Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Q75e4X9HV-dgSgjpXOG5a08-Lak.roa
File: Q75e4X9HV-dgSgjpXOG5a08-Lak.roa (raw, json)
Hash identifier: OlGbHdXCPT25PZ3bkNW4Fh0SJEKF8KM+l4OkSnA66Cc=
Subject key identifier: 43:BE:5E:E1:7F:47:57:E7:60:4A:08:E9:5C:E1:B9:6B:4F:3E:2D:A9
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018BB5FB26C32DB0A6CFEFF91D72AADED81D
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Q75e4X9HV-dgSgjpXOG5a08-Lak.roa
Signing time: Thu 09 Nov 2023 21:26:57 +0000
ROA not before: Thu 09 Nov 2023 21:26:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 185.225.170.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 18 Dec 2023 01:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:fb:26:c3:2d:b0:a6:cf:ef:f9:1d:72:aa:de:d8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 9 21:26:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43be5ee17f4757e7604a08e95ce1b96b4f3e2da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a7:e5:28:a0:a8:85:8d:74:98:12:e4:fd:c3:
94:86:3b:7b:ce:06:7f:50:a3:ed:bf:1d:93:57:29:
77:8b:55:dc:ef:04:34:7c:8b:1b:b7:14:28:9e:56:
5a:02:0b:50:a4:94:9b:59:10:bc:77:0c:e0:96:b6:
4f:d6:cd:9a:01:b0:bc:ae:e6:9c:72:f3:69:a8:f6:
4f:61:45:a0:73:9b:e1:60:09:e1:87:19:96:a2:9f:
3c:e3:be:0f:d0:c1:9b:37:20:85:1a:8b:4c:99:49:
27:f1:02:ec:19:e1:f5:5b:0e:48:38:e5:b0:2a:09:
0b:5b:f3:57:c5:29:f0:c4:70:8e:21:b4:7a:13:16:
27:9f:2f:cc:70:dd:9f:33:20:60:5e:99:12:e1:51:
ec:8f:1d:f7:b4:8c:b5:95:d1:49:71:bd:bd:10:4a:
07:9c:2b:f6:2e:d4:06:f8:41:bb:53:48:90:3f:7b:
92:ef:da:38:78:71:5c:7e:93:e5:9c:d2:6a:60:5d:
9b:0c:eb:01:26:6e:cf:af:2f:3d:c5:e6:8e:4c:7b:
b9:a3:73:85:46:ae:2d:5f:76:b8:5d:9f:99:11:f4:
bb:cb:da:62:dc:ae:fe:55:85:13:2d:23:b3:be:bf:
11:d9:3e:35:41:6f:48:58:a0:66:72:a8:09:9b:64:
6c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BE:5E:E1:7F:47:57:E7:60:4A:08:E9:5C:E1:B9:6B:4F:3E:2D:A9
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Q75e4X9HV-dgSgjpXOG5a08-Lak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:a2:70:7e:4c:b7:e9:97:9a:e3:da:b0:da:ec:f2:02:4f:79:
2f:71:3e:b0:19:25:51:36:e6:44:9c:bf:80:cb:50:bf:e5:ef:
23:ad:1e:93:5b:63:23:ce:df:d2:41:75:b6:a6:aa:8a:3e:04:
79:62:8b:00:76:04:f7:a0:13:c9:5c:44:e5:58:f6:43:ed:e1:
55:1d:09:71:e1:f2:bf:20:0c:d6:bf:99:d8:d0:ba:34:09:28:
11:7e:12:f7:42:cd:5d:64:9d:b6:ca:d2:f7:1e:7f:f8:01:84:
c9:92:d6:93:ae:45:e9:45:9d:d3:9a:41:f8:c5:f0:da:e2:de:
56:ac:be:40:65:99:17:4b:d6:b0:07:9d:26:a5:11:f6:76:8d:
42:80:6f:26:38:ad:1c:94:b2:b4:3f:33:2d:9e:75:fe:b9:82:
cf:cb:7b:fb:98:79:80:dd:65:aa:66:60:e8:0b:9a:c4:e8:37:
3f:e5:51:5c:07:ee:2b:d9:8e:e1:66:d9:26:f4:02:a0:7e:d7:
0b:1a:0c:b2:ee:4a:77:89:6b:7c:57:d7:e2:c3:67:0c:3b:58:
d1:4b:76:ba:7d:47:4f:20:ad:31:4f:ea:b2:46:96:3e:ed:85:
b1:74:68:db:df:d5:da:95:be:2b:88:bb:4c:5e:9f:74:8b:03:
c1:2a:78:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu1+ybDLbCmz+/5HXKq3tgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMTA5MjEyNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JlNWVlMTdmNDc1N2U3NjA0YTA4ZTk1Y2UxYjk2YjRmM2UyZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqflKKCohY10mBLk/cOUhjt7zgZ/
UKPtvx2TVyl3i1Xc7wQ0fIsbtxQonlZaAgtQpJSbWRC8dwzglrZP1s2aAbC8ruac
cvNpqPZPYUWgc5vhYAnhhxmWop88474P0MGbNyCFGotMmUkn8QLsGeH1Ww5IOOWw
KgkLW/NXxSnwxHCOIbR6ExYnny/McN2fMyBgXpkS4VHsjx33tIy1ldFJcb29EEoH
nCv2LtQG+EG7U0iQP3uS79o4eHFcfpPlnNJqYF2bDOsBJm7Pry89xeaOTHu5o3OF
Rq4tX3a4XZ+ZEfS7y9pi3K7+VYUTLSOzvr8R2T41QW9IWKBmcqgJm2RsXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEO+XuF/R1fnYEoI6VzhuWtPPi2pMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUTc1ZTRYOUhWLWRnU2dqcFhPRzVhMDgtTGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueGqMA0G
CSqGSIb3DQEBCwUAA4IBAQBconB+TLfpl5rj2rDa7PICT3kvcT6wGSVRNuZEnL+A
y1C/5e8jrR6TW2Mjzt/SQXW2pqqKPgR5YosAdgT3oBPJXETlWPZD7eFVHQlx4fK/
IAzWv5nY0Lo0CSgRfhL3Qs1dZJ22ytL3Hn/4AYTJktaTrkXpRZ3TmkH4xfDa4t5W
rL5AZZkXS9awB50mpRH2do1CgG8mOK0clLK0PzMtnnX+uYLPy3v7mHmA3WWqZmDo
C5rE6Dc/5VFcB+4r2Y7hZtkm9AKgftcLGgyy7kp3iWt8V9fiw2cMO1jRS3a6fUdP
IK0xT+qyRpY+7YWxdGjb39Xalb4riLtMXp90iwPBKniq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org