Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S-pPOgHcgUzVhJzzN8GUS_ToU7M.roa
File: S-pPOgHcgUzVhJzzN8GUS_ToU7M.roa (raw, json)
Hash identifier: c9w4iF4RetiZnOo1X/MnaPEao4+eHbEaPKcKTF3+3V4=
Subject key identifier: 4B:EA:4F:3A:01:DC:81:4C:D5:84:9C:F3:37:C1:94:4B:F4:E8:53:B3
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018F26D76AD84283B3E750D206F05FB4F6F8
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S-pPOgHcgUzVhJzzN8GUS_ToU7M.roa
Signing time: Sun 28 Apr 2024 22:33:22 +0000
ROA not before: Sun 28 Apr 2024 22:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 176.125.251.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 14:16:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:26:d7:6a:d8:42:83:b3:e7:50:d2:06:f0:5f:b4:f6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 28 22:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bea4f3a01dc814cd5849cf337c1944bf4e853b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:8c:65:13:8d:e7:38:82:85:c7:57:2a:37:
72:58:df:74:91:c0:8b:85:de:df:4f:4d:a8:5e:23:
5a:5b:14:8e:3f:db:c0:24:e4:ac:97:f6:90:13:49:
dc:ec:6a:aa:39:27:80:76:9a:8e:77:6f:de:84:0d:
29:a2:44:49:87:fb:70:35:f5:f0:7a:d1:a4:99:82:
37:5f:75:7d:cf:b0:df:c1:93:5f:86:64:1e:52:c7:
0a:f2:f4:67:af:60:ab:f0:38:91:41:73:8e:e0:db:
fc:af:41:e6:8c:c0:ae:94:82:7a:fb:6b:e9:8d:1d:
48:fb:7f:b6:47:f5:41:8d:dc:bc:f4:c6:b6:4c:58:
9c:32:34:df:b7:df:b0:86:07:af:8b:4d:c7:28:a5:
3b:e5:1a:df:58:2b:c2:d5:8a:1e:bb:8a:9e:7b:91:
96:c1:24:81:ad:81:db:40:67:5c:20:3b:af:4f:ac:
77:88:81:18:00:7e:c6:47:52:72:9d:5f:6b:22:1b:
d1:67:a1:2c:77:05:c1:19:1b:56:0c:d6:ea:f6:f7:
97:3f:4e:31:e6:91:d9:3e:b0:bc:d0:fc:dc:7a:62:
24:b1:29:74:3d:06:38:fe:59:27:b2:0f:a7:5a:0f:
da:79:cc:43:f3:7e:d0:f7:9e:de:a5:b0:8c:3c:29:
a1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EA:4F:3A:01:DC:81:4C:D5:84:9C:F3:37:C1:94:4B:F4:E8:53:B3
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S-pPOgHcgUzVhJzzN8GUS_ToU7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.251.0/24
185.199.213.0/24
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f0:0f:65:9f:16:72:25:ff:f2:9d:48:38:72:8b:c8:83:58:
a3:a3:e6:36:77:dc:af:29:e9:c9:27:60:93:02:1a:25:5e:a8:
a1:f9:49:1f:dc:ca:5a:21:85:de:3d:3c:dc:7f:ac:60:b3:99:
51:4e:8e:e7:1b:10:12:69:70:50:0e:bd:67:c0:59:81:1a:71:
7d:db:1b:a7:85:eb:2a:62:0a:40:02:1c:80:da:88:a1:86:43:
6e:e6:b7:86:d8:45:69:19:7e:a8:b0:8c:7c:4b:d4:de:d5:f6:
36:69:be:06:aa:32:01:f1:be:b1:8e:23:82:d3:98:64:a4:f7:
b2:e0:bf:32:4b:a7:01:a5:af:de:a8:da:db:8e:8e:a7:f3:8e:
ac:17:24:cd:65:2c:5c:7e:33:47:84:53:f6:bb:83:ed:08:77:
ea:d4:bd:f8:28:55:b1:ff:fb:0c:a0:4b:14:02:8c:1f:0e:0b:
b6:a7:0f:b4:5a:a4:8c:dd:b6:a7:1c:77:be:d6:a3:26:95:f4:
35:f2:88:91:84:06:65:4d:99:0a:1c:4e:c0:4e:c7:57:cd:34:
ce:2b:e3:62:8c:d9:fe:ed:31:24:c3:c6:f3:ae:25:5d:21:0a:
b4:b9:9f:dc:8b:8d:ad:a3:72:21:13:cb:5a:7f:8b:6f:fd:73:
88:78:a1:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8m12rYQoOz51DSBvBftPb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNDI4MjIzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmVhNGYzYTAxZGM4MTRjZDU4NDljZjMzN2MxOTQ0YmY0ZTg1M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAyMZRON5ziChcdXKjdyWN90kcCL
hd7fT02oXiNaWxSOP9vAJOSsl/aQE0nc7GqqOSeAdpqOd2/ehA0pokRJh/twNfXw
etGkmYI3X3V9z7DfwZNfhmQeUscK8vRnr2Cr8DiRQXOO4Nv8r0HmjMCulIJ6+2vp
jR1I+3+2R/VBjdy89Ma2TFicMjTft9+whgevi03HKKU75RrfWCvC1Yoeu4qee5GW
wSSBrYHbQGdcIDuvT6x3iIEYAH7GR1JynV9rIhvRZ6EsdwXBGRtWDNbq9veXP04x
5pHZPrC80PzcemIksSl0PQY4/lknsg+nWg/aecxD837Q957epbCMPCmhlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEvqTzoB3IFM1YSc8zfBlEv06FOzMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUy1wUE9nSGNnVXpWaEp6ek44R1VTX1RvVTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH37AwQA
ucfVAwQAueK1MA0GCSqGSIb3DQEBCwUAA4IBAQAk8A9lnxZyJf/ynUg4covIg1ij
o+Y2d9yvKenJJ2CTAholXqih+Ukf3MpaIYXePTzcf6xgs5lRTo7nGxASaXBQDr1n
wFmBGnF92xunhesqYgpAAhyA2oihhkNu5reG2EVpGX6osIx8S9Te1fY2ab4GqjIB
8b6xjiOC05hkpPey4L8yS6cBpa/eqNrbjo6n846sFyTNZSxcfjNHhFP2u4PtCHfq
1L34KFWx//sMoEsUAowfDgu2pw+0WqSM3banHHe+1qMmlfQ18oiRhAZlTZkKHE7A
TsdXzTTOK+NijNn+7TEkw8bzriVdIQq0uZ/ci42to3IhE8taf4tv/XOIeKGf
-----END CERTIFICATE-----
Generated at Thu May 2 18:54:44 2024 by rpki-client on console-ams.rpki-client.org