Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/RwMtnukZtvjyfuJuhwb52v3ljEI.roa
File: RwMtnukZtvjyfuJuhwb52v3ljEI.roa (raw, json)
Hash identifier: 2+zYDTeKdwPwEp2btvbJfzGK26e6SOSqSBRGEflpCAY=
Subject key identifier: 47:03:2D:9E:E9:19:B6:F8:F2:7E:E2:6E:87:06:F9:DA:FD:E5:8C:42
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CC8DF1721A05ACA3026A8A5F3EA379C92
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/RwMtnukZtvjyfuJuhwb52v3ljEI.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206505
IP address blocks: 185.221.26.0/23 maxlen: 24
185.221.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 14:17:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:17:21:a0:5a:ca:30:26:a8:a5:f3:ea:37:9c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47032d9ee919b6f8f27ee26e8706f9dafde58c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dd:c0:4d:a6:db:01:c9:e5:47:bc:3f:fe:e6:
ea:06:d4:67:3e:ff:c3:8d:da:40:6f:55:9b:a0:75:
9a:08:e0:d3:50:29:0e:e3:75:02:41:a7:84:f1:b4:
49:6b:5c:9c:f8:16:be:2f:ca:2f:06:a0:44:67:44:
35:84:2a:05:bb:24:01:7a:53:a4:00:c7:26:fb:0e:
23:b0:e8:02:cc:97:a5:26:94:39:10:b3:e9:02:65:
64:85:35:a2:96:70:b9:fb:8e:3c:83:72:f2:22:40:
78:d2:48:30:9e:38:2a:31:ee:97:ea:ce:6f:23:a7:
4c:ae:b3:01:64:b1:63:db:75:df:0b:bf:53:c5:28:
fc:65:ab:c7:8c:97:73:20:93:16:fe:f4:d1:40:57:
34:8f:81:fc:7e:a1:65:66:60:72:ae:67:44:f5:3e:
6e:c9:2a:40:46:70:45:c7:cb:95:e0:f8:4f:5c:73:
0c:81:98:e5:cf:66:10:39:26:17:2a:8b:e1:18:aa:
98:59:a3:93:9d:3b:58:c1:f4:03:fb:90:be:b5:ed:
f5:c4:e8:03:85:e9:61:4e:6d:75:ce:58:b3:4d:de:
3f:2a:43:cf:e3:48:b1:93:aa:04:b4:7b:82:ec:56:
b2:3d:6f:7c:be:15:0d:11:80:26:20:c7:5f:50:b9:
8d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:03:2D:9E:E9:19:B6:F8:F2:7E:E2:6E:87:06:F9:DA:FD:E5:8C:42
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/RwMtnukZtvjyfuJuhwb52v3ljEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.26.0/23
Signature Algorithm: sha256WithRSAEncryption
88:66:45:9f:90:6c:c6:4f:06:36:00:e3:cf:1f:73:b2:9e:66:
06:9e:4d:ae:d1:83:ad:7e:7e:78:08:55:e4:c0:0b:ae:1f:ef:
81:29:7b:1f:71:4d:17:a2:34:fd:58:cf:8e:d6:ad:de:42:33:
35:34:32:94:06:22:ed:87:e3:44:08:a4:66:51:fb:82:fb:58:
3c:46:be:82:59:5b:3d:31:31:71:50:a9:a5:6c:7d:8a:5e:9d:
83:0d:87:64:86:83:8d:5f:0f:ec:88:da:f1:3d:d2:c6:0b:7c:
c7:4d:83:4d:20:ea:09:7c:c9:40:2d:e3:9d:c5:fc:18:21:17:
b5:79:9c:68:bc:6a:1a:68:44:5b:a0:db:54:07:38:c6:0b:24:
b9:19:48:6f:b1:41:80:80:e6:91:3f:d4:37:03:67:11:8c:38:
eb:e4:4f:ae:5d:f7:c4:7d:2a:7a:22:60:38:09:df:71:a0:0c:
d2:d9:64:02:6d:70:76:df:47:b8:28:87:91:82:e9:2d:9d:8e:
ca:a0:1f:bd:90:ab:ad:06:30:05:1d:e6:44:3e:e4:6e:cf:53:
a7:31:a0:e4:0d:17:fd:c4:97:bc:d2:12:d2:d0:d7:c5:2f:e7:
06:33:d9:a0:1c:ba:03:8c:e4:27:37:a2:fe:ab:8e:80:30:63:
09:c5:a7:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3xchoFrKMCaopfPqN5ySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzAzMmQ5ZWU5MTliNmY4ZjI3ZWUyNmU4NzA2ZjlkYWZkZTU4YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d3ATabbAcnlR7w//ubqBtRnPv/D
jdpAb1WboHWaCODTUCkO43UCQaeE8bRJa1yc+Ba+L8ovBqBEZ0Q1hCoFuyQBelOk
AMcm+w4jsOgCzJelJpQ5ELPpAmVkhTWilnC5+448g3LyIkB40kgwnjgqMe6X6s5v
I6dMrrMBZLFj23XfC79TxSj8ZavHjJdzIJMW/vTRQFc0j4H8fqFlZmByrmdE9T5u
ySpARnBFx8uV4PhPXHMMgZjlz2YQOSYXKovhGKqYWaOTnTtYwfQD+5C+te31xOgD
helhTm11zlizTd4/KkPP40ixk6oEtHuC7FayPW98vhUNEYAmIMdfULmNfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcDLZ7pGbb48n7ibocG+dr95YxCMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUndNdG51a1p0dmp5ZnVKdWh3YjUydjNsakVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBud0aMA0G
CSqGSIb3DQEBCwUAA4IBAQCIZkWfkGzGTwY2AOPPH3OynmYGnk2u0YOtfn54CFXk
wAuuH++BKXsfcU0XojT9WM+O1q3eQjM1NDKUBiLth+NECKRmUfuC+1g8Rr6CWVs9
MTFxUKmlbH2KXp2DDYdkhoONXw/siNrxPdLGC3zHTYNNIOoJfMlALeOdxfwYIRe1
eZxovGoaaERboNtUBzjGCyS5GUhvsUGAgOaRP9Q3A2cRjDjr5E+uXffEfSp6ImA4
Cd9xoAzS2WQCbXB230e4KIeRguktnY7KoB+9kKutBjAFHeZEPuRuz1OnMaDkDRf9
xJe80hLS0NfFL+cGM9mgHLoDjOQnN6L+q46AMGMJxacM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org