Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bUNNHIOSbUwl5lDC2DnX5MCGVUM.roa
File: bUNNHIOSbUwl5lDC2DnX5MCGVUM.roa (raw, json)
Hash identifier: w9UV3In50j2iYrYhcAUDwKC1Zyq+U3IVmbFxsxL2iKA=
Subject key identifier: 6D:43:4D:1C:83:92:6D:4C:25:E6:50:C2:D8:39:D7:E4:C0:86:55:43
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01901E722119D50BB478D2D5088A653ACFCF
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bUNNHIOSbUwl5lDC2DnX5MCGVUM.roa
Signing time: Sun 16 Jun 2024 00:28:34 +0000
ROA not before: Sun 16 Jun 2024 00:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 176.125.251.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 09:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1e:72:21:19:d5:0b:b4:78:d2:d5:08:8a:65:3a:cf:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 16 00:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d434d1c83926d4c25e650c2d839d7e4c0865543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:04:c1:0f:4c:1d:3f:17:66:ec:d3:28:bf:23:
3a:ce:64:04:f7:c3:9d:c3:6e:de:ef:5d:6e:6b:96:
ae:0b:b8:99:af:51:0b:ab:9c:30:45:51:37:db:6d:
52:fa:38:dd:dc:95:21:15:c4:85:9d:df:0b:96:70:
01:2e:f9:99:22:ac:88:2c:1f:62:4e:96:23:33:13:
bc:62:51:b2:0d:00:c4:7c:fc:25:13:93:06:8c:88:
6b:95:b5:22:81:30:8a:12:d8:f5:8a:8f:fb:6d:65:
c0:bb:d2:1e:52:f2:6d:47:56:13:a1:a2:18:5d:ca:
50:a2:14:a3:60:98:0b:bb:bf:63:84:10:bb:64:31:
e2:69:68:26:1b:01:07:a3:da:71:c7:ee:7e:31:d6:
8b:03:e4:74:25:22:98:c8:04:b6:b4:9e:96:05:ee:
c9:dd:bd:24:3e:00:8c:c5:1a:d5:6b:10:0a:1c:3d:
f1:41:cb:c2:6b:43:55:67:38:0b:86:15:38:80:0d:
38:53:90:ea:14:75:ca:92:7b:cc:9f:3f:77:b6:41:
07:f5:1d:28:09:1a:a8:fd:c7:2f:32:a6:d1:c9:34:
a4:f1:d6:57:a4:3f:0c:e6:14:d6:24:e6:49:ed:fb:
fa:3b:5a:55:75:91:86:62:53:5c:45:09:0d:5c:87:
aa:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:43:4D:1C:83:92:6D:4C:25:E6:50:C2:D8:39:D7:E4:C0:86:55:43
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bUNNHIOSbUwl5lDC2DnX5MCGVUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.251.0/24
185.199.213.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
32:04:ba:74:36:c8:b1:29:76:0d:a5:b5:d9:ff:74:a7:be:15:
c7:5d:f0:ee:89:5a:ea:4d:bd:1f:9c:b4:fb:63:1c:4b:28:80:
8e:39:fc:4f:2f:39:a7:8f:02:f6:d1:b3:37:9f:c2:a9:0b:19:
bb:ac:db:1b:8e:87:c9:9c:42:2f:68:c3:b3:c2:99:76:39:bd:
30:22:45:e9:df:2d:c4:61:0a:76:7b:01:fb:b1:5a:01:72:63:
a0:23:d0:ab:7f:2d:20:1f:75:82:1a:16:67:52:d6:ff:52:ab:
f4:26:1b:a4:15:f6:ed:d7:cf:9b:f3:28:c6:88:9b:07:5b:4b:
e7:e8:4f:61:d0:e8:73:9e:68:b9:ad:b2:bb:e4:8e:a6:cb:08:
11:27:b6:13:e5:86:25:f3:e8:76:ad:1a:f6:1f:66:58:6d:60:
cd:ea:e9:ae:65:de:d0:bd:7a:ad:1d:33:48:31:26:33:d0:2a:
b1:ce:32:3a:11:32:24:fd:9e:5c:fe:64:26:3c:9e:32:c7:d2:
c7:f3:c1:4a:09:7d:73:36:08:d7:ee:2c:12:05:b3:3f:89:c9:
2a:3d:51:19:06:e8:30:9e:38:b1:f3:1e:69:2c:30:17:ec:8e:
d0:e1:4d:75:2e:1c:b2:7a:d5:e3:1e:ee:98:30:9e:56:84:5c:
5d:16:c9:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAeciEZ1Qu0eNLVCIplOs/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNjE2MDAyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQzNGQxYzgzOTI2ZDRjMjVlNjUwYzJkODM5ZDdlNGMwODY1NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gTBD0wdPxdm7NMovyM6zmQE98Od
w27e711ua5auC7iZr1ELq5wwRVE3221S+jjd3JUhFcSFnd8LlnABLvmZIqyILB9i
TpYjMxO8YlGyDQDEfPwlE5MGjIhrlbUigTCKEtj1io/7bWXAu9IeUvJtR1YToaIY
XcpQohSjYJgLu79jhBC7ZDHiaWgmGwEHo9pxx+5+MdaLA+R0JSKYyAS2tJ6WBe7J
3b0kPgCMxRrVaxAKHD3xQcvCa0NVZzgLhhU4gA04U5DqFHXKknvMnz93tkEH9R0o
CRqo/ccvMqbRyTSk8dZXpD8M5hTWJOZJ7fv6O1pVdZGGYlNcRQkNXIeqLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG1DTRyDkm1MJeZQwtg51+TAhlVDMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvYlVOTkhJT1NiVXdsNWxEQzJEblg1TUNHVlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH37AwQA
ucfVAwQAwpJcMA0GCSqGSIb3DQEBCwUAA4IBAQAyBLp0NsixKXYNpbXZ/3SnvhXH
XfDuiVrqTb0fnLT7YxxLKICOOfxPLzmnjwL20bM3n8KpCxm7rNsbjofJnEIvaMOz
wpl2Ob0wIkXp3y3EYQp2ewH7sVoBcmOgI9Crfy0gH3WCGhZnUtb/Uqv0JhukFfbt
18+b8yjGiJsHW0vn6E9h0Ohznmi5rbK75I6mywgRJ7YT5YYl8+h2rRr2H2ZYbWDN
6umuZd7QvXqtHTNIMSYz0CqxzjI6ETIk/Z5c/mQmPJ4yx9LH88FKCX1zNgjX7iwS
BbM/ickqPVEZBugwnjix8x5pLDAX7I7Q4U11LhyyetXjHu6YMJ5WhFxdFslZ
-----END CERTIFICATE-----
Generated at Fri Jun 21 13:17:25 2024 by rpki-client on console-fra.rpki-client.org