Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uutyomJr1PnOTLTCS8M5vUjiVLg.roa
File: uutyomJr1PnOTLTCS8M5vUjiVLg.roa (raw, json)
Hash identifier: A83s651o8sU4Pnd2oLkgOTGDWPOV+XREPSMPSKsGBmA=
Subject key identifier: BA:EB:72:A2:62:6B:D4:F9:CE:4C:B4:C2:4B:C3:39:BD:48:E2:54:B8
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01932AAB9C9845AAFA8E6B5F26BFBA442FA1
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uutyomJr1PnOTLTCS8M5vUjiVLg.roa
Signing time: Thu 14 Nov 2024 12:35:09 +0000
ROA not before: Thu 14 Nov 2024 12:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 09:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:ab:9c:98:45:aa:fa:8e:6b:5f:26:bf:ba:44:2f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 14 12:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baeb72a2626bd4f9ce4cb4c24bc339bd48e254b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:ce:30:90:eb:c1:dd:08:20:95:d9:9a:fd:
a3:dd:c4:1e:1f:4f:19:0f:e4:ab:58:8a:2e:97:67:
7e:19:e9:a3:79:26:75:c9:10:56:28:1a:26:93:16:
5e:b9:29:db:c3:28:aa:37:0a:19:74:0b:2b:c1:f7:
31:b9:af:45:b1:49:0a:e7:a6:8f:74:f8:5f:cc:70:
75:6c:e5:f6:43:d3:2c:22:1c:20:c5:d4:98:1a:3b:
b7:98:4a:de:6e:19:be:2b:7e:d5:a5:1e:35:50:37:
fe:2a:71:73:f5:b3:52:77:bb:96:72:67:57:c9:a4:
ff:2f:22:6a:c8:8f:74:e8:c7:de:74:73:16:6d:41:
6b:3d:41:4e:97:ac:da:fe:06:30:f7:6c:0b:85:eb:
81:66:b6:55:43:7e:a6:59:19:03:3f:b4:0e:54:df:
31:61:d7:5a:7e:c0:00:f4:a1:26:d8:cb:f5:c0:65:
31:1a:56:74:ff:6a:0f:13:7d:7d:7d:d3:91:ac:b4:
3a:92:ff:c7:13:92:60:17:25:28:b2:a4:34:92:c8:
5c:51:11:22:ef:48:d4:58:b2:76:cc:07:4c:7f:0b:
00:89:be:88:d5:2e:94:44:b1:b1:75:c6:d0:bd:ca:
c3:a8:55:bc:00:bf:58:a3:9d:19:29:5f:68:48:39:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EB:72:A2:62:6B:D4:F9:CE:4C:B4:C2:4B:C3:39:BD:48:E2:54:B8
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uutyomJr1PnOTLTCS8M5vUjiVLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
185.221.26.0/24
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:d2:cc:f0:c1:14:f5:a4:b8:36:0a:ec:1a:e4:fd:1b:7d:b0:
fc:31:ae:e4:28:f1:c8:a3:f7:d1:65:45:6c:c2:f8:73:21:77:
26:17:0b:d4:43:f6:54:be:52:45:8f:65:63:79:f9:d9:ee:01:
3f:c9:38:54:15:6b:75:bb:77:2e:3c:8a:04:56:9f:39:31:79:
a1:38:ab:23:08:95:12:1f:2f:56:bf:6e:49:45:67:87:e5:99:
3f:67:ef:ca:77:98:37:0a:08:da:48:e0:98:98:78:04:e4:8e:
b9:fe:79:0e:eb:cf:85:ea:af:93:b3:9d:51:6f:43:df:98:d1:
1c:ec:4e:03:de:63:5c:53:bf:b1:f6:1f:08:ea:a8:93:0c:d2:
22:15:ff:10:2e:68:71:6f:31:3f:9d:7a:f2:5e:00:6d:c3:4c:
d1:29:b1:a9:94:c2:51:08:5d:da:1b:c0:70:9d:0a:63:7b:52:
53:fc:b2:58:4b:36:2f:ba:72:b8:36:42:db:f3:cf:79:ac:1e:
81:b3:25:41:ff:ec:92:0b:fd:5a:de:45:e3:cf:2d:76:78:65:
44:40:0c:34:39:f6:e1:fe:e7:5b:f2:0e:26:73:c6:1c:24:50:
f8:53:bc:0b:56:3e:63:c7:0c:df:86:ec:33:d8:f1:12:e3:d5:
71:f1:5d:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMqq5yYRar6jmtfJr+6RC+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMTE0MTIzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWViNzJhMjYyNmJkNGY5Y2U0Y2I0YzI0YmMzMzliZDQ4ZTI1NGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1vOMJDrwd0IIJXZmv2j3cQeH08Z
D+SrWIoul2d+GemjeSZ1yRBWKBomkxZeuSnbwyiqNwoZdAsrwfcxua9FsUkK56aP
dPhfzHB1bOX2Q9MsIhwgxdSYGju3mErebhm+K37VpR41UDf+KnFz9bNSd7uWcmdX
yaT/LyJqyI906MfedHMWbUFrPUFOl6za/gYw92wLheuBZrZVQ36mWRkDP7QOVN8x
YddafsAA9KEm2Mv1wGUxGlZ0/2oPE319fdORrLQ6kv/HE5JgFyUosqQ0kshcUREi
70jUWLJ2zAdMfwsAib6I1S6URLGxdcbQvcrDqFW8AL9Yo50ZKV9oSDlB6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLrrcqJia9T5zky0wkvDOb1I4lS4MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdXV0eW9tSnIxUG5PVExUQ1M4TTV2VWppVkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucfVAwQA
ud0aAwQAueK1MA0GCSqGSIb3DQEBCwUAA4IBAQCe0szwwRT1pLg2Cuwa5P0bfbD8
Ma7kKPHIo/fRZUVswvhzIXcmFwvUQ/ZUvlJFj2VjefnZ7gE/yThUFWt1u3cuPIoE
Vp85MXmhOKsjCJUSHy9Wv25JRWeH5Zk/Z+/Kd5g3CgjaSOCYmHgE5I65/nkO68+F
6q+Ts51Rb0PfmNEc7E4D3mNcU7+x9h8I6qiTDNIiFf8QLmhxbzE/nXryXgBtw0zR
KbGplMJRCF3aG8BwnQpje1JT/LJYSzYvunK4NkLb8895rB6BsyVB/+ySC/1a3kXj
zy12eGVEQAw0Ofbh/udb8g4mc8YcJFD4U7wLVj5jxwzfhuwz2PES49Vx8V1d
-----END CERTIFICATE-----
Generated at Mon Nov 18 12:16:04 2024 by rpki-client on console-fra.rpki-client.org