Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_f2lhvN5s26Ge5TgDESKTta_Ay8.roa
File: _f2lhvN5s26Ge5TgDESKTta_Ay8.roa (raw, json)
Hash identifier: /jF8MUEHUgd9P3wYViNMEYQwXu2eNj9c5wiubveDmgc=
Subject key identifier: FD:FD:A5:86:F3:79:B3:6E:86:7B:94:E0:0C:44:8A:4E:D6:BF:03:2F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01916B59A5664CCA5281A9F44A2B8367A4B9
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_f2lhvN5s26Ge5TgDESKTta_Ay8.roa
Signing time: Mon 19 Aug 2024 15:55:22 +0000
ROA not before: Mon 19 Aug 2024 15:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 06:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:59:a5:66:4c:ca:52:81:a9:f4:4a:2b:83:67:a4:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 19 15:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdfda586f379b36e867b94e00c448a4ed6bf032f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ab:fd:12:d6:7c:70:57:b8:e7:72:c8:4d:a2:
86:a4:4b:46:e3:7b:ad:49:62:1f:2f:9e:2a:47:44:
f1:15:c2:b3:14:9a:95:af:e7:18:87:c4:4e:51:9b:
24:7e:2a:e7:20:c1:25:11:4f:2b:de:ff:c2:03:1f:
16:e6:e6:e7:74:34:b3:83:7b:ce:d8:9d:59:7b:bd:
53:2b:44:d8:bb:94:66:2a:2e:e7:fe:d2:d5:ff:dc:
4a:62:06:bc:55:d1:17:68:1d:8c:cb:a1:67:f0:0e:
16:34:f0:32:a0:7d:72:b8:bd:9b:76:8d:1d:ac:a4:
07:2a:6a:23:2e:dc:6a:bf:cb:52:dd:c2:b2:de:47:
56:f1:e1:a6:03:4b:35:b0:9a:33:cd:4d:16:c3:72:
08:ef:03:fe:80:b7:f1:05:f7:b4:d8:fd:e5:13:74:
35:54:05:27:8a:4b:a9:fd:93:e2:5e:da:e2:e8:c7:
a8:56:69:a4:d0:e4:8d:f1:2d:4a:8e:d2:ba:fc:47:
59:fa:25:7b:02:e7:f4:ec:33:30:af:bd:21:02:3b:
b5:44:d8:42:20:dd:24:9a:86:12:1b:c1:97:f8:73:
d5:bc:b7:81:76:e4:0b:b3:1f:11:c9:ea:40:0d:19:
51:51:39:0d:b3:b2:f5:41:06:a7:c9:80:7e:fa:34:
a0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FD:A5:86:F3:79:B3:6E:86:7B:94:E0:0C:44:8A:4E:D6:BF:03:2F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_f2lhvN5s26Ge5TgDESKTta_Ay8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
185.221.26.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c5:f7:63:53:5e:90:b4:9d:0b:42:23:85:95:98:41:8a:bf:
f1:f4:9c:b5:db:cf:b4:4b:90:7d:e8:e6:7c:70:9b:1b:76:85:
d4:26:16:7e:62:85:54:00:bf:ba:a9:c6:ea:90:03:9f:da:a6:
cc:50:5f:d1:9c:34:d6:1a:2e:99:4f:c4:d1:ef:4e:ae:7f:63:
b9:13:26:37:63:7f:c6:9f:40:cf:51:c4:c0:bc:16:4e:73:6a:
45:8b:f7:40:c8:0d:89:a3:c5:df:74:4d:b8:c2:89:02:3a:1b:
c4:22:92:4e:7b:16:1e:f5:ac:9b:18:16:ab:3c:c9:5e:d1:ec:
fb:21:a3:48:3d:81:31:7e:9e:70:fe:88:b5:96:3f:61:ca:08:
b1:2b:4f:a2:54:ae:65:48:c0:45:cc:a4:28:00:18:8d:8d:41:
c0:da:96:d5:aa:0c:1a:8e:a9:cb:47:c3:8f:ee:80:a4:e1:08:
82:38:37:54:86:2c:66:a5:18:ac:36:d1:f1:e8:40:eb:e3:22:
b9:ce:a8:54:90:90:33:ed:c7:d7:21:e5:b4:bd:29:a1:66:60:
f9:5b:9a:65:31:a6:fd:6e:b6:6e:51:eb:92:e4:aa:de:11:78:
2b:6f:77:f1:8f:b1:7f:74:2b:a1:89:de:41:97:a0:cd:09:07:
70:81:f5:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFrWaVmTMpSgan0SiuDZ6S5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwODE5MTU1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZkYTU4NmYzNzliMzZlODY3Yjk0ZTAwYzQ0OGE0ZWQ2YmYwMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqv9EtZ8cFe453LITaKGpEtG43ut
SWIfL54qR0TxFcKzFJqVr+cYh8ROUZskfirnIMElEU8r3v/CAx8W5ubndDSzg3vO
2J1Ze71TK0TYu5RmKi7n/tLV/9xKYga8VdEXaB2My6Fn8A4WNPAyoH1yuL2bdo0d
rKQHKmojLtxqv8tS3cKy3kdW8eGmA0s1sJozzU0Ww3II7wP+gLfxBfe02P3lE3Q1
VAUnikup/ZPiXtri6MeoVmmk0OSN8S1KjtK6/EdZ+iV7Auf07DMwr70hAju1RNhC
IN0kmoYSG8GX+HPVvLeBduQLsx8RyepADRlRUTkNs7L1QQanyYB++jSg+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP39pYbzebNuhnuU4AxEik7WvwMvMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvX2YybGh2TjVzMjZHZTVUZ0RFU0tUdGFfQXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucfVAwQA
ud0aAwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQCBxfdjU16QtJ0LQiOFlZhBir/x
9Jy128+0S5B96OZ8cJsbdoXUJhZ+YoVUAL+6qcbqkAOf2qbMUF/RnDTWGi6ZT8TR
706uf2O5EyY3Y3/Gn0DPUcTAvBZOc2pFi/dAyA2Jo8XfdE24wokCOhvEIpJOexYe
9aybGBarPMle0ez7IaNIPYExfp5w/oi1lj9hygixK0+iVK5lSMBFzKQoABiNjUHA
2pbVqgwajqnLR8OP7oCk4QiCODdUhixmpRisNtHx6EDr4yK5zqhUkJAz7cfXIeW0
vSmhZmD5W5plMab9brZuUeuS5KreEXgrb3fxj7F/dCuhid5Bl6DNCQdwgfUo
-----END CERTIFICATE-----
Generated at Fri Sep 20 08:12:27 2024 by rpki-client on console-fra.rpki-client.org