Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/tBbae9-KJmN5FlgxHZttRe5yLMs.roa
File: tBbae9-KJmN5FlgxHZttRe5yLMs.roa (raw, json)
Hash identifier: WnCuk4l2fMxjFJ5Ww2oa7bqy1pmLZqGFCoU6d1erU/g=
Subject key identifier: B4:16:DA:7B:DF:8A:26:63:79:16:58:31:1D:9B:6D:45:EE:72:2C:CB
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0189DF315002F66D820142BE343B5A13F4B0
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/tBbae9-KJmN5FlgxHZttRe5yLMs.roa
Signing time: Thu 10 Aug 2023 11:24:58 +0000
ROA not before: Thu 10 Aug 2023 11:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 185.199.214.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 11:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:31:50:02:f6:6d:82:01:42:be:34:3b:5a:13:f4:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 10 11:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b416da7bdf8a2663791658311d9b6d45ee722ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9b:58:15:d9:9c:dd:72:e9:72:fa:e5:86:75:
d1:d0:b5:4d:d1:45:4f:4a:a6:9a:d6:6c:c6:ef:65:
7a:23:af:66:03:62:1a:c9:36:e4:52:a0:e9:ad:97:
04:a0:75:b0:1b:60:5b:0a:0a:3e:f9:df:fb:e6:68:
8a:d7:51:3e:1c:8f:9b:4d:35:26:1e:cd:fd:9b:9d:
10:6d:45:bf:f5:90:29:6d:07:ef:2c:d4:da:6d:ed:
12:26:eb:6d:d9:e4:53:af:3c:bb:71:bb:94:c2:e9:
f9:19:b8:8e:01:7e:13:a5:9b:ee:4b:bc:73:08:9b:
23:3b:e7:37:ef:84:68:13:fd:e1:61:60:26:f1:aa:
34:c9:27:25:d7:69:5e:d4:55:7f:c8:c4:82:6b:00:
e4:4a:8e:6c:36:12:fe:80:c9:30:bc:2a:03:a7:c4:
80:68:d8:05:13:59:d0:a7:5b:2c:14:b3:02:4e:a1:
5f:88:b0:46:b0:5f:0b:b2:f2:63:43:5a:9f:d5:a1:
e0:bf:f1:32:29:7d:c8:4a:c6:07:70:af:fc:80:a5:
45:87:e5:ea:db:9f:19:ec:77:43:96:fb:15:05:16:
6f:8d:34:38:d1:41:e1:2d:11:f0:96:27:28:cb:be:
1f:f7:05:29:74:a6:c2:4f:e5:5b:54:69:0e:28:f0:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:16:DA:7B:DF:8A:26:63:79:16:58:31:1D:9B:6D:45:EE:72:2C:CB
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/tBbae9-KJmN5FlgxHZttRe5yLMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.214.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:20:a2:46:f2:99:f8:5c:68:ac:a5:2f:02:8f:47:f1:6d:7c:
2d:85:8d:0d:8e:05:8f:51:1f:26:e3:31:a9:fd:bd:a1:15:5c:
f6:49:c9:c9:25:0b:9a:60:b0:f6:12:0d:a2:d4:ba:e9:1f:12:
a8:15:cc:fd:f6:1c:e8:76:fd:80:52:1d:43:1e:0f:65:20:29:
ff:c5:ca:1c:6b:23:82:f2:93:5f:6b:81:24:33:7f:1a:c3:4e:
f0:6c:62:92:ae:43:8e:42:e8:a1:08:bc:96:f9:e4:96:b6:7c:
f7:b7:af:78:c2:72:3a:e6:36:fb:00:ef:99:93:72:49:2f:d7:
c7:5f:7c:c5:ab:50:52:58:50:b3:4a:44:ab:4e:96:cf:ec:7c:
e0:9d:bb:25:26:c6:59:d1:70:9e:e5:1f:fa:c0:b5:ce:28:db:
0c:aa:f5:b5:0f:9a:05:11:b9:1f:73:b3:50:50:c8:e9:cf:95:
a2:a0:c1:4f:e5:f5:69:f7:13:25:e3:2e:d8:fe:4c:5f:4a:5e:
0e:5f:04:09:3f:b7:d2:f9:f9:de:54:3e:cd:50:de:0c:4e:92:
94:a1:4b:e6:1f:8a:3c:53:00:89:99:87:62:fb:c2:13:7c:32:
d7:10:f7:c9:63:42:6b:74:f6:3e:64:b9:7d:73:57:59:73:fa:
8d:0d:27:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnfMVAC9m2CAUK+NDtaE/SwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODEwMTEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDE2ZGE3YmRmOGEyNjYzNzkxNjU4MzExZDliNmQ0NWVlNzIyY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJtYFdmc3XLpcvrlhnXR0LVN0UVP
Sqaa1mzG72V6I69mA2IayTbkUqDprZcEoHWwG2BbCgo++d/75miK11E+HI+bTTUm
Hs39m50QbUW/9ZApbQfvLNTabe0SJutt2eRTrzy7cbuUwun5GbiOAX4TpZvuS7xz
CJsjO+c374RoE/3hYWAm8ao0yScl12le1FV/yMSCawDkSo5sNhL+gMkwvCoDp8SA
aNgFE1nQp1ssFLMCTqFfiLBGsF8LsvJjQ1qf1aHgv/EyKX3ISsYHcK/8gKVFh+Xq
258Z7HdDlvsVBRZvjTQ40UHhLRHwlicoy74f9wUpdKbCT+VbVGkOKPBRbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQW2nvfiiZjeRZYMR2bbUXucizLMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdEJiYWU5LUtKbU41RmxneEhadHRSZTV5TE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucfWMA0G
CSqGSIb3DQEBCwUAA4IBAQCeIKJG8pn4XGispS8Cj0fxbXwthY0NjgWPUR8m4zGp
/b2hFVz2ScnJJQuaYLD2Eg2i1LrpHxKoFcz99hzodv2AUh1DHg9lICn/xcocayOC
8pNfa4EkM38aw07wbGKSrkOOQuihCLyW+eSWtnz3t694wnI65jb7AO+Zk3JJL9fH
X3zFq1BSWFCzSkSrTpbP7HzgnbslJsZZ0XCe5R/6wLXOKNsMqvW1D5oFEbkfc7NQ
UMjpz5WioMFP5fVp9xMl4y7Y/kxfSl4OXwQJP7fS+fneVD7NUN4MTpKUoUvmH4o8
UwCJmYdi+8ITfDLXEPfJY0JrdPY+ZLl9c1dZc/qNDSe+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org