Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oXS4QQuMk1mor5mH7PB9gdOiI20.roa
File: oXS4QQuMk1mor5mH7PB9gdOiI20.roa (raw, json)
Hash identifier: 6XqsIqV6UC/ebMpA2RHJICT+F9JL5rim+C6/uCTlcfU=
Subject key identifier: A1:74:B8:41:0B:8C:93:59:A8:AF:99:87:EC:F0:7D:81:D3:A2:23:6D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018A2F2615A4D2C7A37B7978F935A07DAFEB
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oXS4QQuMk1mor5mH7PB9gdOiI20.roa
Signing time: Sat 26 Aug 2023 00:02:19 +0000
ROA not before: Sat 26 Aug 2023 00:02:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 185.225.171.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
79.98.244.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 30 Aug 2023 16:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2f:26:15:a4:d2:c7:a3:7b:79:78:f9:35:a0:7d:af:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 26 00:02:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a174b8410b8c9359a8af9987ecf07d81d3a2236d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:38:2e:bb:86:af:ff:97:dc:ab:c9:22:22:cb:
3b:66:50:13:9a:8a:06:f0:aa:f0:aa:f1:58:c1:e9:
7d:b0:ea:25:5b:4e:f5:97:03:28:39:70:df:02:1b:
c2:5a:cb:38:bc:f9:4c:ce:9d:c4:8d:5e:3f:4d:57:
35:a9:1d:0d:c5:9e:e0:3f:28:11:59:dd:7c:b4:90:
a5:10:33:8e:2b:dc:1c:85:27:bc:08:4e:48:08:7d:
36:49:e4:4a:12:dd:fa:b2:be:24:c2:cd:f7:84:35:
32:aa:55:45:89:27:44:a4:d6:43:de:34:a1:d1:3f:
62:75:78:3a:a1:cb:d2:9f:7a:14:33:03:33:33:9a:
50:38:ce:fb:df:60:99:63:83:08:86:95:2b:39:ec:
b7:13:31:67:5f:1b:e9:20:50:18:03:86:00:f8:ed:
15:18:3d:1a:9f:b9:0b:69:c4:dd:1c:b5:24:96:50:
3d:b6:11:9b:4a:07:87:bb:ae:03:fb:89:a0:cb:f7:
45:04:13:5f:49:7b:56:a2:1d:6c:34:2d:db:82:8c:
da:fb:e6:58:c3:85:fe:a9:76:d8:e4:93:23:d2:11:
e2:32:02:d0:0a:78:5e:d2:6c:a4:f9:5a:10:83:fc:
75:bc:db:dd:7a:33:f0:b5:ad:65:fa:5b:8d:ed:36:
67:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:74:B8:41:0B:8C:93:59:A8:AF:99:87:EC:F0:7D:81:D3:A2:23:6D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oXS4QQuMk1mor5mH7PB9gdOiI20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/23
185.225.171.0/24
185.250.25.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:f5:b0:b1:99:48:be:3e:04:e4:5f:2f:03:38:8e:41:78:c3:
17:e0:76:c0:b3:2c:00:53:9c:84:10:c0:bc:d2:de:96:6d:c8:
ec:78:1c:f1:65:50:6a:92:2d:d2:b9:75:0d:aa:6c:8f:32:ab:
69:cf:5c:c8:23:f8:83:f7:d8:13:56:f7:18:7d:e6:1b:6c:15:
93:60:21:81:bd:13:d6:37:ca:38:92:c9:e5:45:7b:1c:f0:96:
19:ac:22:d9:7d:a2:32:1b:76:34:91:05:f4:f8:44:17:36:bb:
aa:73:3d:47:93:6a:e3:2e:fd:f5:38:3c:58:01:2c:38:af:fa:
dc:23:da:32:c3:a2:79:0b:4b:d2:a0:99:f2:c2:e9:ef:bd:e0:
e2:9e:78:3a:d5:14:2d:bf:c6:6a:41:ea:fa:e5:91:63:07:11:
75:86:4b:13:88:97:0d:89:d1:e0:17:30:64:19:dc:42:cb:f3:
34:d5:31:a0:29:47:e8:6d:93:f7:35:5d:98:8f:d0:c3:a7:2f:
8b:00:a2:ad:ec:3a:0f:30:c4:cd:89:a0:27:28:55:2c:ef:1b:
86:8e:1b:77:3a:a4:32:52:e2:03:d7:1a:d2:9f:93:e6:73:1f:
af:05:ff:07:0d:7c:c5:da:1f:5d:8e:36:d1:6a:aa:9b:73:6d:
a5:fe:4b:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYovJhWk0seje3l4+TWgfa/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODI2MDAwMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc0Yjg0MTBiOGM5MzU5YThhZjk5ODdlY2YwN2Q4MWQzYTIyMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTguu4av/5fcq8kiIss7ZlATmooG
8KrwqvFYwel9sOolW071lwMoOXDfAhvCWss4vPlMzp3EjV4/TVc1qR0NxZ7gPygR
Wd18tJClEDOOK9wchSe8CE5ICH02SeRKEt36sr4kws33hDUyqlVFiSdEpNZD3jSh
0T9idXg6ocvSn3oUMwMzM5pQOM7732CZY4MIhpUrOey3EzFnXxvpIFAYA4YA+O0V
GD0an7kLacTdHLUkllA9thGbSgeHu64D+4mgy/dFBBNfSXtWoh1sNC3bgoza++ZY
w4X+qXbY5JMj0hHiMgLQCnhe0myk+VoQg/x1vNvdejPwta1l+luN7TZngwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKF0uEELjJNZqK+Zh+zwfYHToiNtMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvb1hTNFFRdU1rMW1vcjVtSDdQQjlnZE9pSTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBT2L0AwQA
ueGrAwQAufoZMA0GCSqGSIb3DQEBCwUAA4IBAQCP9bCxmUi+PgTkXy8DOI5BeMMX
4HbAsywAU5yEEMC80t6WbcjseBzxZVBqki3SuXUNqmyPMqtpz1zII/iD99gTVvcY
feYbbBWTYCGBvRPWN8o4ksnlRXsc8JYZrCLZfaIyG3Y0kQX0+EQXNruqcz1Hk2rj
Lv31ODxYASw4r/rcI9oyw6J5C0vSoJnywunvveDinng61RQtv8ZqQer65ZFjBxF1
hksTiJcNidHgFzBkGdxCy/M01TGgKUfobZP3NV2Yj9DDpy+LAKKt7DoPMMTNiaAn
KFUs7xuGjht3OqQyUuID1xrSn5Pmcx+vBf8HDXzF2h9djjbRaqqbc22l/kug
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org