:b3:38:3d:57:ad:e1:7b:
4e:95:b2:72:de:7d:7d:b5:d9:88:1f:c7:64:96:78:
90:65:95:7e:13:03:6e:3a:6a:d3:16:5d:b6:11:91:
cd:55:23:35:58:a9:c1:b9:46:d3:e9:f8:64:81:91:
35:59:4f:65:70:d4:11:1b:86:1b:90:5c:86:36:3e:
6a:0d:c0:62:79:01:9c:bb:8a:e5:16:2a:f5:04:c8:
38:f1:85:84:24:cb:b8:65:51:9b:f3:5d:01:d8:94:
99:59:6f:7c:4f:22:3e:14:9c:ef:0e:e6:f9:c6:03:
eb:2f:47:8c:18:51:33:9b:a7:0b:4a:96:4e:4d:b5:
d4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B7:83:2C:3F:79:D4:30:BB:81:00:B6:F3:8F:D4:9D:0F:FA:5A:28
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/7beDLD951DC7gQC284_UnQ_6Wig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.148.0/24
185.225.171.0/24
185.226.183.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ce:d0:72:de:d5:bb:a9:36:40:f9:28:91:80:2d:17:3f:b8:
84:5c:68:43:11:df:ee:e6:de:cc:3f:dd:e5:13:3d:d1:ba:6f:
55:85:04:ad:19:be:ce:d5:3c:b1:3a:1b:af:2f:35:f9:b2:1a:
ed:78:5d:c8:f3:9f:2c:13:a4:a8:30:22:62:e6:1a:bb:aa:e1:
75:ed:c2:a8:0d:52:6d:65:54:5f:91:2c:16:ef:b9:f3:da:d8:
dd:5b:b2:36:96:f5:3d:51:85:79:6f:57:7e:65:66:6f:7b:c7:
08:8c:bb:f6:f0:45:9a:e5:52:95:7e:65:d6:a1:b4:b4:f8:56:
d6:4e:31:66:62:ee:f7:dd:c4:cd:42:99:1c:ce:48:a2:cc:a3:
f3:8a:bc:41:04:0e:35:37:02:8a:75:37:12:c6:9e:cd:66:29:
ff:73:93:a1:d2:a1:43:d8:33:ea:ae:ce:5c:5f:d6:aa:96:31:
13:a6:12:19:65:0c:75:33:3f:2c:7a:9e:df:68:88:d2:90:06:
1a:7e:44:c9:37:85:f0:9e:d7:75:14:25:84:52:b1:0e:ca:ac:
f7:6b:7e:1f:fe:d9:2a:f0:b7:3f:8b:90:18:0d:11:33:c9:9d:
21:82:92:5a:eb:0d:a5:95:72:d6:d8:81:88:c8:71:96:25:a5:
86:4d:f7:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYh8ITrXfHUerc7lZy7PgIdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjAyMTI0MjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGI3ODMyYzNmNzlkNDMwYmI4MTAwYjZmMzhmZDQ5ZDBmZmE1YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpTk2O9MRXZrUBM1CpN0XNyG2lht
7p1m6VHq0vBRdmMSwpGvOos16xweVek9pSBArOFgrh7+z+pL5f8qFraD2f7CJtEh
iTbyYSYoLPqbw/gzrsqC5UyUOjr9kxrtFIjQMreKXiM4OPQejsHC03ngCekzbhRs
vWVWd2x9ebqGN7M4PVet4XtOlbJy3n19tdmIH8dklniQZZV+EwNuOmrTFl22EZHN
VSM1WKnBuUbT6fhkgZE1WU9lcNQRG4YbkFyGNj5qDcBieQGcu4rlFir1BMg48YWE
JMu4ZVGb810B2JSZWW98TyI+FJzvDub5xgPrL0eMGFEzm6cLSpZOTbXUPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO23gyw/edQwu4EAtvOP1J0P+looMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvN2JlRExEOTUxREM3Z1FDMjg0X1VuUV82V2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuceUAwQA
ueGrAwQAueK3AwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQBIztBy3tW7qTZA+SiR
gC0XP7iEXGhDEd/u5t7MP93lEz3Rum9VhQStGb7O1TyxOhuvLzX5shrteF3I858s
E6SoMCJi5hq7quF17cKoDVJtZVRfkSwW77nz2tjdW7I2lvU9UYV5b1d+ZWZve8cI
jLv28EWa5VKVfmXWobS0+FbWTjFmYu733cTNQpkczkiizKPzirxBBA41NwKKdTcS
xp7NZin/c5Oh0qFD2DPqrs5cX9aqljETphIZZQx1Mz8sep7faIjSkAYafkTJN4Xw
ntd1FCWEUrEOyqz3a34f/tkq8Lc/i5AYDREzyZ0hgpJa6w2llXLW2IGIyHGWJaWG
Tfe4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:26 2023 by rpki-client on console-fra.rpki-client.org