Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/mKSkNfnEOQUouZehFIoosVieBQ4.roa
File: mKSkNfnEOQUouZehFIoosVieBQ4.roa (raw, json)
Hash identifier: Jor2mG3eQoiGjw2BLVhbB6RC4XwuUwJFubsbliLFyvg=
Subject key identifier: 98:A4:A4:35:F9:C4:39:05:28:B9:97:A1:14:8A:28:B1:58:9E:05:0E
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01876A7D31E928520C717495D6805FA9D864
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/mKSkNfnEOQUouZehFIoosVieBQ4.roa
Signing time: Mon 10 Apr 2023 09:26:42 +0000
ROA not before: Mon 10 Apr 2023 09:26:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.250.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 17:59:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:7d:31:e9:28:52:0c:71:74:95:d6:80:5f:a9:d8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 10 09:26:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98a4a435f9c4390528b997a1148a28b1589e050e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:97:9d:a1:55:56:06:fa:12:0d:05:6f:1b:ad:
d0:b5:b6:84:50:3a:a4:d3:4d:86:87:a5:c9:09:58:
d0:0b:41:7c:51:7d:aa:fa:42:9b:3a:33:0f:4c:07:
84:a4:ad:a9:03:39:70:ce:7d:ce:0d:ce:eb:2a:de:
66:4f:3d:99:a9:9a:ff:ba:26:61:95:22:74:cb:a8:
f0:d0:71:db:db:20:8d:8a:4a:9b:73:05:c7:9b:55:
b2:24:3e:fc:e2:c6:20:36:57:1c:9a:48:0b:6e:94:
a5:52:14:ff:d6:1b:e4:4e:16:54:1b:50:d1:81:30:
fc:ca:0e:5d:73:f7:4c:7b:db:9e:75:1c:56:51:b6:
07:a2:70:d4:e9:04:d0:d6:53:31:14:42:ae:94:89:
20:86:70:01:f2:5f:2d:98:4a:49:1c:5b:1d:9c:81:
1b:f1:b4:dc:c4:1a:5c:73:57:22:76:61:fe:13:30:
43:98:8c:d1:c0:78:b5:d1:ee:5e:1e:b4:95:38:78:
35:d9:9b:20:15:61:ee:af:b3:25:93:29:4f:5a:9f:
f1:48:87:ea:31:83:b4:5c:42:03:1f:e3:49:a1:30:
39:ce:c2:fd:25:30:b3:ff:26:56:a7:e3:63:11:39:
bb:b8:ab:8f:61:66:79:79:8a:83:31:15:0b:90:2c:
f7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A4:A4:35:F9:C4:39:05:28:B9:97:A1:14:8A:28:B1:58:9E:05:0E
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/mKSkNfnEOQUouZehFIoosVieBQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.250.0/24
185.250.25.0/24
Signature Algorithm: sha256WithRSAEncryption
45:7a:d4:0c:2e:1e:dc:88:89:24:08:3e:40:a7:25:5c:a6:82:
d4:7d:c7:1a:cf:80:1c:b2:20:9c:9f:8e:02:fb:9e:e9:02:c1:
21:b9:36:26:14:a3:33:71:f3:93:cf:8e:fc:95:40:92:be:d7:
8e:5d:18:9a:fa:17:9f:25:d7:58:b3:e9:c7:32:1c:98:a0:41:
02:af:f8:0b:14:db:9b:7b:b1:11:dc:87:d9:3e:3e:73:86:37:
82:ca:d8:2f:e0:1d:a8:6e:b6:0d:63:1a:5d:37:e7:18:95:91:
8d:eb:90:1b:51:c1:64:5b:ec:65:7f:af:d9:fc:64:e0:ae:0d:
77:61:2f:6c:18:10:b6:ae:de:85:77:fc:7c:a8:b1:17:5b:4d:
bf:4f:c3:ab:d4:c1:50:41:0d:67:03:2a:ca:ea:c0:aa:ad:24:
fb:8d:1a:90:2b:81:2c:5f:e5:da:28:de:16:a0:51:ec:1f:af:
f1:51:7e:1d:77:29:9a:86:ec:eb:5e:a2:ca:62:84:21:47:94:
39:26:7b:54:f4:3e:c5:26:6a:1a:cf:59:5b:01:10:7f:0b:40:
47:e3:79:80:ec:f7:ed:0a:69:4f:50:11:02:2f:b3:7c:42:9a:
f4:4b:60:24:00:fd:5e:cf:86:44:dd:1f:4c:97:cc:4d:af:de:
eb:8f:df:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdqfTHpKFIMcXSV1oBfqdhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDEwMDkyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE0YTQzNWY5YzQzOTA1MjhiOTk3YTExNDhhMjhiMTU4OWUwNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpedoVVWBvoSDQVvG63QtbaEUDqk
002Gh6XJCVjQC0F8UX2q+kKbOjMPTAeEpK2pAzlwzn3ODc7rKt5mTz2ZqZr/uiZh
lSJ0y6jw0HHb2yCNikqbcwXHm1WyJD784sYgNlccmkgLbpSlUhT/1hvkThZUG1DR
gTD8yg5dc/dMe9uedRxWUbYHonDU6QTQ1lMxFEKulIkghnAB8l8tmEpJHFsdnIEb
8bTcxBpcc1cidmH+EzBDmIzRwHi10e5eHrSVOHg12ZsgFWHur7MlkylPWp/xSIfq
MYO0XEIDH+NJoTA5zsL9JTCz/yZWp+NjETm7uKuPYWZ5eYqDMRULkCz3mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJikpDX5xDkFKLmXoRSKKLFYngUOMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvbUtTa05mbkVPUVVvdVplaEZJb29zVmllQlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH36AwQA
ufoZMA0GCSqGSIb3DQEBCwUAA4IBAQBFetQMLh7ciIkkCD5ApyVcpoLUfccaz4Ac
siCcn44C+57pAsEhuTYmFKMzcfOTz478lUCSvteOXRia+hefJddYs+nHMhyYoEEC
r/gLFNube7ER3IfZPj5zhjeCytgv4B2obrYNYxpdN+cYlZGN65AbUcFkW+xlf6/Z
/GTgrg13YS9sGBC2rt6Fd/x8qLEXW02/T8Or1MFQQQ1nAyrK6sCqrST7jRqQK4Es
X+XaKN4WoFHsH6/xUX4ddymahuzrXqLKYoQhR5Q5JntU9D7FJmoaz1lbARB/C0BH
43mA7PftCmlPUBECL7N8Qpr0S2AkAP1ez4ZE3R9Ml8xNr97rj99d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org