Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/pUfD1rtsdxzhus593XYP6Ts4PtY.roa
File: pUfD1rtsdxzhus593XYP6Ts4PtY.roa (raw, json)
Hash identifier: 3ZckFD2Y5DSjKIMlTBhkfcrXzedPEfZJLyvP2eEirfI=
Subject key identifier: A5:47:C3:D6:BB:6C:77:1C:E1:BA:CE:7D:DD:76:0F:E9:3B:38:3E:D6
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018F39AB44D771F78E6E954630AD48F4CADD
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/pUfD1rtsdxzhus593XYP6Ts4PtY.roa
Signing time: Thu 02 May 2024 14:17:56 +0000
ROA not before: Thu 02 May 2024 14:17:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.221.26.0/23 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 20:37:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:ab:44:d7:71:f7:8e:6e:95:46:30:ad:48:f4:ca:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 2 14:17:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a547c3d6bb6c771ce1bace7ddd760fe93b383ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e0:14:87:8c:22:f7:bb:26:f6:d0:3f:31:5b:
90:45:ca:6f:c9:70:8a:6e:bf:88:a3:39:b2:2a:e0:
39:78:7e:42:6b:a7:1f:10:c9:b9:56:13:7f:7b:93:
ef:a9:49:5e:70:e9:27:1e:5f:1d:91:bc:6a:30:f1:
d4:e1:93:10:23:ba:a5:c4:10:97:d6:c1:2b:ea:3b:
93:4a:47:98:a9:18:ff:97:d1:23:12:8a:0d:d6:72:
f2:f9:47:44:93:c9:5d:9a:2a:b6:63:79:e0:9a:3c:
70:07:a9:26:f1:3e:42:85:94:2e:f1:cf:d6:7c:90:
a1:a1:87:3e:03:ff:77:c7:54:dd:d0:82:86:e1:8f:
c0:08:86:26:f9:44:03:23:56:af:4c:2c:8a:ab:dc:
66:85:4a:3b:f5:d4:bd:27:a5:85:a7:0f:55:72:71:
8d:0c:fe:92:c7:23:b5:e1:d6:09:69:63:fb:20:75:
5f:95:c3:c3:63:10:97:3b:f5:e8:5e:d7:a2:c8:80:
5f:6f:81:5c:ce:70:3a:27:1f:d0:f8:15:ce:e5:2f:
31:1e:3c:6d:ca:b7:40:37:56:74:85:c6:ba:06:1b:
fd:42:2e:88:37:9e:16:1f:7c:90:5f:57:fd:27:1a:
09:47:b8:ec:7f:0d:fc:aa:83:34:12:2d:2c:c7:3d:
ba:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:47:C3:D6:BB:6C:77:1C:E1:BA:CE:7D:DD:76:0F:E9:3B:38:3E:D6
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/pUfD1rtsdxzhus593XYP6Ts4PtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
185.221.26.0/23
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:4d:0e:af:b9:d9:8d:f2:e4:e9:6c:f8:c8:23:58:6c:fc:c6:
55:8c:3e:4c:60:de:9f:cb:08:dd:15:c0:61:27:8e:39:45:45:
86:74:c1:57:c9:06:15:bd:ff:a8:82:eb:fb:83:0e:72:e8:76:
4a:3a:71:02:db:ce:31:a3:f5:f7:ea:55:43:50:52:52:ab:bd:
ca:11:91:f7:92:2b:af:9e:44:e5:8b:c1:6b:59:bf:29:8c:1a:
f6:a8:d2:84:36:bc:07:e8:67:96:c6:f9:3a:45:0b:6e:63:7d:
fd:0d:15:5f:e8:66:e2:84:59:fc:e3:f8:57:8b:3a:fd:b5:a1:
ff:3b:52:17:1f:2c:81:6b:4f:fb:d1:fe:a7:bc:5f:fa:df:f9:
58:5f:30:c0:ed:bc:b0:ff:22:eb:35:77:ba:90:12:02:54:6c:
c7:74:15:6c:19:a8:af:ee:8a:f8:a9:20:dd:c3:0e:99:95:ca:
7f:ef:ad:5e:d9:d7:b4:c5:eb:32:36:10:d0:df:d4:75:7a:b6:
36:f8:c0:6a:84:8d:81:71:a5:36:51:6d:5e:f8:f1:f5:89:8e:
7f:24:b1:6b:db:2c:02:96:20:95:60:4c:0d:7a:f7:36:2b:11:
9d:82:0f:18:2d:d9:06:80:ca:da:db:8d:01:fa:9a:47:7b:ce:
0c:64:22:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY85q0TXcfeObpVGMK1I9MrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNTAyMTQxNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQ3YzNkNmJiNmM3NzFjZTFiYWNlN2RkZDc2MGZlOTNiMzgzZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuAUh4wi97sm9tA/MVuQRcpvyXCK
br+IozmyKuA5eH5Ca6cfEMm5VhN/e5PvqUlecOknHl8dkbxqMPHU4ZMQI7qlxBCX
1sEr6juTSkeYqRj/l9EjEooN1nLy+UdEk8ldmiq2Y3ngmjxwB6km8T5ChZQu8c/W
fJChoYc+A/93x1Td0IKG4Y/ACIYm+UQDI1avTCyKq9xmhUo79dS9J6WFpw9VcnGN
DP6SxyO14dYJaWP7IHVflcPDYxCXO/XoXteiyIBfb4FcznA6Jx/Q+BXO5S8xHjxt
yrdAN1Z0hca6Bhv9Qi6IN54WH3yQX1f9JxoJR7jsfw38qoM0Ei0sxz26xwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKVHw9a7bHcc4brOfd12D+k7OD7WMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvcFVmRDFydHNkeHpodXM1OTNYWVA2VHM0UHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucfVAwQB
ud0aAwQAueK1MA0GCSqGSIb3DQEBCwUAA4IBAQB+TQ6vudmN8uTpbPjII1hs/MZV
jD5MYN6fywjdFcBhJ445RUWGdMFXyQYVvf+oguv7gw5y6HZKOnEC284xo/X36lVD
UFJSq73KEZH3kiuvnkTli8FrWb8pjBr2qNKENrwH6GeWxvk6RQtuY339DRVf6Gbi
hFn84/hXizr9taH/O1IXHyyBa0/70f6nvF/63/lYXzDA7byw/yLrNXe6kBICVGzH
dBVsGaiv7or4qSDdww6Zlcp/761e2de0xesyNhDQ39R1erY2+MBqhI2BcaU2UW1e
+PH1iY5/JLFr2ywCliCVYEwNevc2KxGdgg8YLdkGgMra240B+ppHe84MZCKF
-----END CERTIFICATE-----
Generated at Fri May 3 21:41:55 2024 by rpki-client on console-ams.rpki-client.org