Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/MT4wt67sjWejxd28WIgovAnVGQE.roa
File: MT4wt67sjWejxd28WIgovAnVGQE.roa (raw, json)
Hash identifier: yeeYi7DL5DsxHcV+eSmrkyksZRu4WIL3b6GhHqlK9Uc=
Subject key identifier: 31:3E:30:B7:AE:EC:8D:67:A3:C5:DD:BC:58:88:28:BC:09:D5:19:01
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0187776BBCB2109B864B367FB7034B4A0778
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/MT4wt67sjWejxd28WIgovAnVGQE.roa
Signing time: Wed 12 Apr 2023 21:42:41 +0000
ROA not before: Wed 12 Apr 2023 21:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201942
IP address blocks: 185.199.212.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 May 2023 18:29:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:77:6b:bc:b2:10:9b:86:4b:36:7f:b7:03:4b:4a:07:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 12 21:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=313e30b7aeec8d67a3c5ddbc588828bc09d51901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:ba:06:0e:6c:ed:29:9f:7f:4c:a0:06:70:
75:e0:30:de:4b:4a:80:7a:f3:a5:be:d4:25:8b:79:
a0:23:31:e1:70:a7:e9:e5:71:c8:9c:7b:2f:e4:d6:
77:02:1b:84:c8:b9:de:94:ab:3f:3f:aa:87:4c:fe:
62:57:05:a0:b5:47:b0:a8:02:42:b0:15:f7:39:b9:
f6:f4:e7:4d:df:32:f6:99:a7:67:97:e0:e8:65:41:
d0:20:85:37:3c:1c:82:eb:84:37:2a:7a:e8:48:56:
c8:23:82:14:a6:32:68:25:4a:ea:4f:a4:0a:12:40:
92:3a:82:54:ab:76:5a:a9:a7:fa:e2:2a:11:39:bb:
ef:fb:6b:44:49:fe:68:1f:4c:f5:1d:ab:6a:cf:8e:
3a:0c:b2:13:66:2c:d9:11:e1:89:a7:c2:02:be:1d:
30:93:7e:e9:01:64:3c:4e:7e:a7:14:5b:98:6f:f0:
43:df:a9:d2:e5:2d:5a:2a:12:6d:75:57:1c:93:0e:
d0:55:59:28:4d:11:5c:8f:4f:70:91:7d:f3:cd:24:
08:90:c6:61:60:57:09:12:6a:79:f7:a9:2d:5d:d0:
a7:e5:9a:29:12:37:33:c6:b1:cd:ef:ca:b8:ef:9f:
44:6d:6a:31:82:65:cb:e3:7b:63:43:62:b1:8e:cf:
0c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3E:30:B7:AE:EC:8D:67:A3:C5:DD:BC:58:88:28:BC:09:D5:19:01
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/MT4wt67sjWejxd28WIgovAnVGQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.212.0/24
185.226.180.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
23:27:37:fc:67:5b:a9:3e:b3:4e:e8:e7:f3:e7:b3:a7:b3:8b:
d1:4e:ef:fb:86:a1:fc:69:cf:f7:c1:14:40:30:81:6e:4a:24:
f1:80:17:cf:ad:55:c9:2d:f5:02:49:cd:e8:6d:12:d0:f7:ab:
55:6e:62:30:c3:ba:dc:ea:5a:60:f9:bf:fd:d7:df:b7:11:fe:
b7:6a:d0:09:76:d8:be:e7:64:0a:12:ac:1f:1c:44:3a:f8:8d:
72:ed:cc:22:83:61:da:c3:8c:5a:52:96:1e:5c:00:25:a5:6c:
19:49:3e:d9:4c:0e:51:98:00:84:eb:52:b3:5e:74:2a:f0:18:
1c:3d:b5:28:27:bd:bb:19:d1:c7:f4:94:0c:82:16:e2:41:93:
16:a1:45:b1:2a:56:d2:3c:ca:cc:84:2a:38:b7:d8:86:9c:87:
e3:2f:9e:06:2a:ee:53:c0:52:04:36:9d:f0:1d:3f:d3:51:a8:
04:85:62:a2:b0:85:d3:b3:36:dd:02:cc:ca:b0:df:27:08:c1:
da:c0:c4:c6:74:3c:91:68:99:42:e1:fd:54:f8:01:ff:85:66:
b8:81:98:71:e2:fe:a9:de:01:3f:7b:e5:12:3a:4f:57:b0:74:
0f:0a:6d:f0:b7:d5:ff:95:e6:a2:2b:e6:33:6a:24:60:ac:34:
db:eb:65:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd3a7yyEJuGSzZ/twNLSgd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDEyMjE0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNlMzBiN2FlZWM4ZDY3YTNjNWRkYmM1ODg4MjhiYzA5ZDUxOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDG6Bg5s7Smff0ygBnB14DDeS0qA
evOlvtQli3mgIzHhcKfp5XHInHsv5NZ3AhuEyLnelKs/P6qHTP5iVwWgtUewqAJC
sBX3Obn29OdN3zL2madnl+DoZUHQIIU3PByC64Q3KnroSFbII4IUpjJoJUrqT6QK
EkCSOoJUq3Zaqaf64ioRObvv+2tESf5oH0z1Hatqz446DLITZizZEeGJp8ICvh0w
k37pAWQ8Tn6nFFuYb/BD36nS5S1aKhJtdVcckw7QVVkoTRFcj09wkX3zzSQIkMZh
YFcJEmp596ktXdCn5ZopEjczxrHN78q4759EbWoxgmXL43tjQ2Kxjs8MSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDE+MLeu7I1no8XdvFiIKLwJ1RkBMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvTVQ0d3Q2N3NqV2VqeGQyOFdJZ292QW5WR1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucfUAwQA
ueK0AwQAwpJcMA0GCSqGSIb3DQEBCwUAA4IBAQAjJzf8Z1upPrNO6Ofz57Ons4vR
Tu/7hqH8ac/3wRRAMIFuSiTxgBfPrVXJLfUCSc3obRLQ96tVbmIww7rc6lpg+b/9
19+3Ef63atAJdti+52QKEqwfHEQ6+I1y7cwig2Haw4xaUpYeXAAlpWwZST7ZTA5R
mACE61KzXnQq8BgcPbUoJ727GdHH9JQMghbiQZMWoUWxKlbSPMrMhCo4t9iGnIfj
L54GKu5TwFIENp3wHT/TUagEhWKisIXTszbdAszKsN8nCMHawMTGdDyRaJlC4f1U
+AH/hWa4gZhx4v6p3gE/e+USOk9XsHQPCm3wt9X/leaiK+YzaiRgrDTb62VT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org