Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hlgYbvw_owr1R5Lc2S2t4FOaCHY.roa
File: hlgYbvw_owr1R5Lc2S2t4FOaCHY.roa (raw, json)
Hash identifier: WfSNRZ66R1tBu10Wh4qd/JCS6ldsJoKCozWTro7Uihc=
Subject key identifier: 86:58:18:6E:FC:3F:A3:0A:F5:47:92:DC:D9:2D:AD:E0:53:9A:08:76
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0188B93AE039A2358CD45D82CD0217A1EE84
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hlgYbvw_owr1R5Lc2S2t4FOaCHY.roa
Signing time: Wed 14 Jun 2023 09:27:03 +0000
ROA not before: Wed 14 Jun 2023 09:27:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35409
IP address blocks: 185.225.168.0/24 maxlen: 24
79.98.244.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jul 2023 11:51:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:3a:e0:39:a2:35:8c:d4:5d:82:cd:02:17:a1:ee:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 14 09:27:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8658186efc3fa30af54792dcd92dade0539a0876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1f:28:ed:f7:c8:ed:58:79:d3:7c:58:6f:41:
81:fe:7c:f1:a1:ef:b7:f1:8a:c0:82:3d:1b:e9:52:
9f:8e:9f:32:81:a3:ac:11:f0:92:a2:dd:39:25:b1:
0e:83:ed:72:3f:bc:dc:c9:cc:3c:ca:33:43:90:05:
21:ae:82:15:cb:8c:06:55:ba:c9:c5:d2:3b:84:15:
50:1e:5d:8e:1a:78:8a:12:98:9f:0c:b5:04:24:16:
4d:ee:c3:9b:03:b0:08:55:a1:f8:b3:4b:5b:82:bb:
0a:33:b4:97:58:0b:f4:fa:79:00:81:7f:6f:fe:e8:
5b:77:cc:54:f5:ce:70:86:00:ac:19:65:f5:17:2b:
99:77:81:1e:4a:67:d4:2f:ae:18:78:8c:e3:cd:d8:
94:91:7b:50:8c:d4:3f:82:ed:d3:bb:a6:92:c1:25:
51:2c:52:74:0d:45:b9:ae:7a:03:e1:2d:13:98:3d:
8c:eb:04:af:f1:c9:b2:b7:6e:b6:ca:40:c4:32:5a:
c5:43:d7:65:f7:c2:0b:8d:2b:8c:97:b6:c6:b3:f0:
a7:06:ab:40:a8:b3:a8:b6:5c:46:a2:5f:1a:16:95:
ea:0a:3c:b4:81:85:7e:34:4d:0d:d0:37:0e:a2:68:
96:b2:51:47:77:75:63:45:8d:78:38:9d:69:bf:b7:
b8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:58:18:6E:FC:3F:A3:0A:F5:47:92:DC:D9:2D:AD:E0:53:9A:08:76
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hlgYbvw_owr1R5Lc2S2t4FOaCHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/23
185.225.168.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:b6:7e:9e:02:80:b5:dd:58:1e:8d:1e:41:79:d9:37:c5:d4:
12:ce:fe:fb:6a:7a:05:dc:e4:da:6a:43:ec:69:9b:cf:e8:56:
c9:72:0f:c2:6d:3f:17:8d:4a:e7:cb:32:d4:a0:89:41:5c:b1:
fe:33:67:f7:d3:8e:84:0c:5c:1d:3c:c5:e5:4e:b1:df:66:6a:
cb:c8:9f:ce:cb:16:ce:3f:23:80:c7:2d:7b:27:95:87:6b:35:
95:c9:ef:62:b4:28:5d:e1:48:e2:dc:bf:db:fe:dc:34:d2:31:
97:3f:e4:86:c3:fb:12:ef:12:f2:92:f5:a0:38:9f:af:be:ab:
0c:0a:54:39:12:b7:9b:e9:06:a7:97:1c:19:df:0e:25:fe:f2:
a2:20:26:65:1e:f4:d4:28:21:7d:3d:92:f4:30:be:af:47:6d:
a0:1c:65:ab:73:d0:09:d7:99:f5:20:fd:73:c5:1d:92:fa:d6:
aa:94:1d:45:f0:8f:ad:08:bd:2d:01:5e:e5:81:4d:55:e9:0b:
43:5f:45:13:2d:96:af:e7:ad:b1:35:2c:68:b6:06:6d:fe:a3:
93:e2:9b:46:15:6a:73:e8:22:21:06:54:d6:57:00:60:94:87:
82:5f:12:55:40:e8:f5:80:7e:69:16:21:ae:c0:8c:a2:87:bf:
42:0c:ca:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi5OuA5ojWM1F2CzQIXoe6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjE0MDkyNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU4MTg2ZWZjM2ZhMzBhZjU0NzkyZGNkOTJkYWRlMDUzOWEwODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx8o7ffI7Vh503xYb0GB/nzxoe+3
8YrAgj0b6VKfjp8ygaOsEfCSot05JbEOg+1yP7zcycw8yjNDkAUhroIVy4wGVbrJ
xdI7hBVQHl2OGniKEpifDLUEJBZN7sObA7AIVaH4s0tbgrsKM7SXWAv0+nkAgX9v
/uhbd8xU9c5whgCsGWX1FyuZd4EeSmfUL64YeIzjzdiUkXtQjNQ/gu3Tu6aSwSVR
LFJ0DUW5rnoD4S0TmD2M6wSv8cmyt262ykDEMlrFQ9dl98ILjSuMl7bGs/CnBqtA
qLOotlxGol8aFpXqCjy0gYV+NE0N0DcOomiWslFHd3VjRY14OJ1pv7e4mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZYGG78P6MK9UeS3NktreBTmgh2MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaGxnWWJ2d19vd3IxUjVMYzJTMnQ0Rk9hQ0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBT2L0AwQA
ueGoMA0GCSqGSIb3DQEBCwUAA4IBAQCbtn6eAoC13VgejR5Bedk3xdQSzv77anoF
3OTaakPsaZvP6FbJcg/CbT8XjUrnyzLUoIlBXLH+M2f3046EDFwdPMXlTrHfZmrL
yJ/OyxbOPyOAxy17J5WHazWVye9itChd4Uji3L/b/tw00jGXP+SGw/sS7xLykvWg
OJ+vvqsMClQ5Ereb6QanlxwZ3w4l/vKiICZlHvTUKCF9PZL0ML6vR22gHGWrc9AJ
15n1IP1zxR2S+taqlB1F8I+tCL0tAV7lgU1V6QtDX0UTLZav562xNSxotgZt/qOT
4ptGFWpz6CIhBlTWVwBglIeCXxJVQOj1gH5pFiGuwIyih79CDMrI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org