Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/tMfFGuGDu3Uko5tovfwJMkT6dyg.roa
File: tMfFGuGDu3Uko5tovfwJMkT6dyg.roa (raw, json)
Hash identifier: 53+btX1GLhXvKuI/ZTvamQfKOa1N9cHRFNY3LozteZ4=
Subject key identifier: B4:C7:C5:1A:E1:83:BB:75:24:A3:9B:68:BD:FC:09:32:44:FA:77:28
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CD37410EA816523FA52FDD2D66A689CEE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/tMfFGuGDu3Uko5tovfwJMkT6dyg.roa
Signing time: Thu 04 Jan 2024 07:50:48 +0000
ROA not before: Thu 04 Jan 2024 07:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 185.199.212.0/23 maxlen: 23
185.225.170.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 04 Jan 2024 07:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:74:10:ea:81:65:23:fa:52:fd:d2:d6:6a:68:9c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 4 07:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4c7c51ae183bb7524a39b68bdfc093244fa7728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9a:1e:51:2c:4e:59:72:bc:51:49:67:93:f8:
1e:8b:99:20:d2:05:65:88:03:8a:5c:71:f1:77:d6:
46:99:44:f5:7e:94:12:a5:32:e8:a1:e7:c5:2e:a7:
ca:74:f2:d2:03:18:68:0b:f9:26:21:b9:b0:f7:6a:
1f:03:e6:f6:2a:db:f0:8d:48:f9:4a:42:3f:7b:e0:
89:c6:21:11:b6:21:21:14:d9:6c:c0:9f:88:22:04:
c9:3c:cc:af:f0:d6:a7:4e:ae:a7:c4:72:c6:15:f1:
da:92:63:a1:39:f6:3b:77:0f:2c:54:f9:1c:60:7d:
fc:57:77:d8:89:fe:a5:c2:50:23:10:c2:60:fe:0f:
d0:fc:0b:c9:c0:54:44:18:58:79:e2:2a:12:56:23:
a9:08:be:6d:d8:be:57:d5:f5:66:e4:1a:63:9e:33:
b0:72:c3:c5:27:08:a7:c0:82:90:54:7f:d7:8b:9f:
b3:71:cf:72:3a:51:79:dd:e3:fe:91:7e:53:28:14:
95:fb:b6:2f:dc:69:34:50:15:b3:1f:d4:08:12:b3:
0f:1d:e2:ad:b6:8f:36:c7:ae:0d:99:6b:73:3f:8d:
52:5e:36:0d:23:9e:5f:ff:a2:82:c7:b6:40:1e:ca:
1e:13:07:1b:90:75:f8:ad:d6:c2:db:0a:59:96:de:
f5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C7:C5:1A:E1:83:BB:75:24:A3:9B:68:BD:FC:09:32:44:FA:77:28
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/tMfFGuGDu3Uko5tovfwJMkT6dyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.212.0/23
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:93:1f:c7:69:73:d8:bf:18:2f:3e:f5:55:42:d6:67:0e:5e:
8b:5c:11:a7:24:8a:91:be:fd:d7:8c:96:b9:cc:a4:c5:b5:b1:
ec:2f:67:14:18:bf:92:9a:4c:46:69:27:54:76:31:3b:8f:bd:
31:fd:8d:4d:da:18:2b:13:7e:0c:6a:79:8e:8d:df:33:51:c8:
2b:f8:ed:01:31:6a:60:1b:cd:26:03:84:9b:b5:2c:32:1e:b1:
5a:e2:b7:9b:9e:27:66:4a:ec:c2:e8:2c:17:02:63:fd:81:32:
14:09:fb:46:2d:e2:1c:2e:dd:1d:dc:f0:ce:44:3b:a5:af:a9:
f8:62:2c:38:3d:00:33:73:2a:77:4b:14:31:68:23:84:17:3f:
ea:09:4e:09:50:b6:33:ea:e5:0b:e8:5b:72:26:46:ec:80:12:
d1:10:cd:25:e9:68:d7:75:e3:b8:86:e1:da:89:99:f9:13:2b:
0c:ba:2c:cf:50:fa:46:3e:10:d7:df:07:e8:20:32:a3:9a:68:
74:4d:77:1c:5a:1b:f0:15:7b:5f:aa:5f:cb:94:8d:d8:1b:d5:
2b:a1:f4:25:56:e5:3e:a6:8c:b7:2b:0e:6c:6d:fa:d4:31:69:
1a:fa:0f:68:36:d5:50:db:2f:33:11:8a:51:d8:e1:ef:74:a8:
e0:e4:41:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzTdBDqgWUj+lL90tZqaJzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTA0MDc1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM3YzUxYWUxODNiYjc1MjRhMzliNjhiZGZjMDkzMjQ0ZmE3NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZoeUSxOWXK8UUlnk/gei5kg0gVl
iAOKXHHxd9ZGmUT1fpQSpTLooefFLqfKdPLSAxhoC/kmIbmw92ofA+b2KtvwjUj5
SkI/e+CJxiERtiEhFNlswJ+IIgTJPMyv8NanTq6nxHLGFfHakmOhOfY7dw8sVPkc
YH38V3fYif6lwlAjEMJg/g/Q/AvJwFREGFh54ioSViOpCL5t2L5X1fVm5BpjnjOw
csPFJwinwIKQVH/Xi5+zcc9yOlF53eP+kX5TKBSV+7Yv3Gk0UBWzH9QIErMPHeKt
to82x64NmWtzP41SXjYNI55f/6KCx7ZAHsoeEwcbkHX4rdbC2wpZlt71kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLTHxRrhg7t1JKObaL38CTJE+ncoMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdE1mRkd1R0R1M1VrbzV0b3Zmd0pNa1Q2ZHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBucfUAwQB
ueGqMA0GCSqGSIb3DQEBCwUAA4IBAQALkx/HaXPYvxgvPvVVQtZnDl6LXBGnJIqR
vv3XjJa5zKTFtbHsL2cUGL+SmkxGaSdUdjE7j70x/Y1N2hgrE34ManmOjd8zUcgr
+O0BMWpgG80mA4SbtSwyHrFa4rebnidmSuzC6CwXAmP9gTIUCftGLeIcLt0d3PDO
RDulr6n4Yiw4PQAzcyp3SxQxaCOEFz/qCU4JULYz6uUL6FtyJkbsgBLREM0l6WjX
deO4huHaiZn5EysMuizPUPpGPhDX3wfoIDKjmmh0TXccWhvwFXtfql/LlI3YG9Ur
ofQlVuU+poy3Kw5sbfrUMWka+g9oNtVQ2y8zEYpR2OHvdKjg5EGy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org