Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/OogA5lBuDfhxz2lAv9D2tVt7RbQ.roa
File: OogA5lBuDfhxz2lAv9D2tVt7RbQ.roa (raw, json)
Hash identifier: YMdjH4cX0RBzz6vzxlCDkNqCmUMELvsprFQmNW/t5b8=
Subject key identifier: 3A:88:00:E6:50:6E:0D:F8:71:CF:69:40:BF:D0:F6:B5:5B:7B:45:B4
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01867E8826BB2F10C409D3C925DCC363314E
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/OogA5lBuDfhxz2lAv9D2tVt7RbQ.roa
Signing time: Thu 23 Feb 2023 13:48:17 +0000
ROA not before: Thu 23 Feb 2023 13:48:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212071
IP address blocks: 185.199.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 15:07:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:88:26:bb:2f:10:c4:09:d3:c9:25:dc:c3:63:31:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Feb 23 13:48:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a8800e6506e0df871cf6940bfd0f6b55b7b45b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b2:1a:9f:39:4e:67:64:f9:c7:3f:e4:51:ab:
7e:61:b3:f2:3a:e0:dc:03:8b:ca:fa:46:a5:51:ca:
92:07:b1:32:84:09:3c:7f:fc:e5:02:f8:c9:10:ef:
95:17:5a:5c:7c:c9:8c:0a:00:7c:64:98:25:60:60:
da:44:ee:83:06:6f:b4:36:4e:9a:9f:bf:a5:96:f2:
03:cf:64:c6:34:ad:70:38:a7:c3:04:82:6f:2a:89:
64:b5:7e:2b:20:2b:1a:19:15:53:41:2f:bd:ee:5f:
99:b3:e3:01:f5:b2:ec:e6:74:24:a5:c5:1e:8a:65:
63:09:73:8e:e0:e1:0e:c7:03:14:c8:a4:8a:04:33:
39:da:8b:a6:c0:a3:f9:1c:02:ef:97:ae:01:ec:9b:
48:6e:1d:6d:08:3d:64:70:89:eb:ed:85:35:50:23:
4b:8a:70:51:ed:ad:b3:0d:b4:c8:4b:66:83:78:89:
9f:78:c0:7a:41:82:02:93:7e:60:e3:52:a5:8a:f3:
32:31:52:b6:84:46:fa:5f:ec:e9:bc:79:13:13:b9:
8e:11:7f:5e:e2:42:bf:19:d2:ba:0d:5a:ef:53:19:
12:70:60:26:b2:d8:a4:69:5c:6c:a3:b1:36:06:79:
71:70:36:b6:cc:ee:3d:e2:36:13:4a:af:5b:02:58:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:88:00:E6:50:6E:0D:F8:71:CF:69:40:BF:D0:F6:B5:5B:7B:45:B4
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/OogA5lBuDfhxz2lAv9D2tVt7RbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.148.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f0:46:ef:3c:bb:c0:46:11:66:6f:4d:ca:c2:2f:00:42:5d:
3f:ec:d5:8b:1f:d5:11:8a:03:74:c0:24:1a:3b:8b:a1:61:b1:
fd:47:fb:ca:d0:f0:aa:4e:f7:c0:7e:74:df:0d:b1:62:ff:b1:
de:08:cb:42:d5:16:aa:d2:f5:10:30:02:37:ef:6e:88:ac:b6:
25:45:7a:62:16:7b:75:07:ca:ea:66:92:58:f6:ba:96:d8:13:
90:5f:c8:02:04:2e:f1:85:f3:2b:c3:cd:a5:53:e7:fd:de:6a:
15:cd:e1:d7:c1:ce:56:d7:9e:99:d8:ec:73:66:c7:80:ed:85:
56:da:95:89:f4:3f:26:ca:5f:2d:cc:36:2b:b2:06:95:f5:67:
6a:f5:9b:89:f6:4a:11:12:a7:d8:3d:45:52:56:33:3b:96:9d:
46:c7:7b:01:fb:ae:2a:5f:23:a2:20:2c:1a:da:ba:3d:df:49:
b7:4b:42:8c:82:63:43:a1:7f:60:47:29:13:63:7f:9b:00:91:
99:c2:92:bf:42:27:a9:b5:76:8c:1f:62:60:eb:3a:c5:14:4f:
18:cc:3e:0b:18:25:6c:19:7e:b5:21:ce:90:c2:cc:7a:c1:bb:
b5:39:13:12:52:f3:b0:59:c7:62:3a:6c:f3:c4:38:a8:82:f7:
af:07:91:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ+iCa7LxDECdPJJdzDYzFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMjIzMTM0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTg4MDBlNjUwNmUwZGY4NzFjZjY5NDBiZmQwZjZiNTViN2I0NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7IanzlOZ2T5xz/kUat+YbPyOuDc
A4vK+kalUcqSB7EyhAk8f/zlAvjJEO+VF1pcfMmMCgB8ZJglYGDaRO6DBm+0Nk6a
n7+llvIDz2TGNK1wOKfDBIJvKolktX4rICsaGRVTQS+97l+Zs+MB9bLs5nQkpcUe
imVjCXOO4OEOxwMUyKSKBDM52oumwKP5HALvl64B7JtIbh1tCD1kcInr7YU1UCNL
inBR7a2zDbTIS2aDeImfeMB6QYICk35g41KlivMyMVK2hEb6X+zpvHkTE7mOEX9e
4kK/GdK6DVrvUxkScGAmstikaVxso7E2BnlxcDa2zO494jYTSq9bAlhEGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqIAOZQbg34cc9pQL/Q9rVbe0W0MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvT29nQTVsQnVEZmh4ejJsQXY5RDJ0VnQ3UmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuceUMA0G
CSqGSIb3DQEBCwUAA4IBAQB38EbvPLvARhFmb03Kwi8AQl0/7NWLH9URigN0wCQa
O4uhYbH9R/vK0PCqTvfAfnTfDbFi/7HeCMtC1Raq0vUQMAI3726IrLYlRXpiFnt1
B8rqZpJY9rqW2BOQX8gCBC7xhfMrw82lU+f93moVzeHXwc5W156Z2OxzZseA7YVW
2pWJ9D8myl8tzDYrsgaV9Wdq9ZuJ9koREqfYPUVSVjM7lp1Gx3sB+64qXyOiICwa
2ro930m3S0KMgmNDoX9gRykTY3+bAJGZwpK/QieptXaMH2Jg6zrFFE8YzD4LGCVs
GX61Ic6Qwsx6wbu1ORMSUvOwWcdiOmzzxDiogvevB5E8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org