Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vSCuUbkSV49Qx1MmaG04MNt9OHc.roa
File: vSCuUbkSV49Qx1MmaG04MNt9OHc.roa (raw, json)
Hash identifier: OMxREPvO34nsaimwCEwQM5nZ8Um35puo6RacVrIbbbo=
Subject key identifier: BD:20:AE:51:B9:12:57:8F:50:C7:53:26:68:6D:38:30:DB:7D:38:77
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0187E68F6DA8C80DCA96892F9E00C237C0F3
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vSCuUbkSV49Qx1MmaG04MNt9OHc.roa
Signing time: Thu 04 May 2023 11:39:32 +0000
ROA not before: Thu 04 May 2023 11:39:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 May 2023 18:29:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:8f:6d:a8:c8:0d:ca:96:89:2f:9e:00:c2:37:c0:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 4 11:39:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd20ae51b912578f50c75326686d3830db7d3877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:72:cb:b4:0e:1d:e0:8d:83:80:6a:a2:1b:aa:
12:27:b0:b5:0f:0f:15:eb:2f:33:5d:ec:fd:9f:4f:
da:92:31:2c:27:b9:a3:5a:f3:d3:f7:89:3e:76:38:
36:e6:f2:5d:be:fa:67:e7:dd:1d:0d:e4:00:c7:db:
08:b0:95:0d:27:1d:91:83:c1:a3:da:42:53:53:9c:
ce:e3:cf:58:27:73:d5:58:bd:19:da:5a:53:05:24:
3d:61:a9:51:1b:16:e4:70:4d:d1:a1:49:37:7d:6c:
04:81:ef:3c:01:a7:3a:86:ac:fa:db:46:93:bf:39:
63:5e:0f:e0:cc:e6:5f:f0:9c:7b:cf:b9:57:ee:0b:
46:49:58:ca:12:fa:f4:9a:af:45:6f:af:07:82:c9:
ce:83:3c:23:68:77:67:83:49:71:0d:b2:30:bd:48:
b2:38:2e:1c:0a:17:58:f2:7b:be:f1:6c:84:d7:47:
d4:ac:5f:cd:36:cf:12:f2:48:a8:37:64:46:6f:fa:
85:cd:80:f2:41:f2:20:8d:c7:02:d0:21:1d:7a:cf:
9d:b7:c8:fb:c4:ce:9a:60:bc:a3:74:e2:fd:e7:b2:
af:98:d0:1d:4b:8b:cc:5f:35:f7:59:33:af:ed:bf:
a7:4d:17:6b:7d:e1:ac:d0:01:73:00:76:7c:f4:f9:
95:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:20:AE:51:B9:12:57:8F:50:C7:53:26:68:6D:38:30:DB:7D:38:77
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vSCuUbkSV49Qx1MmaG04MNt9OHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.246.0/23
185.199.148.0/24
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:f6:a5:32:e3:49:0e:46:75:d1:a9:ab:e1:23:5f:3e:8c:e5:
25:af:9a:9b:1a:69:aa:5b:af:63:ba:92:fa:e7:b9:a1:9d:da:
f4:26:dd:6f:c6:57:98:60:11:31:72:76:3a:ff:f1:bc:c0:0c:
1e:ee:46:9e:d7:eb:30:60:d5:b8:06:a4:0a:e3:94:7d:dc:70:
3a:23:2b:70:3d:3b:0b:4e:f8:db:a3:b4:90:0c:64:a0:39:55:
02:be:a7:db:85:09:a7:93:b5:3e:da:7c:23:0b:fb:43:ee:c5:
b9:f7:44:86:29:96:8a:63:49:3c:f0:58:45:3d:24:14:cc:45:
f4:04:97:36:38:e8:cb:7a:4e:99:f8:51:8d:29:c9:28:ea:74:
61:a8:b9:e8:7f:d1:13:2c:4d:80:ba:d5:e2:98:d3:64:5c:c4:
25:7f:20:47:b2:f7:3f:e4:69:e2:22:ee:df:58:15:7d:6f:b9:
33:6a:42:1a:ec:88:d7:35:44:ef:ff:db:b2:51:29:a7:0b:46:
c7:67:c6:7d:17:17:7e:84:fc:f3:97:28:92:c1:26:a6:ae:6c:
d1:12:e1:52:d8:1b:49:4d:61:60:88:b2:4c:2b:25:32:79:fd:
b7:86:47:44:2b:af:d4:7c:0b:82:fe:d0:57:01:f6:b6:52:56:
7c:69:d9:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfmj22oyA3KlokvngDCN8DzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTA0MTEzOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDIwYWU1MWI5MTI1NzhmNTBjNzUzMjY2ODZkMzgzMGRiN2QzODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nLLtA4d4I2DgGqiG6oSJ7C1Dw8V
6y8zXez9n0/akjEsJ7mjWvPT94k+djg25vJdvvpn590dDeQAx9sIsJUNJx2Rg8Gj
2kJTU5zO489YJ3PVWL0Z2lpTBSQ9YalRGxbkcE3RoUk3fWwEge88Aac6hqz620aT
vzljXg/gzOZf8Jx7z7lX7gtGSVjKEvr0mq9Fb68HgsnOgzwjaHdng0lxDbIwvUiy
OC4cChdY8nu+8WyE10fUrF/NNs8S8kioN2RGb/qFzYDyQfIgjccC0CEdes+dt8j7
xM6aYLyjdOL957KvmNAdS4vMXzX3WTOv7b+nTRdrfeGs0AFzAHZ89PmVFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL0grlG5ElePUMdTJmhtODDbfTh3MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdlNDdVVia1NWNDlReDFNbWFHMDRNTnQ5T0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBT2L2AwQA
uceUAwQBueGqMA0GCSqGSIb3DQEBCwUAA4IBAQCu9qUy40kORnXRqavhI18+jOUl
r5qbGmmqW69jupL657mhndr0Jt1vxleYYBExcnY6//G8wAwe7kae1+swYNW4BqQK
45R93HA6IytwPTsLTvjbo7SQDGSgOVUCvqfbhQmnk7U+2nwjC/tD7sW590SGKZaK
Y0k88FhFPSQUzEX0BJc2OOjLek6Z+FGNKcko6nRhqLnof9ETLE2AutXimNNkXMQl
fyBHsvc/5GniIu7fWBV9b7kzakIa7IjXNUTv/9uyUSmnC0bHZ8Z9Fxd+hPzzlyiS
wSamrmzREuFS2BtJTWFgiLJMKyUyef23hkdEK6/UfAuC/tBXAfa2UlZ8admN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org