Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/PvmdV3uEbjcy4VF7P5DcbN-RGdU.roa
File: PvmdV3uEbjcy4VF7P5DcbN-RGdU.roa (raw, json)
Hash identifier: UoXa3gF26PD6Kws9Blh0e7wNu7Vax9K0XU8M10zLAog=
Subject key identifier: 3E:F9:9D:57:7B:84:6E:37:32:E1:51:7B:3F:90:DC:6C:DF:91:19:D5
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01886ED75046D5FCE662402488C57B073F5C
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/PvmdV3uEbjcy4VF7P5DcbN-RGdU.roa
Signing time: Tue 30 May 2023 22:46:24 +0000
ROA not before: Tue 30 May 2023 22:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.171.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Jun 2023 12:42:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6e:d7:50:46:d5:fc:e6:62:40:24:88:c5:7b:07:3f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 30 22:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ef99d577b846e3732e1517b3f90dc6cdf9119d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e1:13:28:7e:59:38:92:c0:e2:43:f6:1e:d3:
65:08:4a:ce:d2:a0:29:28:9d:37:0d:7f:7e:39:c1:
c7:19:e8:f3:51:23:65:cd:1b:15:86:7d:12:79:35:
e9:a2:2f:3b:b5:22:72:ee:a3:40:6e:a2:49:ba:b2:
af:26:b1:63:66:fc:d3:00:2b:c8:8a:e3:ce:47:aa:
cb:8d:e8:51:4d:c6:3a:d6:2d:77:fc:11:b6:2d:e2:
1b:90:e2:ad:9b:37:23:a8:de:16:43:ce:b4:83:7e:
c9:d3:ee:1f:82:cf:29:77:91:7b:ea:55:3d:f3:1f:
3c:22:f7:a7:1e:6d:9c:b4:4f:8f:ca:15:ae:dc:aa:
56:52:7c:72:2f:6b:f3:b3:58:82:83:f1:62:80:69:
c9:07:f5:1f:f7:7b:1c:b0:8c:35:da:08:86:48:31:
be:3b:ac:a8:f1:ba:d8:df:8c:27:05:cc:d8:39:02:
5a:00:f9:7e:56:c4:ee:13:1c:d6:d8:ec:27:30:28:
e8:25:e3:64:e7:39:3e:07:38:58:cd:eb:3b:4d:10:
83:7c:22:c4:a0:ff:ec:89:5d:67:c9:6a:2a:56:b9:
7a:79:22:53:3f:1f:f6:80:09:9e:ef:63:6d:98:ee:
75:21:20:91:fc:c6:75:62:bc:98:f8:be:bc:9f:b6:
c5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F9:9D:57:7B:84:6E:37:32:E1:51:7B:3F:90:DC:6C:DF:91:19:D5
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/PvmdV3uEbjcy4VF7P5DcbN-RGdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.149.0/24
185.225.171.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b2:0d:18:17:94:66:fe:72:a5:d2:bd:17:d7:03:f9:ed:4e:
19:2a:18:c8:c4:69:89:da:c3:f6:03:69:82:8a:cc:80:1f:a9:
55:68:ac:67:21:b0:ba:f3:0a:ef:e2:85:7f:85:d1:f3:61:86:
4f:ef:64:25:40:b5:96:4c:1e:44:8f:b4:cf:19:e7:2c:13:3f:
2b:1b:4e:e2:d7:9a:71:a1:ff:c1:1f:51:af:18:6b:19:ef:64:
51:26:df:c9:8e:de:22:60:1b:d4:18:81:01:c9:1f:08:83:72:
25:67:2a:88:78:4f:e1:33:5a:27:7b:79:d4:d3:7d:00:11:31:
82:4a:88:a6:94:a4:55:d1:59:f2:d4:da:bc:56:8f:a2:9e:b8:
b5:89:ae:b7:20:de:33:9a:aa:d9:19:97:80:ac:79:f7:2c:cb:
6e:cd:84:6f:da:47:e1:dc:bf:cd:dd:1e:63:8a:72:3f:3a:1b:
00:65:c2:20:61:33:9f:2c:4e:9c:17:2f:43:33:f9:56:da:05:
b2:31:4a:ad:43:f2:d0:fb:05:44:8b:eb:fa:fc:33:38:13:ae:
e2:71:21:db:b6:ae:04:8d:9d:75:d7:f3:06:9c:06:ef:ba:7c:
53:bc:1d:2b:80:62:3c:63:cc:73:82:75:49:fa:ad:ca:b5:60:
eb:78:93:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhu11BG1fzmYkAkiMV7Bz9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTMwMjI0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY5OWQ1NzdiODQ2ZTM3MzJlMTUxN2IzZjkwZGM2Y2RmOTExOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+ETKH5ZOJLA4kP2HtNlCErO0qAp
KJ03DX9+OcHHGejzUSNlzRsVhn0SeTXpoi87tSJy7qNAbqJJurKvJrFjZvzTACvI
iuPOR6rLjehRTcY61i13/BG2LeIbkOKtmzcjqN4WQ860g37J0+4fgs8pd5F76lU9
8x88IvenHm2ctE+PyhWu3KpWUnxyL2vzs1iCg/FigGnJB/Uf93scsIw12giGSDG+
O6yo8brY34wnBczYOQJaAPl+VsTuExzW2OwnMCjoJeNk5zk+BzhYzes7TRCDfCLE
oP/siV1nyWoqVrl6eSJTPx/2gAme72NtmO51ISCR/MZ1YryY+L68n7bFQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD75nVd7hG43MuFRez+Q3GzfkRnVMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUHZtZFYzdUViamN5NFZGN1A1RGNiTi1SR2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuceVAwQA
ueGrMA0GCSqGSIb3DQEBCwUAA4IBAQB3sg0YF5Rm/nKl0r0X1wP57U4ZKhjIxGmJ
2sP2A2mCisyAH6lVaKxnIbC68wrv4oV/hdHzYYZP72QlQLWWTB5Ej7TPGecsEz8r
G07i15pxof/BH1GvGGsZ72RRJt/Jjt4iYBvUGIEByR8Ig3IlZyqIeE/hM1one3nU
030AETGCSoimlKRV0Vny1Nq8Vo+inri1ia63IN4zmqrZGZeArHn3LMtuzYRv2kfh
3L/N3R5jinI/OhsAZcIgYTOfLE6cFy9DM/lW2gWyMUqtQ/LQ+wVEi+v6/DM4E67i
cSHbtq4EjZ111/MGnAbvunxTvB0rgGI8Y8xzgnVJ+q3KtWDreJOy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org