Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/9b9we7hmJSZwd8999iHktqi-CeU.roa
File: 9b9we7hmJSZwd8999iHktqi-CeU.roa (raw, json)
Hash identifier: 3VULUB2dhClcJIm2qG3CHw4pf7b688B8VifDePW7HLY=
Subject key identifier: F5:BF:70:7B:B8:66:25:26:70:77:CF:7D:F6:21:E4:B6:A8:BE:09:E5
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01877B69E5A96E03F5BC3A7F4571CD4216A7
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/9b9we7hmJSZwd8999iHktqi-CeU.roa
Signing time: Thu 13 Apr 2023 16:19:10 +0000
ROA not before: Thu 13 Apr 2023 16:19:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.226.183.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Apr 2023 09:24:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:69:e5:a9:6e:03:f5:bc:3a:7f:45:71:cd:42:16:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 13 16:19:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5bf707bb86625267077cf7df621e4b6a8be09e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:da:79:b4:96:f1:19:43:ce:b7:11:ad:80:59:
bb:3e:56:50:83:40:d6:fd:8c:f3:89:a2:74:be:97:
15:c2:ad:e4:48:dc:6f:81:91:7c:3b:45:e1:bb:8e:
e0:4b:b6:72:ad:b2:4d:66:bb:e7:ca:94:53:ba:61:
34:a2:ae:75:b3:32:f0:a9:e6:1d:dd:65:5f:99:ea:
ba:92:c6:fe:f3:c8:8d:77:db:55:14:7f:48:0b:09:
9d:4a:91:19:52:9c:cf:5f:5a:25:d5:33:95:3b:ff:
78:95:e2:09:bd:ad:e3:15:00:00:00:36:86:c1:21:
87:cb:18:ad:f2:eb:6b:ab:05:a9:d4:ce:b6:03:a1:
6c:00:0e:de:a4:78:a9:7e:0f:0a:d9:60:30:6d:c0:
34:b3:6e:d4:ee:51:43:c3:15:1c:42:1c:c0:e9:fa:
82:d3:c2:33:cd:d8:e1:f3:78:a2:67:e3:3b:e3:fa:
48:9a:0f:32:7e:1f:c4:c5:8d:cf:56:ef:6b:62:23:
ea:a8:25:e0:c1:6d:1b:d3:64:b7:01:e1:0c:5d:17:
a4:38:28:fd:65:a8:c3:b9:d0:0f:2c:d3:da:b6:e2:
5e:cd:9a:9f:06:f5:ed:6d:6a:1c:23:fe:74:12:79:
17:d6:03:f6:7a:9e:24:0f:42:5e:8f:73:c3:5b:5a:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BF:70:7B:B8:66:25:26:70:77:CF:7D:F6:21:E4:B6:A8:BE:09:E5
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/9b9we7hmJSZwd8999iHktqi-CeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.170.0/23
185.226.181.0/24
185.226.183.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f3:fd:a0:b1:2b:a5:5e:7f:a7:49:23:ae:55:62:65:1d:d5:
9e:fc:84:30:ad:e1:10:2a:75:51:ea:2a:73:4b:8b:70:7f:70:
46:d5:f0:43:85:2a:42:ea:2e:a0:c3:c0:02:62:6a:41:04:cf:
47:11:f8:de:08:47:e8:62:65:3f:b0:6e:56:05:fc:d7:32:25:
5a:cb:ab:98:5c:c5:69:3e:7d:f8:bd:15:e1:f4:64:18:92:89:
f4:b4:c8:fe:d6:ce:79:91:d4:8b:8e:6a:e0:e3:63:d8:27:8a:
72:6a:dc:4a:1f:b5:7c:ae:3b:fa:10:a6:07:56:b5:fb:6b:dc:
da:40:44:1e:84:83:9c:0b:e9:c5:3a:0c:09:56:0b:a9:e1:6e:
85:c7:13:e9:bc:94:12:29:5e:82:87:fd:61:88:59:00:7d:0b:
fe:b7:1b:2f:ea:ae:97:5b:e6:42:73:c3:bb:69:18:9c:cb:88:
08:78:1e:aa:2e:1b:59:80:83:e8:5c:95:5a:f9:db:8d:53:44:
38:b6:4e:14:c9:27:99:a6:73:4d:53:4a:16:c4:45:e7:bc:e2:
85:4f:b0:60:91:d2:9e:7a:0b:9e:33:c7:77:a2:cb:05:03:91:
b2:0f:ff:e5:16:c2:60:72:c0:ec:b4:c4:bd:26:63:ca:92:14:
8a:78:ba:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd7aeWpbgP1vDp/RXHNQhanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDEzMTYxOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWJmNzA3YmI4NjYyNTI2NzA3N2NmN2RmNjIxZTRiNmE4YmUwOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtp5tJbxGUPOtxGtgFm7PlZQg0DW
/YzziaJ0vpcVwq3kSNxvgZF8O0Xhu47gS7ZyrbJNZrvnypRTumE0oq51szLwqeYd
3WVfmeq6ksb+88iNd9tVFH9ICwmdSpEZUpzPX1ol1TOVO/94leIJva3jFQAAADaG
wSGHyxit8utrqwWp1M62A6FsAA7epHipfg8K2WAwbcA0s27U7lFDwxUcQhzA6fqC
08Izzdjh83iiZ+M74/pImg8yfh/ExY3PVu9rYiPqqCXgwW0b02S3AeEMXRekOCj9
ZajDudAPLNPatuJezZqfBvXtbWocI/50EnkX1gP2ep4kD0Jej3PDW1o4CwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPW/cHu4ZiUmcHfPffYh5LaovgnlMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvOWI5d2U3aG1KU1p3ZDg5OTlpSGt0cWktQ2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBueGqAwQA
ueK1AwQAueK3AwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQCM8/2gsSulXn+nSSOu
VWJlHdWe/IQwreEQKnVR6ipzS4twf3BG1fBDhSpC6i6gw8ACYmpBBM9HEfjeCEfo
YmU/sG5WBfzXMiVay6uYXMVpPn34vRXh9GQYkon0tMj+1s55kdSLjmrg42PYJ4py
atxKH7V8rjv6EKYHVrX7a9zaQEQehIOcC+nFOgwJVgup4W6FxxPpvJQSKV6Ch/1h
iFkAfQv+txsv6q6XW+ZCc8O7aRicy4gIeB6qLhtZgIPoXJVa+duNU0Q4tk4UySeZ
pnNNU0oWxEXnvOKFT7BgkdKeegueM8d3ossFA5GyD//lFsJgcsDstMS9JmPKkhSK
eLqd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org