Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/P7s4xSDfitOPUsUCALVu7hsIAvI.roa
File: P7s4xSDfitOPUsUCALVu7hsIAvI.roa (raw, json)
Hash identifier: HODZxSWPjrKpX9yZvQdVoqiaW8ZcLxPeUK853wV4hlc=
Subject key identifier: 3F:BB:38:C5:20:DF:8A:D3:8F:52:C5:02:00:B5:6E:EE:1B:08:02:F2
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CC8DF161BBA9F5E52AB964D4625D1648C
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/P7s4xSDfitOPUsUCALVu7hsIAvI.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.244.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
185.221.24.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 06:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:16:1b:ba:9f:5e:52:ab:96:4d:46:25:d1:64:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fbb38c520df8ad38f52c50200b56eee1b0802f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f2:6e:94:64:3f:32:2d:e9:15:41:11:18:6d:
8c:60:87:87:98:52:7f:2f:42:9f:79:29:9c:67:6e:
f0:64:6e:09:87:60:41:b1:2a:4c:d5:e4:67:52:b5:
53:0d:fa:81:95:9c:f8:88:e1:a0:5c:8b:f0:62:26:
24:d1:1d:e8:23:69:10:87:72:5e:e6:d1:71:c0:32:
f1:80:0d:1e:06:16:f4:16:cd:3b:a4:79:ae:36:f4:
0b:73:e0:1d:bc:b6:5f:4e:89:4e:91:de:3d:ca:70:
16:64:c4:d6:1f:15:87:27:ac:61:ff:90:fb:79:38:
20:8a:94:01:0d:08:2c:8a:f4:27:af:af:2e:f7:40:
f3:ca:20:ce:b4:e2:f4:f2:c3:2e:bb:f8:39:e0:8e:
95:22:43:87:88:23:2b:2a:62:7c:55:ee:4d:02:fd:
d1:c5:fc:70:f3:ca:1f:2a:c5:31:6c:18:22:1f:0c:
33:68:d7:c5:3f:4f:41:40:2d:24:09:c8:a7:a7:37:
e9:ba:87:d9:0e:bd:db:f7:6c:7d:5b:aa:6e:7e:9b:
9f:48:52:20:15:41:11:e0:72:ed:ec:bc:33:ff:9d:
03:bf:8d:d2:ce:68:ab:39:df:1b:b6:10:b7:2d:ba:
66:6b:23:94:a5:84:ae:e5:18:56:c2:7f:c5:73:ca:
04:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BB:38:C5:20:DF:8A:D3:8F:52:C5:02:00:B5:6E:EE:1B:08:02:F2
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/P7s4xSDfitOPUsUCALVu7hsIAvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/23
176.125.250.0/24
185.221.24.0/23
185.225.168.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:bb:48:13:50:ba:1f:a4:6f:b6:c4:4a:79:2e:4f:cf:eb:2d:
d9:93:e6:5c:d4:5a:03:98:7c:62:06:8e:cb:7b:d9:69:df:8a:
24:61:ae:82:b2:4f:6b:de:bb:21:08:03:18:00:e8:cf:0a:cb:
d8:87:3d:a7:8a:17:34:e4:f5:2f:1f:c9:f9:d7:54:77:d0:2c:
cd:e0:21:eb:90:81:db:9e:3a:59:1a:01:f5:70:3f:5c:bf:5d:
0b:9d:ee:d0:df:f9:d5:07:45:5d:51:46:c3:47:dc:f6:d2:22:
94:4f:85:2e:84:81:f0:55:81:89:2c:c6:e8:1f:ef:7a:a6:ad:
1c:54:7f:5a:90:16:42:1b:14:3e:ba:53:43:8c:40:b0:61:bd:
a5:8c:cc:d3:44:3b:e3:34:42:a1:45:3c:00:e3:a2:53:6f:80:
d4:54:84:d2:b4:9e:83:43:b3:b5:6a:36:24:19:87:c2:0e:a8:
d9:d8:7a:2a:ca:76:1c:37:16:67:e6:63:ed:84:d3:73:6f:96:
8d:30:39:35:47:e1:c4:65:ca:d2:f5:43:ca:bc:d6:84:dc:2f:
16:87:87:fa:28:4a:ee:4c:e5:e5:5d:ba:b3:be:58:3c:a4:e4:
53:cd:d3:13:95:7d:a1:72:be:c4:f0:75:15:c5:07:e4:a2:3f:
51:4f:7d:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3xYbup9eUquWTUYl0WSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmJiMzhjNTIwZGY4YWQzOGY1MmM1MDIwMGI1NmVlZTFiMDgwMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fJulGQ/Mi3pFUERGG2MYIeHmFJ/
L0KfeSmcZ27wZG4Jh2BBsSpM1eRnUrVTDfqBlZz4iOGgXIvwYiYk0R3oI2kQh3Je
5tFxwDLxgA0eBhb0Fs07pHmuNvQLc+AdvLZfTolOkd49ynAWZMTWHxWHJ6xh/5D7
eTggipQBDQgsivQnr68u90DzyiDOtOL08sMuu/g54I6VIkOHiCMrKmJ8Ve5NAv3R
xfxw88ofKsUxbBgiHwwzaNfFP09BQC0kCcinpzfpuofZDr3b92x9W6pufpufSFIg
FUER4HLt7Lwz/50Dv43SzmirOd8bthC3LbpmayOUpYSu5RhWwn/Fc8oELQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD+7OMUg34rTj1LFAgC1bu4bCALyMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUDdzNHhTRGZpdE9QVXNVQ0FMVnU3aHNJQXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBT2L0AwQA
sH36AwQBud0YAwQBueGoMA0GCSqGSIb3DQEBCwUAA4IBAQBcu0gTULofpG+2xEp5
Lk/P6y3Zk+Zc1FoDmHxiBo7Le9lp34okYa6Csk9r3rshCAMYAOjPCsvYhz2nihc0
5PUvH8n511R30CzN4CHrkIHbnjpZGgH1cD9cv10Lne7Q3/nVB0VdUUbDR9z20iKU
T4UuhIHwVYGJLMboH+96pq0cVH9akBZCGxQ+ulNDjECwYb2ljMzTRDvjNEKhRTwA
46JTb4DUVITStJ6DQ7O1ajYkGYfCDqjZ2HoqynYcNxZn5mPthNNzb5aNMDk1R+HE
ZcrS9UPKvNaE3C8Wh4f6KEruTOXlXbqzvlg8pORTzdMTlX2hcr7E8HUVxQfkoj9R
T33K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org