Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/f0dn0RVEBmooj3qjyetAUN-4et0.roa
File: f0dn0RVEBmooj3qjyetAUN-4et0.roa (raw, json)
Hash identifier: ivViU5Au/Zo55V4l5EZHjgHBjAEvlEDZRy0296aiSnE=
Subject key identifier: 7F:47:67:D1:15:44:06:6A:28:8F:7A:A3:C9:EB:40:50:DF:B8:7A:DD
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 019117EDC7102EDDD1EEAB7083E217FE7C02
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/f0dn0RVEBmooj3qjyetAUN-4et0.roa
Signing time: Sat 03 Aug 2024 11:09:04 +0000
ROA not before: Sat 03 Aug 2024 11:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 05:41:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:ed:c7:10:2e:dd:d1:ee:ab:70:83:e2:17:fe:7c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 3 11:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f4767d11544066a288f7aa3c9eb4050dfb87add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4e:52:3c:64:1d:96:a8:32:2e:1d:a9:12:ee:
23:67:61:0e:f9:3b:28:7e:59:c8:11:db:12:4e:a6:
2f:18:25:17:e6:c1:74:69:9a:12:d5:ae:45:67:3f:
3b:a4:8c:d0:48:0f:e4:55:8c:92:f1:90:6a:35:f5:
93:20:f6:31:a5:24:57:18:8d:81:4b:f7:97:22:99:
5c:89:b9:1a:c9:38:01:3f:5c:61:12:9c:fe:8e:e5:
f3:d3:0e:9a:b8:71:50:a3:44:21:fc:db:30:2a:26:
d6:d9:cf:bb:cd:58:dc:86:89:10:9d:97:ac:10:4b:
9e:b6:9b:e7:db:d1:01:70:26:f8:ec:3a:f0:7f:fe:
47:24:e1:7f:2c:80:3f:b8:69:fb:31:41:7c:2e:1a:
50:ce:63:85:06:be:49:40:39:6b:53:44:bf:36:bd:
f8:a4:af:ba:7f:20:50:cd:8b:7c:83:45:8d:f5:27:
be:1b:67:62:fa:49:87:4e:08:ae:1e:17:e0:61:64:
9d:75:f9:6a:d6:c0:24:16:d8:46:52:c7:d7:e9:21:
0c:ce:7d:b3:57:31:ac:df:56:82:2a:7e:f5:6f:64:
4c:28:a4:41:7d:d3:73:fe:84:5b:26:eb:48:39:08:
ff:3d:4c:d8:c7:66:a0:61:e9:1e:e3:21:33:c3:16:
34:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:47:67:D1:15:44:06:6A:28:8F:7A:A3:C9:EB:40:50:DF:B8:7A:DD
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/f0dn0RVEBmooj3qjyetAUN-4et0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
185.226.181.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:fb:29:5a:4e:88:53:a9:01:97:58:15:47:4b:81:e5:02:2a:
b0:71:fb:b5:98:f7:00:a0:d7:d1:1c:08:4a:2e:71:0a:f7:36:
5c:73:50:74:19:e1:05:e7:06:a2:8c:7c:00:02:22:72:1d:2f:
27:19:52:50:fe:f9:7a:7e:0e:a1:6b:cc:9e:0c:c1:b3:e3:f5:
50:77:78:f7:31:28:53:8b:b7:b2:40:ad:73:69:3b:48:d7:a9:
78:67:7b:bb:c5:08:5f:6e:53:3f:56:18:2e:a1:a9:33:8f:ee:
e1:51:b2:29:4b:5c:e9:af:11:68:e1:eb:11:e3:c3:1b:ca:b1:
44:18:db:1a:6f:8f:f6:ad:a2:35:6e:59:cf:69:9c:63:e7:9b:
ad:91:88:09:a2:d9:90:cb:2d:94:6d:30:01:87:11:de:d7:cf:
dc:b6:f9:21:20:26:f5:88:70:c8:20:a8:d8:4b:e7:aa:18:af:
6b:1a:9d:27:d9:cc:21:6a:42:49:2e:ff:83:16:c1:ef:86:bb:
bb:43:bb:61:eb:79:f6:62:18:28:fc:24:a3:2d:ea:69:80:20:
7b:81:c0:86:3f:95:e4:53:be:49:fc:00:7a:b5:99:4e:b7:ae:
e0:da:fd:b1:20:ff:56:a0:76:00:e2:fe:e8:0d:46:e5:9f:46:
a2:64:45:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEX7ccQLt3R7qtwg+IX/nwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwODAzMTEwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ3NjdkMTE1NDQwNjZhMjg4ZjdhYTNjOWViNDA1MGRmYjg3YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU5SPGQdlqgyLh2pEu4jZ2EO+Tso
flnIEdsSTqYvGCUX5sF0aZoS1a5FZz87pIzQSA/kVYyS8ZBqNfWTIPYxpSRXGI2B
S/eXIplcibkayTgBP1xhEpz+juXz0w6auHFQo0Qh/NswKibW2c+7zVjchokQnZes
EEuetpvn29EBcCb47Drwf/5HJOF/LIA/uGn7MUF8LhpQzmOFBr5JQDlrU0S/Nr34
pK+6fyBQzYt8g0WN9Se+G2di+kmHTgiuHhfgYWSddflq1sAkFthGUsfX6SEMzn2z
VzGs31aCKn71b2RMKKRBfdNz/oRbJutIOQj/PUzYx2agYeke4yEzwxY0ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH9HZ9EVRAZqKI96o8nrQFDfuHrdMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvZjBkbjBSVkVCbW9vajNxanlldEFVTi00ZXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucfVAwQA
ueK1AwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQCy+ylaTohTqQGXWBVHS4HlAiqw
cfu1mPcAoNfRHAhKLnEK9zZcc1B0GeEF5waijHwAAiJyHS8nGVJQ/vl6fg6ha8ye
DMGz4/VQd3j3MShTi7eyQK1zaTtI16l4Z3u7xQhfblM/Vhguoakzj+7hUbIpS1zp
rxFo4esR48MbyrFEGNsab4/2raI1blnPaZxj55utkYgJotmQyy2UbTABhxHe18/c
tvkhICb1iHDIIKjYS+eqGK9rGp0n2cwhakJJLv+DFsHvhru7Q7th63n2Yhgo/CSj
LeppgCB7gcCGP5XkU75J/AB6tZlOt67g2v2xIP9WoHYA4v7oDUbln0aiZEXA
-----END CERTIFICATE-----
Generated at Tue Aug 13 09:17:57 2024 by rpki-client on console-ams.rpki-client.org