Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SJrlRh8zE-FHKDa93oafSvJz8P8.roa
File: SJrlRh8zE-FHKDa93oafSvJz8P8.roa (raw, json)
Hash identifier: gOrGkD9GQ8Wm/eU+v6gglLoawX0wd05j90oC37Uru6U=
Subject key identifier: 48:9A:E5:46:1F:33:13:E1:47:28:36:BD:DE:86:9F:4A:F2:73:F0:FF
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CC8DF174A880D8D960853EEB35D95DB8C
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SJrlRh8zE-FHKDa93oafSvJz8P8.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211936
IP address blocks: 185.225.170.0/23 maxlen: 23
185.199.148.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 04 Jan 2024 07:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:17:4a:88:0d:8d:96:08:53:ee:b3:5d:95:db:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=489ae5461f3313e1472836bdde869f4af273f0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b5:f3:25:5b:9a:d9:2a:d7:f3:47:ef:ec:7c:
54:86:27:18:f3:42:45:35:14:24:c7:65:52:13:e3:
88:65:f1:79:41:32:d5:76:df:55:f1:20:1e:f3:39:
ba:c8:22:51:4a:f3:bc:37:bd:f4:3b:ca:f5:8f:ec:
20:30:b4:61:23:2d:2f:bf:16:c9:dc:7a:e6:df:f8:
91:cb:78:8d:39:c0:08:94:20:31:4c:84:54:ed:aa:
cf:dd:06:4d:77:82:17:3c:09:b6:16:4e:d1:55:60:
eb:04:19:7c:de:3c:90:f7:c0:70:22:1a:9b:5c:ed:
f4:bf:09:08:e5:52:53:ff:0d:ad:4a:9a:44:19:d4:
3b:b4:89:03:e5:5c:af:6e:20:d8:79:86:fb:c8:ba:
65:4c:35:6e:1e:fc:0f:34:47:78:d0:fe:d0:61:c0:
3c:02:8f:6d:67:24:d4:76:28:27:37:59:84:d2:01:
d8:07:bc:97:df:55:66:d2:6d:a8:b0:01:55:fe:8e:
f3:c6:33:0e:fa:57:52:36:1f:40:79:8c:8d:c1:2a:
60:da:5b:1d:7e:d6:5c:b0:66:10:fa:18:33:55:c2:
02:35:75:a3:c1:ba:02:01:a6:57:a6:05:7d:ad:91:
5a:7b:cf:e8:5b:26:af:fb:eb:ad:34:f2:f4:bc:84:
31:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9A:E5:46:1F:33:13:E1:47:28:36:BD:DE:86:9F:4A:F2:73:F0:FF
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SJrlRh8zE-FHKDa93oafSvJz8P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.148.0/23
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
53:c8:7d:93:f4:1d:d4:b1:50:73:e1:00:53:38:17:03:cf:43:
34:73:e4:9d:d2:62:b5:dd:c5:62:4a:5e:2e:7a:15:ae:fb:cc:
47:4f:a1:de:bc:0e:6e:09:b4:fb:a0:9f:87:a4:d8:2e:00:dd:
11:8a:5e:35:ef:6a:da:aa:e2:4e:1a:1d:15:23:c0:ec:c5:f9:
55:37:7d:88:6f:12:a5:cb:56:f4:b1:35:4e:04:71:55:41:70:
95:ed:9d:8d:76:9b:11:43:3b:bf:9d:f8:b7:9d:a5:89:22:55:
9f:0c:f4:ad:32:fa:21:44:5d:54:cc:69:95:61:e4:11:a1:d3:
29:fb:30:f1:f2:03:f7:e7:15:63:4a:36:af:87:c1:03:87:dc:
f2:01:36:45:bf:e6:d7:08:ff:bc:27:33:1c:29:ed:aa:c9:6c:
4d:80:86:1d:f3:64:8e:08:7e:3c:f7:1c:60:ac:01:62:b8:1b:
c4:b3:fb:a7:0c:06:3f:30:d2:74:39:c9:0b:5c:3b:1a:ac:9b:
00:1f:27:fb:2b:e2:52:81:49:f0:a4:a7:89:a8:9b:fa:6d:c4:
1f:a2:00:e3:75:a1:bf:f7:f7:99:b0:cd:e4:a9:51:66:2f:f5:
ef:55:2e:04:98:fc:e1:b9:11:e7:31:ff:e4:a0:09:ae:30:fd:
f2:70:fa:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3xdKiA2NlghT7rNdlduMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODlhZTU0NjFmMzMxM2UxNDcyODM2YmRkZTg2OWY0YWYyNzNmMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LXzJVua2SrX80fv7HxUhicY80JF
NRQkx2VSE+OIZfF5QTLVdt9V8SAe8zm6yCJRSvO8N730O8r1j+wgMLRhIy0vvxbJ
3Hrm3/iRy3iNOcAIlCAxTIRU7arP3QZNd4IXPAm2Fk7RVWDrBBl83jyQ98BwIhqb
XO30vwkI5VJT/w2tSppEGdQ7tIkD5VyvbiDYeYb7yLplTDVuHvwPNEd40P7QYcA8
Ao9tZyTUdignN1mE0gHYB7yX31Vm0m2osAFV/o7zxjMO+ldSNh9AeYyNwSpg2lsd
ftZcsGYQ+hgzVcICNXWjwboCAaZXpgV9rZFae8/oWyav++utNPL0vIQxCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEia5UYfMxPhRyg2vd6Gn0ryc/D/MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvU0pybFJoOHpFLUZIS0RhOTNvYWZTdkp6OFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuceUAwQB
ueGqMA0GCSqGSIb3DQEBCwUAA4IBAQBTyH2T9B3UsVBz4QBTOBcDz0M0c+Sd0mK1
3cViSl4uehWu+8xHT6HevA5uCbT7oJ+HpNguAN0Ril4172raquJOGh0VI8DsxflV
N32IbxKly1b0sTVOBHFVQXCV7Z2NdpsRQzu/nfi3naWJIlWfDPStMvohRF1UzGmV
YeQRodMp+zDx8gP35xVjSjavh8EDh9zyATZFv+bXCP+8JzMcKe2qyWxNgIYd82SO
CH489xxgrAFiuBvEs/unDAY/MNJ0OckLXDsarJsAHyf7K+JSgUnwpKeJqJv6bcQf
ogDjdaG/9/eZsM3kqVFmL/XvVS4EmPzhuRHnMf/koAmuMP3ycPqx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org