Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xAxlBErAkx35Bj9_TFR1atY14vY.roa
File: xAxlBErAkx35Bj9_TFR1atY14vY.roa (raw, json)
Hash identifier: bhANF7I5AVCt6PpOdhje99cauX4ntbjg4zV5f1IPGGI=
Subject key identifier: C4:0C:65:04:4A:C0:93:1D:F9:06:3F:7F:4C:54:75:6A:D6:35:E2:F6
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0187E68F6E43A6B5585E50A49F34D0885FAD
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xAxlBErAkx35Bj9_TFR1atY14vY.roa
Signing time: Thu 04 May 2023 11:39:32 +0000
ROA not before: Thu 04 May 2023 11:39:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 185.199.213.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:8f:6e:43:a6:b5:58:5e:50:a4:9f:34:d0:88:5f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 4 11:39:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c40c65044ac0931df9063f7f4c54756ad635e2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:83:b9:65:db:c3:4b:35:2a:f6:5e:5a:df:d7:
82:0a:be:ec:df:c9:a3:71:9a:15:44:b6:79:a7:bd:
01:90:64:a6:e6:5d:c0:12:56:e0:32:96:d0:75:31:
10:0e:f1:f6:da:6a:f9:12:ff:75:43:f7:8a:e5:55:
8e:85:9f:ef:54:14:b0:d2:7e:ec:37:6f:d8:e5:37:
fd:1b:01:bb:97:ce:3f:62:57:ec:c1:c8:a8:c8:fd:
79:cd:8f:10:17:b2:3e:9b:28:56:73:30:72:5d:99:
77:0b:fe:45:16:77:01:d6:91:68:8b:54:20:f8:a6:
8e:42:7e:f2:b7:dc:37:f3:89:43:62:3b:f1:ad:58:
2d:26:fc:94:71:2c:f1:57:aa:63:85:2f:ac:a8:3e:
18:4d:de:9a:1b:f8:87:3d:7a:ba:4c:20:61:d7:31:
12:b4:7a:9f:ba:bd:20:53:6d:8c:49:35:d6:e3:b0:
ad:39:08:61:0c:84:06:11:91:a0:fe:d8:d7:7e:df:
06:18:72:30:ad:fa:d4:da:44:b5:82:d6:7a:c2:90:
ce:6c:28:e7:5c:93:a7:1b:a0:19:a6:67:d6:ce:24:
4d:48:91:38:95:c0:d7:c1:82:0a:b2:c3:76:87:4c:
98:8e:46:6a:f8:02:fc:12:23:3c:04:cc:be:72:fe:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0C:65:04:4A:C0:93:1D:F9:06:3F:7F:4C:54:75:6A:D6:35:E2:F6
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xAxlBErAkx35Bj9_TFR1atY14vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.209.0/24
185.199.213.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:c9:8b:e6:89:1a:fe:60:9c:67:33:f7:bc:2d:1d:7a:90:f2:
01:60:32:92:a9:51:2a:1d:96:ce:c8:73:ba:c5:18:a2:38:ba:
b7:b1:18:d2:55:21:04:ed:d8:68:c0:59:da:da:45:fd:75:c6:
aa:4f:ad:b0:29:e8:74:88:63:bc:3e:33:f1:e5:dd:8f:54:ce:
5d:18:ba:3c:28:d6:3d:e8:1e:c7:26:d8:9c:60:07:e0:9d:6d:
90:3d:e8:a0:c6:10:fb:9a:ee:fa:7a:11:c9:bc:2a:d4:57:e4:
00:0f:17:ef:eb:ef:74:88:c9:4d:09:c6:29:ca:5f:49:6f:5c:
27:27:77:bd:be:35:95:4c:1b:44:0a:32:7f:93:54:64:b0:59:
7f:9d:39:81:f3:03:6a:2e:6f:54:42:0c:ba:6e:46:ba:4e:c7:
b6:f1:46:21:97:0e:65:d9:0c:5c:f0:a2:04:47:fa:74:1b:35:
e6:c5:de:50:29:02:6a:f3:42:d5:04:9b:30:ef:6f:22:68:3b:
2f:03:e5:74:c0:d1:d0:5d:37:aa:a1:95:3f:fb:e8:e2:d5:5b:
bb:2a:b2:6a:3b:79:b1:ae:a4:4e:da:d6:be:0a:45:17:2c:40:
38:03:53:88:69:4d:4f:51:f7:f8:0a:65:e4:12:d9:d6:fa:0a:
92:a3:95:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfmj25DprVYXlCknzTQiF+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTA0MTEzOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBjNjUwNDRhYzA5MzFkZjkwNjNmN2Y0YzU0NzU2YWQ2MzVlMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYO5ZdvDSzUq9l5a39eCCr7s38mj
cZoVRLZ5p70BkGSm5l3AElbgMpbQdTEQDvH22mr5Ev91Q/eK5VWOhZ/vVBSw0n7s
N2/Y5Tf9GwG7l84/YlfswcioyP15zY8QF7I+myhWczByXZl3C/5FFncB1pFoi1Qg
+KaOQn7yt9w384lDYjvxrVgtJvyUcSzxV6pjhS+sqD4YTd6aG/iHPXq6TCBh1zES
tHqfur0gU22MSTXW47CtOQhhDIQGEZGg/tjXft8GGHIwrfrU2kS1gtZ6wpDObCjn
XJOnG6AZpmfWziRNSJE4lcDXwYIKssN2h0yYjkZq+AL8EiM8BMy+cv4EewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMQMZQRKwJMd+QY/f0xUdWrWNeL2MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveEF4bEJFckFreDM1Qmo5X1RGUjFhdFkxNHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ3RAwQA
ucfVMA0GCSqGSIb3DQEBCwUAA4IBAQC8yYvmiRr+YJxnM/e8LR16kPIBYDKSqVEq
HZbOyHO6xRiiOLq3sRjSVSEE7dhowFna2kX9dcaqT62wKeh0iGO8PjPx5d2PVM5d
GLo8KNY96B7HJticYAfgnW2QPeigxhD7mu76ehHJvCrUV+QADxfv6+90iMlNCcYp
yl9Jb1wnJ3e9vjWVTBtECjJ/k1RksFl/nTmB8wNqLm9UQgy6bka6Tse28UYhlw5l
2Qxc8KIER/p0GzXmxd5QKQJq80LVBJsw728iaDsvA+V0wNHQXTeqoZU/++ji1Vu7
KrJqO3mxrqRO2ta+CkUXLEA4A1OIaU1PUff4CmXkEtnW+gqSo5Xx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org