Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/eYRToAhUoLHCVJnLnvjip8GcfiM.roa
File: eYRToAhUoLHCVJnLnvjip8GcfiM.roa (raw, json)
Hash identifier: Dzp9I2vZxIARc4p7CEVNeP1zAF7XD1ck6dpS42joJzo=
Subject key identifier: 79:84:53:A0:08:54:A0:B1:C2:54:99:CB:9E:F8:E2:A7:C1:9C:7E:23
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01877F14CBDEC1D55A49C7EF7D826D1AA0B5
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/eYRToAhUoLHCVJnLnvjip8GcfiM.roa
Signing time: Fri 14 Apr 2023 09:24:41 +0000
ROA not before: Fri 14 Apr 2023 09:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.199.148.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
185.226.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Apr 2023 08:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:14:cb:de:c1:d5:5a:49:c7:ef:7d:82:6d:1a:a0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 14 09:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=798453a00854a0b1c25499cb9ef8e2a7c19c7e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a4:5f:12:83:12:b8:0a:ab:f5:4a:9e:78:5a:
09:bf:56:5a:a1:2c:63:fb:0a:40:66:4b:18:38:7a:
ce:2d:c2:52:c6:22:08:c7:32:0b:06:27:67:a0:c5:
d9:89:11:bd:79:44:61:03:8e:1a:1b:2b:79:99:70:
b4:1d:27:2d:92:d1:0a:0e:c8:b3:4f:a5:db:27:b1:
42:09:9c:0e:ba:ac:aa:a2:4c:d2:0e:0b:e1:c1:3f:
76:7d:a9:7b:a2:99:9a:cd:8b:14:80:0c:e5:06:85:
f5:65:cc:ff:5e:a9:6d:a1:ec:e4:1f:30:13:13:f7:
bb:24:93:8b:ad:63:5c:6e:88:54:29:0a:df:2e:0d:
1d:7c:1d:44:c2:05:56:bf:b5:a6:6a:5b:c5:2a:d1:
07:d0:6e:65:7f:cc:54:4c:0f:c8:1a:80:66:dd:0a:
09:45:2a:a4:23:76:ed:e3:9d:80:e7:c1:70:fe:eb:
0f:dd:17:0b:6d:4a:b9:51:e9:a8:b7:28:22:0c:8e:
02:2b:72:cb:51:a8:f2:d1:c1:a2:5e:ec:3d:3f:37:
d2:40:c5:89:5b:9b:93:20:b8:3d:44:c7:03:df:2e:
be:b3:4a:73:e4:09:f1:ca:9e:3c:2c:7c:ce:d2:67:
c3:66:09:0a:4b:f1:07:63:f6:33:e5:10:9f:09:3a:
7f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:84:53:A0:08:54:A0:B1:C2:54:99:CB:9E:F8:E2:A7:C1:9C:7E:23
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/eYRToAhUoLHCVJnLnvjip8GcfiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.247.0/24
185.199.148.0/24
185.226.183.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:c5:04:ac:ea:92:be:1a:7b:ca:be:ce:5d:a0:bf:6c:29:19:
e0:70:96:bd:8c:60:76:8e:c7:bd:37:5d:3e:0b:dc:be:9e:a9:
a6:28:40:69:90:02:a4:58:cc:61:cb:d0:e1:d0:06:f4:e0:1c:
b0:b9:11:4c:10:66:a7:0d:f2:11:bd:62:1f:d9:18:51:bf:53:
77:ab:cc:12:9f:9e:90:75:fe:92:0b:6d:72:60:9e:98:4b:49:
20:08:72:3b:af:83:75:d6:6b:35:b8:e1:21:40:a8:db:33:b7:
a3:20:d0:bb:38:e8:ae:e5:f3:87:13:41:0b:96:49:bf:fd:d8:
4f:8b:b0:1a:41:2f:9f:af:7e:cc:6f:82:ed:ab:3d:08:6f:17:
01:1a:26:90:7a:5b:df:54:60:df:43:90:2e:a8:f9:1d:8e:42:
af:ca:f1:89:75:58:16:19:2e:4d:3a:c3:aa:79:65:c0:00:08:
78:d2:b5:c7:62:c8:21:be:da:d0:89:0d:fe:38:89:cb:23:66:
23:1b:75:30:a6:53:cc:f9:82:b9:5b:94:ac:af:e5:ee:9f:fd:
8d:00:5f:15:d1:7d:c6:28:ca:e1:13:c3:65:62:af:04:a9:c1:
5b:1c:90:08:2d:ce:35:4a:50:82:fe:c4:5a:6b:82:7f:7f:b1:
ea:c4:97:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd/FMvewdVaScfvfYJtGqC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDE0MDkyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTg0NTNhMDA4NTRhMGIxYzI1NDk5Y2I5ZWY4ZTJhN2MxOWM3ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaRfEoMSuAqr9UqeeFoJv1ZaoSxj
+wpAZksYOHrOLcJSxiIIxzILBidnoMXZiRG9eURhA44aGyt5mXC0HSctktEKDsiz
T6XbJ7FCCZwOuqyqokzSDgvhwT92fal7opmazYsUgAzlBoX1Zcz/XqltoezkHzAT
E/e7JJOLrWNcbohUKQrfLg0dfB1EwgVWv7WmalvFKtEH0G5lf8xUTA/IGoBm3QoJ
RSqkI3bt452A58Fw/usP3RcLbUq5UemotygiDI4CK3LLUajy0cGiXuw9PzfSQMWJ
W5uTILg9RMcD3y6+s0pz5Anxyp48LHzO0mfDZgkKS/EHY/Yz5RCfCTp/RwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHmEU6AIVKCxwlSZy5744qfBnH4jMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvZVlSVG9BaFVvTEhDVkpuTG52amlwOEdjZmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT2L3AwQA
uceUAwQAueK3MA0GCSqGSIb3DQEBCwUAA4IBAQDMxQSs6pK+GnvKvs5doL9sKRng
cJa9jGB2jse9N10+C9y+nqmmKEBpkAKkWMxhy9Dh0Ab04BywuRFMEGanDfIRvWIf
2RhRv1N3q8wSn56Qdf6SC21yYJ6YS0kgCHI7r4N11ms1uOEhQKjbM7ejINC7OOiu
5fOHE0ELlkm//dhPi7AaQS+fr37Mb4Ltqz0IbxcBGiaQelvfVGDfQ5AuqPkdjkKv
yvGJdVgWGS5NOsOqeWXAAAh40rXHYsghvtrQiQ3+OInLI2YjG3UwplPM+YK5W5Ss
r+Xun/2NAF8V0X3GKMrhE8NlYq8EqcFbHJAILc41SlCC/sRaa4J/f7HqxJcA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org