Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/KOipXu2AUwWBhU7tQ5ZvoB3aWi4.roa
File: KOipXu2AUwWBhU7tQ5ZvoB3aWi4.roa (raw, json)
Hash identifier: 2IK5yoX6iXEMztXD5C+TDRVb38RLc7iO0Oz5i1WineE=
Subject key identifier: 28:E8:A9:5E:ED:80:53:05:81:85:4E:ED:43:96:6F:A0:1D:DA:5A:2E
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0187E0BAFC01187C5A638F2C60F0E7F1052E
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/KOipXu2AUwWBhU7tQ5ZvoB3aWi4.roa
Signing time: Wed 03 May 2023 08:29:23 +0000
ROA not before: Wed 03 May 2023 08:29:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 11:39:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:ba:fc:01:18:7c:5a:63:8f:2c:60:f0:e7:f1:05:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 3 08:29:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28e8a95eed80530581854eed43966fa01dda5a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5b:14:44:30:08:71:cf:9f:2d:52:b2:2e:cf:
07:24:d7:33:d8:fd:5c:80:36:b5:a7:42:f4:d6:72:
2c:17:4c:4f:82:43:a9:69:2c:37:d8:7a:32:73:43:
6e:20:e3:c7:a7:26:4e:f7:b2:7b:0f:83:18:22:2b:
44:6b:15:72:3e:1c:0d:d3:46:46:1d:ea:10:ec:d3:
d1:a9:e1:7f:dc:82:a1:70:e0:16:de:0e:cc:71:e3:
e2:ca:8c:41:3a:38:7c:1b:55:99:4d:4b:a3:23:20:
d8:90:53:d1:e8:b9:6c:8c:26:a7:6f:92:c6:e1:f0:
2f:d9:79:66:1f:b9:70:e2:9e:d4:d3:3e:08:de:c8:
95:52:61:3b:c4:73:37:a5:62:d8:04:c0:c2:2b:16:
e2:27:01:44:bd:15:db:f2:a7:7e:e3:f0:fb:e1:78:
2c:3a:c7:07:2f:ee:02:88:37:78:65:89:72:94:e1:
33:c8:0b:12:a1:a5:71:e5:94:95:ab:a0:b0:95:c2:
1f:ee:c7:67:02:66:f9:73:23:43:98:3b:6d:4c:e6:
b8:ea:4b:4e:ed:80:d8:99:af:a2:a0:10:5e:f0:da:
14:cf:07:9c:2e:0e:57:c6:3a:a2:12:d4:16:70:2e:
62:d7:ce:5c:a5:e0:1d:8f:cc:4c:07:99:68:64:ba:
3e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E8:A9:5E:ED:80:53:05:81:85:4E:ED:43:96:6F:A0:1D:DA:5A:2E
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/KOipXu2AUwWBhU7tQ5ZvoB3aWi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.247.0/24
185.199.148.0/24
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
04:c2:77:d3:d9:92:e3:ba:a5:22:e5:4a:07:d8:54:63:9f:a4:
10:43:80:05:93:d8:ce:f3:68:a9:e9:75:ea:40:e4:d1:98:e6:
9c:7d:64:eb:b9:5f:23:77:cb:e6:4e:8c:41:22:ea:a0:6d:3d:
78:0f:2b:ee:6d:b6:35:62:9c:b4:b5:12:63:ef:f5:1e:08:d3:
0e:12:e0:12:2a:c8:9b:4f:b8:1f:c5:ed:fb:15:3b:bf:ec:28:
8d:8e:83:e4:e0:a2:de:62:e8:d4:05:29:f9:ac:1a:b5:29:08:
2e:08:1c:b3:7d:37:2c:49:9a:4e:a5:80:0d:b2:c8:40:90:7e:
bc:81:6e:2c:4f:66:59:88:31:f7:6d:cc:0a:3e:17:2a:13:b6:
d5:d3:24:65:1d:ef:54:7d:23:f1:49:7e:96:2a:e3:3f:b5:86:
ab:7d:e0:9c:49:9b:4c:8f:df:2d:0a:81:a0:e2:77:36:27:9b:
fe:c9:1d:4d:ea:74:97:ed:25:f4:7f:aa:96:9a:66:14:01:d6:
a3:05:ee:7f:d2:18:ca:63:10:a1:d3:42:83:46:a2:f5:e9:b8:
b4:ff:86:85:4d:06:c4:6f:9a:af:88:02:68:55:f9:d5:0b:c5:
b1:03:e7:f7:3a:be:ff:39:dc:25:1d:02:75:df:41:6c:96:16:
c7:c0:7f:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfguvwBGHxaY48sYPDn8QUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTAzMDgyOTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU4YTk1ZWVkODA1MzA1ODE4NTRlZWQ0Mzk2NmZhMDFkZGE1YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FsURDAIcc+fLVKyLs8HJNcz2P1c
gDa1p0L01nIsF0xPgkOpaSw32Hoyc0NuIOPHpyZO97J7D4MYIitEaxVyPhwN00ZG
HeoQ7NPRqeF/3IKhcOAW3g7McePiyoxBOjh8G1WZTUujIyDYkFPR6LlsjCanb5LG
4fAv2XlmH7lw4p7U0z4I3siVUmE7xHM3pWLYBMDCKxbiJwFEvRXb8qd+4/D74Xgs
OscHL+4CiDd4ZYlylOEzyAsSoaVx5ZSVq6CwlcIf7sdnAmb5cyNDmDttTOa46ktO
7YDYma+ioBBe8NoUzwecLg5XxjqiEtQWcC5i185cpeAdj8xMB5loZLo+uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCjoqV7tgFMFgYVO7UOWb6Ad2louMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvS09pcFh1MkFVd1dCaFU3dFE1WnZvQjNhV2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT2L3AwQA
uceUAwQBueGqMA0GCSqGSIb3DQEBCwUAA4IBAQAEwnfT2ZLjuqUi5UoH2FRjn6QQ
Q4AFk9jO82ip6XXqQOTRmOacfWTruV8jd8vmToxBIuqgbT14DyvubbY1Ypy0tRJj
7/UeCNMOEuASKsibT7gfxe37FTu/7CiNjoPk4KLeYujUBSn5rBq1KQguCByzfTcs
SZpOpYANsshAkH68gW4sT2ZZiDH3bcwKPhcqE7bV0yRlHe9UfSPxSX6WKuM/tYar
feCcSZtMj98tCoGg4nc2J5v+yR1N6nSX7SX0f6qWmmYUAdajBe5/0hjKYxCh00KD
RqL16bi0/4aFTQbEb5qviAJoVfnVC8WxA+f3Or7/OdwlHQJ130FslhbHwH+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org