Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/qOXbDzfELIaWsCkBR8JzZSdGNI8.roa
File: qOXbDzfELIaWsCkBR8JzZSdGNI8.roa (raw, json)
Hash identifier: cxnbqIsF0eQf0VPezC8KciQCBT4/CRLnLIHmAYuzwes=
Subject key identifier: A8:E5:DB:0F:37:C4:2C:86:96:B0:29:01:47:C2:73:65:27:46:34:8F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018F7E8747B71D2F71ED66CA3F2930064D3A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/qOXbDzfELIaWsCkBR8JzZSdGNI8.roa
Signing time: Wed 15 May 2024 23:12:25 +0000
ROA not before: Wed 15 May 2024 23:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 185.221.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 18:35:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7e:87:47:b7:1d:2f:71:ed:66:ca:3f:29:30:06:4d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 15 23:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e5db0f37c42c8696b0290147c273652746348f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7b:f8:d4:7e:e1:db:2d:db:83:8b:22:d9:7c:
38:3b:15:84:8b:13:94:d6:73:e9:f5:15:43:47:89:
c6:6d:e7:52:4f:d5:77:78:17:9b:2d:25:fd:01:bc:
b9:1c:2d:81:0d:0f:6c:9e:e3:da:68:d5:01:94:11:
01:2a:d6:b1:71:68:79:4c:79:44:21:20:c0:df:44:
e2:91:6a:7c:6c:14:7c:8a:d4:9f:80:69:04:e5:9c:
51:0d:98:6b:13:1c:80:49:9a:64:9c:f8:bb:00:cc:
90:7a:01:5c:4c:be:81:a6:b6:50:b3:09:c8:0b:25:
8c:84:44:ec:39:c2:5e:e0:11:51:c4:d9:26:36:2f:
ea:58:e4:e8:1d:96:3c:36:d9:13:09:b9:41:5c:f9:
57:77:50:50:b8:7a:b1:08:2e:29:9d:e9:9e:39:81:
c1:0c:94:24:bd:13:39:79:ab:57:cf:20:fe:fb:75:
ba:5f:ab:51:f1:e3:21:17:5e:6e:d8:7d:72:a0:33:
92:4b:4d:5c:2f:58:8c:0a:ca:d1:4f:32:9b:66:18:
7c:a8:07:35:ca:91:84:97:8a:59:b2:81:68:77:49:
73:98:4b:ae:0f:58:48:3f:b1:18:c5:f0:d5:91:8a:
89:50:9b:4e:aa:da:19:e3:7e:37:db:71:98:15:16:
7c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E5:DB:0F:37:C4:2C:86:96:B0:29:01:47:C2:73:65:27:46:34:8F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/qOXbDzfELIaWsCkBR8JzZSdGNI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.26.0/23
Signature Algorithm: sha256WithRSAEncryption
93:77:69:df:92:65:27:56:6f:aa:10:5d:41:06:b4:84:fd:0e:
e9:b5:f2:5f:0f:07:66:6b:cd:5d:88:a7:f5:c3:77:d9:fe:4b:
22:75:a9:fd:98:ee:ba:6b:c3:c8:ed:e2:5c:2c:55:e8:72:b5:
e0:30:82:50:d4:e9:df:54:7b:1a:23:8f:74:58:7c:0c:4b:82:
fc:0f:e8:49:2d:7c:d3:a0:40:ad:f8:e1:4a:e0:95:6d:60:ea:
43:32:b3:22:6e:bc:3f:4e:7b:23:b1:fd:56:a8:94:83:79:9e:
3e:f1:bc:33:c5:76:0a:ea:d2:8e:a8:c0:bb:3f:7b:cb:f0:f1:
ec:70:a6:49:33:00:27:a9:cc:a8:c7:b2:9a:41:b9:dd:e0:70:
12:b9:1c:8f:36:1f:f4:b2:64:ef:fe:40:33:81:89:cc:7c:e5:
f1:84:0e:7b:6d:5b:de:c0:5f:55:49:3c:31:82:7d:4e:f6:eb:
2b:d6:df:e4:ad:7a:f5:ee:7f:04:df:6a:f7:a2:5d:3f:f5:fe:
ea:16:f7:98:c4:ec:b6:6f:39:3c:91:27:40:5a:cc:a2:7b:da:
c4:9a:a4:ea:3f:54:30:d0:ce:47:d2:cd:b5:03:a6:a1:68:45:
a3:86:f0:f4:b8:a4:13:f8:e5:80:94:bf:37:90:12:ee:57:fe:
26:7b:16:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9+h0e3HS9x7WbKPykwBk06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNTE1MjMxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU1ZGIwZjM3YzQyYzg2OTZiMDI5MDE0N2MyNzM2NTI3NDYzNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnv41H7h2y3bg4si2Xw4OxWEixOU
1nPp9RVDR4nGbedST9V3eBebLSX9Aby5HC2BDQ9snuPaaNUBlBEBKtaxcWh5THlE
ISDA30TikWp8bBR8itSfgGkE5ZxRDZhrExyASZpknPi7AMyQegFcTL6BprZQswnI
CyWMhETsOcJe4BFRxNkmNi/qWOToHZY8NtkTCblBXPlXd1BQuHqxCC4pnemeOYHB
DJQkvRM5eatXzyD++3W6X6tR8eMhF15u2H1yoDOSS01cL1iMCsrRTzKbZhh8qAc1
ypGEl4pZsoFod0lzmEuuD1hIP7EYxfDVkYqJUJtOqtoZ434323GYFRZ8WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjl2w83xCyGlrApAUfCc2UnRjSPMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvcU9YYkR6ZkVMSWFXc0NrQlI4SnpaU2RHTkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBud0aMA0G
CSqGSIb3DQEBCwUAA4IBAQCTd2nfkmUnVm+qEF1BBrSE/Q7ptfJfDwdma81diKf1
w3fZ/ksidan9mO66a8PI7eJcLFXocrXgMIJQ1OnfVHsaI490WHwMS4L8D+hJLXzT
oECt+OFK4JVtYOpDMrMibrw/Tnsjsf1WqJSDeZ4+8bwzxXYK6tKOqMC7P3vL8PHs
cKZJMwAnqcyox7KaQbnd4HASuRyPNh/0smTv/kAzgYnMfOXxhA57bVvewF9VSTwx
gn1O9usr1t/krXr17n8E32r3ol0/9f7qFveYxOy2bzk8kSdAWsyie9rEmqTqP1Qw
0M5H0s21A6ahaEWjhvD0uKQT+OWAlL83kBLuV/4mexbG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org