Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V_TF8_NGVjr_nkIHcFLPhXCviZM.roa
File: V_TF8_NGVjr_nkIHcFLPhXCviZM.roa (raw, json)
Hash identifier: /ZIsLEW7VPIEjx5VR+MsMAVO+5NFQsORl+cIpIx0xH4=
Subject key identifier: 57:F4:C5:F3:F3:46:56:3A:FF:9E:42:07:70:52:CF:85:70:AF:89:93
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0188B5A2C4FF84EDDCA73BC150CB07F95C25
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V_TF8_NGVjr_nkIHcFLPhXCviZM.roa
Signing time: Tue 13 Jun 2023 16:42:03 +0000
ROA not before: Tue 13 Jun 2023 16:42:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.199.212.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.208.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.244.0/23 maxlen: 24
79.98.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:a2:c4:ff:84:ed:dc:a7:3b:c1:50:cb:07:f9:5c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 13 16:42:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57f4c5f3f346563aff9e42077052cf8570af8993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bd:7b:32:85:73:5a:89:41:5f:58:38:5e:da:
a5:c8:01:44:04:e2:30:c0:e2:b8:8b:61:7a:e8:d2:
f5:13:15:c7:36:98:1b:c5:7d:f5:50:56:75:57:f1:
6b:2b:39:5e:25:cf:b8:c5:db:fa:0e:13:61:3f:e3:
8b:3b:12:e0:fa:17:26:91:8e:af:48:16:0d:28:ae:
74:03:ec:67:67:22:9d:01:8f:25:c6:79:e4:73:8d:
51:fa:12:8f:49:c2:da:bb:55:5a:4e:44:a7:8b:13:
95:5b:15:c5:cd:91:5e:f9:e6:46:dc:eb:99:1d:45:
39:20:ea:3d:48:06:4a:74:a8:83:bc:f1:f4:63:db:
84:d4:26:14:74:2d:9a:6f:75:b0:b3:cd:aa:73:3d:
65:da:03:41:b3:3d:83:3d:bb:aa:90:66:49:d1:c5:
51:ad:58:9b:0d:b1:12:5d:d8:9f:fa:f7:ef:83:eb:
2f:a2:1d:87:6d:a2:44:4e:4f:6d:6d:52:de:f2:91:
d6:98:6b:1e:b3:34:ab:27:09:c3:89:97:99:15:2b:
f0:78:82:cd:cf:74:f5:cd:80:4b:15:b6:16:8d:50:
95:a1:9c:a9:8b:ea:fe:03:fd:d9:6a:00:78:57:ef:
07:32:5e:c1:c9:88:05:7e:89:ae:26:74:19:51:52:
28:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F4:C5:F3:F3:46:56:3A:FF:9E:42:07:70:52:CF:85:70:AF:89:93
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V_TF8_NGVjr_nkIHcFLPhXCviZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.208.0/24
79.98.244.0/23
79.98.247.0/24
185.199.212.0/24
185.225.168.0/23
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
41:75:90:1b:36:3f:82:04:94:61:6c:17:42:8f:77:40:03:8d:
3a:52:5e:71:af:1a:de:af:9e:7e:40:7c:88:d5:f9:94:3a:0f:
6b:21:9b:04:92:be:ba:c6:ab:6d:fe:ba:52:69:66:80:e6:8d:
6b:05:14:72:31:6c:b1:d0:f5:91:d7:fe:4b:7a:6b:65:7c:42:
15:6e:63:79:10:51:2f:e6:33:5f:e5:ca:e2:4b:42:ed:6d:a9:
c8:09:1c:a4:6f:2e:de:92:8a:f2:a4:14:b6:fb:4a:25:6b:95:
b9:53:12:60:9c:68:8b:dd:1c:30:65:fc:2f:ee:fd:c8:57:30:
94:61:55:f2:ee:45:e7:35:e7:f2:87:20:84:f8:c4:f8:22:42:
a7:02:25:75:de:5b:b3:c9:13:9d:8e:4d:c7:68:0a:5b:95:60:
9b:4a:1a:84:ae:ee:c9:1e:de:f2:85:c5:b0:e7:b9:4a:c1:8a:
df:c8:e5:65:ad:a9:27:53:e3:59:a0:ff:c2:cc:7f:a8:68:f2:
d3:9e:6b:b4:1b:41:e3:35:52:d6:73:e7:7e:27:bf:74:97:f4:
43:50:d6:cc:ef:05:b8:7c:02:c7:e8:44:b2:c8:14:da:68:7d:
df:b6:5d:dd:e1:80:1a:d5:fa:9e:43:38:b1:54:e5:fd:80:92:
f7:a9:c7:5b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYi1osT/hO3cpzvBUMsH+VwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjEzMTY0MjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2Y0YzVmM2YzNDY1NjNhZmY5ZTQyMDc3MDUyY2Y4NTcwYWY4OTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi717MoVzWolBX1g4XtqlyAFEBOIw
wOK4i2F66NL1ExXHNpgbxX31UFZ1V/FrKzleJc+4xdv6DhNhP+OLOxLg+hcmkY6v
SBYNKK50A+xnZyKdAY8lxnnkc41R+hKPScLau1VaTkSnixOVWxXFzZFe+eZG3OuZ
HUU5IOo9SAZKdKiDvPH0Y9uE1CYUdC2ab3Wws82qcz1l2gNBsz2DPbuqkGZJ0cVR
rVibDbESXdif+vfvg+svoh2HbaJETk9tbVLe8pHWmGseszSrJwnDiZeZFSvweILN
z3T1zYBLFbYWjVCVoZypi+r+A/3ZagB4V+8HMl7ByYgFfomuJnQZUVIoBwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFf0xfPzRlY6/55CB3BSz4Vwr4mTMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvVl9URjhfTkdWanJfbmtJSGNGTFBoWEN2aVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZ3QAwQB
T2L0AwQAT2L3AwQAucfUAwQBueGoAwQAwpJdMA0GCSqGSIb3DQEBCwUAA4IBAQBB
dZAbNj+CBJRhbBdCj3dAA406Ul5xrxrer55+QHyI1fmUOg9rIZsEkr66xqtt/rpS
aWaA5o1rBRRyMWyx0PWR1/5LemtlfEIVbmN5EFEv5jNf5criS0LtbanICRykby7e
korypBS2+0ola5W5UxJgnGiL3RwwZfwv7v3IVzCUYVXy7kXnNefyhyCE+MT4IkKn
AiV13luzyROdjk3HaApblWCbShqEru7JHt7yhcWw57lKwYrfyOVlraknU+NZoP/C
zH+oaPLTnmu0G0HjNVLWc+d+J790l/RDUNbM7wW4fALH6ESyyBTaaH3ftl3d4YAa
1fqeQzixVOX9gJL3qcdb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:27 2023 by rpki-client on console-fra.rpki-client.org