Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/urQM19XcOIi9KfVjc7NrnDV841A.roa
File: urQM19XcOIi9KfVjc7NrnDV841A.roa (raw, json)
Hash identifier: sfygGTdl4imcgcmgrcgDFEz4OE8mqr8KC+6oqkHpB+I=
Subject key identifier: BA:B4:0C:D7:D5:DC:38:88:BD:29:F5:63:73:B3:6B:9C:35:7C:E3:50
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018C0220039626514B60DEFD73A3FAC2C4EF
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/urQM19XcOIi9KfVjc7NrnDV841A.roa
Signing time: Fri 24 Nov 2023 16:18:21 +0000
ROA not before: Fri 24 Nov 2023 16:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.244.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
185.221.24.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:20:03:96:26:51:4b:60:de:fd:73:a3:fa:c2:c4:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 24 16:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bab40cd7d5dc3888bd29f56373b36b9c357ce350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f8:65:7b:0d:69:82:b8:e0:80:2f:c5:bd:75:
7b:9a:b0:3f:88:7b:a9:46:0c:d9:d9:44:a9:77:60:
53:20:2d:cf:b1:61:d3:44:9d:54:03:9c:d0:f8:23:
57:51:24:4d:b7:94:e8:59:5e:15:be:17:91:36:52:
03:b3:00:97:79:64:20:16:af:0e:81:66:97:3f:65:
a8:88:14:7d:6a:f9:a3:14:b2:85:25:0e:15:1a:7c:
4d:26:d8:7d:cc:a3:45:d6:c8:64:6c:bf:ae:4e:47:
16:00:37:70:31:16:d8:9a:9a:a2:c6:ec:db:ba:1a:
b6:e8:c3:a7:d4:98:49:44:d0:2e:75:28:c9:37:ba:
ea:f1:69:db:df:58:fa:2a:ee:fd:e8:3c:fd:e7:83:
95:e1:46:2a:1b:61:be:35:72:a2:43:82:fc:c2:67:
fb:8a:52:a0:5d:b4:77:7a:6a:98:61:f1:e0:62:4b:
35:6e:b2:69:5d:b7:00:84:c7:c5:4c:c9:26:70:68:
19:19:66:15:3a:6f:02:db:ce:3a:87:f3:48:b6:bb:
7b:f1:c5:7a:77:05:0d:40:f6:b6:4f:06:8e:27:d9:
9d:f5:f0:1c:54:b6:af:1e:9c:90:24:ec:24:09:84:
8d:74:16:f0:ee:7c:7a:8c:0e:29:dd:60:fe:ee:d3:
7c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B4:0C:D7:D5:DC:38:88:BD:29:F5:63:73:B3:6B:9C:35:7C:E3:50
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/urQM19XcOIi9KfVjc7NrnDV841A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/23
176.125.250.0/24
185.221.24.0/23
185.225.168.0/23
Signature Algorithm: sha256WithRSAEncryption
91:2a:c2:d4:fc:58:a5:07:b9:fb:59:13:ee:d1:be:48:68:df:
69:33:d8:8f:2d:89:dc:58:01:4d:93:1f:55:7e:29:52:23:72:
4b:24:7d:7d:01:08:53:0b:3a:74:d4:57:8c:e9:b9:33:48:3d:
7e:4e:88:87:27:26:66:a9:56:e4:8e:6f:df:81:eb:e5:8f:33:
bd:59:f3:d6:bb:9d:b9:69:e0:4f:33:7d:5b:c4:02:3d:44:30:
d5:4f:88:98:f1:5c:69:08:97:30:7c:62:b5:13:aa:8e:66:04:
97:8b:be:f2:02:f9:34:0b:eb:44:dd:72:cd:74:ca:a9:bc:78:
3e:16:86:62:16:1c:2b:0b:95:6b:27:d9:fa:0a:e8:da:87:ff:
b7:df:cb:43:4e:c8:73:fb:d8:24:fb:e7:4f:7e:00:ab:0b:01:
ac:54:72:56:f0:b8:46:e0:ad:92:3a:d7:8b:6d:28:df:cd:83:
eb:3b:3b:4d:08:88:a5:1f:b5:57:14:9e:9e:ee:84:a1:ee:81:
35:72:45:1f:7d:b9:96:0d:0b:20:4f:92:05:2f:fd:e0:a5:60:
70:da:ad:42:b8:fc:10:d9:75:c9:78:a7:48:3f:e1:b4:d4:1a:
80:9f:85:a6:83:f3:c8:36:de:ec:06:c2:e6:eb:5f:43:e2:b2:
5a:66:00:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwCIAOWJlFLYN79c6P6wsTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMTI0MTYxODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI0MGNkN2Q1ZGMzODg4YmQyOWY1NjM3M2IzNmI5YzM1N2NlMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfhlew1pgrjggC/FvXV7mrA/iHup
RgzZ2USpd2BTIC3PsWHTRJ1UA5zQ+CNXUSRNt5ToWV4VvheRNlIDswCXeWQgFq8O
gWaXP2WoiBR9avmjFLKFJQ4VGnxNJth9zKNF1shkbL+uTkcWADdwMRbYmpqixuzb
uhq26MOn1JhJRNAudSjJN7rq8Wnb31j6Ku796Dz954OV4UYqG2G+NXKiQ4L8wmf7
ilKgXbR3emqYYfHgYks1brJpXbcAhMfFTMkmcGgZGWYVOm8C2846h/NItrt78cV6
dwUNQPa2TwaOJ9md9fAcVLavHpyQJOwkCYSNdBbw7nx6jA4p3WD+7tN8XQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLq0DNfV3DiIvSn1Y3Oza5w1fONQMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdXJRTTE5WGNPSWk5S2ZWamM3TnJuRFY4NDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBT2L0AwQA
sH36AwQBud0YAwQBueGoMA0GCSqGSIb3DQEBCwUAA4IBAQCRKsLU/FilB7n7WRPu
0b5IaN9pM9iPLYncWAFNkx9VfilSI3JLJH19AQhTCzp01FeM6bkzSD1+ToiHJyZm
qVbkjm/fgevljzO9WfPWu525aeBPM31bxAI9RDDVT4iY8VxpCJcwfGK1E6qOZgSX
i77yAvk0C+tE3XLNdMqpvHg+FoZiFhwrC5VrJ9n6Cujah/+338tDTshz+9gk++dP
fgCrCwGsVHJW8LhG4K2SOteLbSjfzYPrOztNCIilH7VXFJ6e7oSh7oE1ckUffbmW
DQsgT5IFL/3gpWBw2q1CuPwQ2XXJeKdIP+G01BqAn4Wmg/PINt7sBsLm619D4rJa
ZgAd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org