Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/A5RkyAgvOSXYXYwQo03fdpSxmIM.roa
File: A5RkyAgvOSXYXYwQo03fdpSxmIM.roa (raw, json)
Hash identifier: E17RVEV6aMAv6V1RtlUjYxm1gCJI0E4d7vOqlpA9xI8=
Subject key identifier: 03:94:64:C8:08:2F:39:25:D8:5D:8C:10:A3:4D:DF:76:94:B1:98:83
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 019014122FD7617D7A2207AB3CAC24F4BB89
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/A5RkyAgvOSXYXYwQo03fdpSxmIM.roa
Signing time: Fri 14 Jun 2024 00:07:34 +0000
ROA not before: Fri 14 Jun 2024 00:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 176.125.251.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Jun 2024 00:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:14:12:2f:d7:61:7d:7a:22:07:ab:3c:ac:24:f4:bb:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 14 00:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=039464c8082f3925d85d8c10a34ddf7694b19883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a6:e2:04:ec:ff:29:27:75:d0:3d:0a:b1:58:
6d:a0:e9:1f:e3:a9:5e:38:7a:10:e8:1a:3c:75:e0:
97:91:f4:dd:02:79:e5:51:c9:b0:38:bc:dd:cf:2e:
ce:0c:81:1f:8f:50:df:af:03:07:00:c7:45:35:cd:
89:ac:21:35:33:0b:dc:8d:36:fb:77:86:70:cd:91:
4d:74:54:f5:cb:88:a9:2c:13:1d:3c:8c:ac:60:42:
7c:c2:77:86:ec:0a:ed:66:6f:94:5c:be:f3:a9:e8:
18:dc:27:0c:bc:ca:4c:36:c6:23:49:8b:8b:c6:08:
c5:40:1b:23:91:ce:40:56:ca:79:37:e4:01:ad:9e:
c0:29:ea:34:71:4b:1b:da:da:3a:3c:12:14:7a:68:
e4:87:87:0a:b3:56:03:ef:5f:00:1d:99:43:dc:52:
72:3c:44:c2:02:d7:b3:43:9c:1c:ce:2a:5e:6c:7b:
5c:dc:62:cf:a9:cf:6c:45:28:cb:66:03:73:7e:fd:
8e:a2:b1:5d:6d:4e:12:d8:bb:59:53:67:c2:e4:2b:
bd:36:f2:30:e2:e8:af:ba:92:75:ec:3f:b7:ec:a9:
e7:1b:15:b0:93:55:d4:a9:49:b2:63:27:f0:66:cd:
2a:c7:81:20:ce:be:83:28:70:35:3d:52:2c:77:f9:
ad:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:94:64:C8:08:2F:39:25:D8:5D:8C:10:A3:4D:DF:76:94:B1:98:83
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/A5RkyAgvOSXYXYwQo03fdpSxmIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.251.0/24
185.199.213.0/24
Signature Algorithm: sha256WithRSAEncryption
62:90:a4:14:32:f3:11:e2:2b:bc:48:34:01:13:c7:0f:a7:2d:
eb:2a:63:67:12:46:2c:3a:cb:18:9f:c2:35:78:87:f2:e9:72:
50:ea:2c:f7:3a:e9:f4:3c:9e:33:4f:8e:88:2d:ec:78:90:9a:
91:85:ac:0d:98:8c:09:88:5e:31:c5:75:bb:79:7a:15:56:0b:
d5:2e:83:78:de:6f:18:40:33:52:b5:e0:10:c3:1b:3d:55:68:
4a:ae:fd:e8:74:f0:30:e8:9b:a9:b9:aa:b3:37:43:20:2d:02:
84:86:f4:fd:60:87:71:f4:5b:65:f2:ca:0a:7f:5b:19:4a:eb:
44:d6:b5:f0:df:79:18:47:b3:10:2b:63:d9:91:c5:be:67:fd:
ac:ff:bb:b3:43:ca:1c:cc:bd:53:84:54:9e:34:fa:de:f2:7a:
14:11:09:5d:35:58:9b:7b:3f:98:0d:a2:93:58:22:d4:b4:b7:
66:34:87:3d:27:e8:c5:44:1f:0f:34:b2:8e:8c:50:1f:11:4c:
65:00:fa:c5:59:14:af:10:c7:5e:a5:81:f8:54:fb:ae:f4:51:
49:6d:91:f7:35:b7:9d:2b:56:72:30:94:0a:7e:c4:91:5f:87:
c8:1d:67:42:dd:1e:95:91:e8:8b:78:ea:14:c4:00:8c:85:25:
df:6b:69:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAUEi/XYX16IgerPKwk9LuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNjE0MDAwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk0NjRjODA4MmYzOTI1ZDg1ZDhjMTBhMzRkZGY3Njk0YjE5ODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyabiBOz/KSd10D0KsVhtoOkf46le
OHoQ6Bo8deCXkfTdAnnlUcmwOLzdzy7ODIEfj1DfrwMHAMdFNc2JrCE1MwvcjTb7
d4ZwzZFNdFT1y4ipLBMdPIysYEJ8wneG7ArtZm+UXL7zqegY3CcMvMpMNsYjSYuL
xgjFQBsjkc5AVsp5N+QBrZ7AKeo0cUsb2to6PBIUemjkh4cKs1YD718AHZlD3FJy
PETCAtezQ5wczipebHtc3GLPqc9sRSjLZgNzfv2OorFdbU4S2LtZU2fC5Cu9NvIw
4uivupJ17D+37KnnGxWwk1XUqUmyYyfwZs0qx4Egzr6DKHA1PVIsd/mt1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAOUZMgILzkl2F2MEKNN33aUsZiDMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQTVSa3lBZ3ZPU1hZWFl3UW8wM2ZkcFN4bUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH37AwQA
ucfVMA0GCSqGSIb3DQEBCwUAA4IBAQBikKQUMvMR4iu8SDQBE8cPpy3rKmNnEkYs
OssYn8I1eIfy6XJQ6iz3Oun0PJ4zT46ILex4kJqRhawNmIwJiF4xxXW7eXoVVgvV
LoN43m8YQDNSteAQwxs9VWhKrv3odPAw6JupuaqzN0MgLQKEhvT9YIdx9Ftl8soK
f1sZSutE1rXw33kYR7MQK2PZkcW+Z/2s/7uzQ8oczL1ThFSeNPre8noUEQldNVib
ez+YDaKTWCLUtLdmNIc9J+jFRB8PNLKOjFAfEUxlAPrFWRSvEMdepYH4VPuu9FFJ
bZH3NbedK1ZyMJQKfsSRX4fIHWdC3R6VkeiLeOoUxACMhSXfa2l9
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:36:40 2024 by rpki-client on console-ams.rpki-client.org