Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HdthuUcTeTSSPKYKQW3OB844RvA.roa
File: HdthuUcTeTSSPKYKQW3OB844RvA.roa (raw, json)
Hash identifier: obzdRt+3UZ+DRuctXvOr2gzjiolOD5nK9P6ljMRuCgE=
Subject key identifier: 1D:DB:61:B9:47:13:79:34:92:3C:A6:0A:41:6D:CE:07:CE:38:46:F0
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0187CC0DB03336ECCB689488ACA8AB3BB06C
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HdthuUcTeTSSPKYKQW3OB844RvA.roa
Signing time: Sat 29 Apr 2023 08:07:41 +0000
ROA not before: Sat 29 Apr 2023 08:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 79.98.247.0/24 maxlen: 24
185.226.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 May 2023 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cc:0d:b0:33:36:ec:cb:68:94:88:ac:a8:ab:3b:b0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 29 08:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ddb61b947137934923ca60a416dce07ce3846f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:40:67:af:62:cf:bc:51:3b:ad:f3:54:d4:25:
fe:67:d1:ff:27:cb:bd:be:fa:4c:b2:26:ed:35:f5:
f0:14:b9:bb:90:57:27:20:f5:d3:e9:8e:34:16:d8:
d9:2d:60:b3:d5:9d:c5:61:09:b7:86:fa:71:e3:59:
6a:8e:f8:8d:4f:00:83:c2:e2:29:a8:50:9f:4b:9b:
b9:50:89:b3:75:ed:2e:af:ad:ea:33:b4:77:f0:ba:
68:00:0c:27:a4:bc:b2:e5:e7:c2:38:93:6b:43:de:
66:be:e2:5f:91:56:51:34:aa:02:eb:eb:49:72:a0:
1a:01:f7:08:f0:66:0d:e3:72:37:e1:52:d6:cd:d8:
53:ce:9f:12:bf:c3:07:a8:c4:ac:d9:f4:eb:9a:e2:
10:4b:36:df:2e:26:9f:2e:8e:78:ff:76:11:74:27:
7f:1a:0a:b2:5c:3d:ca:b4:13:45:4f:31:49:6c:7c:
bd:15:25:8a:d9:da:95:89:e1:0b:6e:8d:a1:9a:0d:
d9:3e:8e:d2:43:d4:fa:27:57:75:93:8f:29:09:61:
c7:2a:5d:e5:fa:74:06:0c:d6:78:76:76:c4:e3:f6:
2e:8c:33:a3:d8:3c:ca:d2:a8:b5:14:77:7e:cf:84:
d4:fd:97:1a:88:2b:97:02:3d:c6:9b:d5:33:a2:72:
40:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DB:61:B9:47:13:79:34:92:3C:A6:0A:41:6D:CE:07:CE:38:46:F0
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HdthuUcTeTSSPKYKQW3OB844RvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.247.0/24
185.226.183.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f3:b8:b0:86:f9:13:f0:64:f2:72:5f:53:0f:1c:bc:39:84:
64:69:c8:31:2b:19:a1:8d:43:18:1c:6c:3f:91:4b:2f:78:1e:
dc:1d:1a:c8:2b:33:84:38:70:36:b0:d8:a9:6b:c6:87:de:b1:
fa:f5:5e:78:db:e7:7f:8c:0d:87:84:b5:ed:50:ad:05:17:40:
a4:d8:5e:b5:4f:81:54:3c:20:ee:46:48:92:0b:c2:0c:b1:f6:
1c:0e:2b:cf:b6:25:b9:76:71:f2:23:14:e4:81:8c:9c:87:90:
7d:62:3e:01:24:e0:e1:e7:30:7a:7e:9c:64:78:7a:5a:08:59:
5a:b2:1d:2b:23:93:08:3e:95:ba:d7:48:70:77:70:bd:15:0e:
12:6b:d2:38:62:49:a5:bf:74:a9:65:8f:ce:d9:17:b8:90:40:
f9:d2:4d:0f:88:16:ce:c1:4e:c5:49:84:b5:41:62:07:da:19:
0f:b1:66:28:68:e3:a7:3b:4d:68:f1:1c:dd:d5:d8:2b:bc:55:
69:77:ac:4e:db:d6:0f:87:98:01:0d:7e:65:19:7d:0a:13:2a:
72:46:1f:7c:7e:b3:44:be:33:56:ce:05:26:cd:f8:5c:62:eb:
ca:f4:b3:dd:29:93:10:20:fa:93:ed:ef:a1:91:0f:fc:c5:74:
8f:14:2d:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfMDbAzNuzLaJSIrKirO7BsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDI5MDgwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGRiNjFiOTQ3MTM3OTM0OTIzY2E2MGE0MTZkY2UwN2NlMzg0NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikBnr2LPvFE7rfNU1CX+Z9H/J8u9
vvpMsibtNfXwFLm7kFcnIPXT6Y40FtjZLWCz1Z3FYQm3hvpx41lqjviNTwCDwuIp
qFCfS5u5UImzde0ur63qM7R38LpoAAwnpLyy5efCOJNrQ95mvuJfkVZRNKoC6+tJ
cqAaAfcI8GYN43I34VLWzdhTzp8Sv8MHqMSs2fTrmuIQSzbfLiafLo54/3YRdCd/
GgqyXD3KtBNFTzFJbHy9FSWK2dqVieELbo2hmg3ZPo7SQ9T6J1d1k48pCWHHKl3l
+nQGDNZ4dnbE4/YujDOj2DzK0qi1FHd+z4TU/ZcaiCuXAj3Gm9UzonJAAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3bYblHE3k0kjymCkFtzgfOOEbwMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvSGR0aHVVY1RlVFNTUEtZS1FXM09CODQ0UnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT2L3AwQA
ueK3MA0GCSqGSIb3DQEBCwUAA4IBAQAs87iwhvkT8GTycl9TDxy8OYRkacgxKxmh
jUMYHGw/kUsveB7cHRrIKzOEOHA2sNipa8aH3rH69V542+d/jA2HhLXtUK0FF0Ck
2F61T4FUPCDuRkiSC8IMsfYcDivPtiW5dnHyIxTkgYych5B9Yj4BJODh5zB6fpxk
eHpaCFlash0rI5MIPpW610hwd3C9FQ4Sa9I4Ykmlv3SpZY/O2Re4kED50k0PiBbO
wU7FSYS1QWIH2hkPsWYoaOOnO01o8Rzd1dgrvFVpd6xO29YPh5gBDX5lGX0KEypy
Rh98frNEvjNWzgUmzfhcYuvK9LPdKZMQIPqT7e+hkQ/8xXSPFC0u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org