Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xh2eoKipJq50GWlEZ_kfSWd1VC8.roa
File: xh2eoKipJq50GWlEZ_kfSWd1VC8.roa (raw, json)
Hash identifier: fLWwnv83zZ86pm2UTfwZVsW6gLhA/GYdbs7VHzDwXXc=
Subject key identifier: C6:1D:9E:A0:A8:A9:26:AE:74:19:69:44:67:F9:1F:49:67:75:54:2F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018FD85F2F46832CE116E094CF7606167B00
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xh2eoKipJq50GWlEZ_kfSWd1VC8.roa
Signing time: Sun 02 Jun 2024 09:54:27 +0000
ROA not before: Sun 02 Jun 2024 09:54:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 176.125.251.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jun 2024 00:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d8:5f:2f:46:83:2c:e1:16:e0:94:cf:76:06:16:7b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 2 09:54:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c61d9ea0a8a926ae7419694467f91f496775542f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3b:b3:09:10:98:79:fb:54:6a:c2:ee:3d:d1:
5b:5b:c9:53:cf:f2:fa:78:8d:1c:8e:eb:9a:4c:3b:
c8:4a:d9:98:c8:64:d1:c0:33:c6:6d:38:dd:6f:4e:
45:1d:de:e7:b8:ba:64:82:28:df:ec:e7:d9:64:05:
c7:82:69:95:ac:51:5f:f6:0e:ad:37:96:74:6e:f3:
3b:50:fb:92:08:2c:9f:c4:cc:5a:d0:6c:aa:d6:aa:
c8:be:69:83:5b:09:f1:fb:40:f4:d9:62:31:69:47:
e8:e1:f1:12:4c:3c:fe:b9:ef:78:a3:de:1a:84:56:
53:37:03:3b:87:95:31:6d:7d:c1:bc:78:e9:98:0a:
d6:e2:01:97:ef:42:b1:95:67:52:df:40:d5:bc:4d:
48:36:a2:c1:8b:95:ee:3f:75:c1:f1:b8:59:2f:d9:
8f:5e:20:91:6d:e9:5e:5c:9c:ed:e9:b3:e4:4b:ad:
c1:a4:b0:bb:e7:16:50:8d:86:c4:4e:63:75:c5:48:
50:40:5a:0b:43:67:82:01:69:54:3d:0c:e5:f3:ee:
18:a3:b3:10:7d:75:98:0d:52:21:a8:e2:8c:43:a1:
c2:f6:09:7a:25:ad:85:30:cc:38:1c:d6:11:e0:bb:
e0:1d:34:44:ea:67:d2:77:90:8f:3d:f3:65:3b:19:
bf:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1D:9E:A0:A8:A9:26:AE:74:19:69:44:67:F9:1F:49:67:75:54:2F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xh2eoKipJq50GWlEZ_kfSWd1VC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.251.0/24
185.199.213.0/24
185.226.182.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:7a:82:de:df:b2:74:00:ae:e0:c9:54:d4:51:26:03:c3:ea:
8f:20:6f:01:90:b7:f8:45:8d:c6:a1:f6:b1:f3:8e:e5:78:05:
ec:ea:5b:bb:a6:81:8e:31:f7:ad:28:4a:84:44:6c:bc:5d:cc:
7a:5f:49:ed:1c:ab:0d:74:95:d9:b4:f1:f7:b6:07:0f:46:20:
76:88:cc:5c:a1:44:73:b9:7f:20:c4:66:52:f6:1b:e3:87:ce:
63:34:0e:ff:7c:2b:12:22:01:3e:99:a6:00:a3:49:5a:e7:c7:
dc:07:82:b9:96:90:c5:64:59:64:0c:ef:01:cc:6b:2c:46:f4:
cc:23:ac:d7:4f:de:44:ac:43:aa:e8:26:a6:97:74:a8:48:19:
4b:9e:c5:d0:d3:46:3f:4d:b1:1c:52:97:4c:d4:15:b3:f3:d6:
36:2d:bd:ce:ce:4c:e6:52:18:54:fd:b4:3f:dc:8d:ef:09:a1:
c4:9f:96:48:43:cb:1a:fb:28:e2:cd:db:f2:7a:56:96:fb:54:
8f:01:6a:0d:5e:33:0b:c8:2d:28:b3:cf:21:a0:18:0a:a7:f3:
fa:11:42:b4:e6:74:89:bb:44:eb:2d:24:93:7d:c8:a1:2b:cd:
d2:31:c3:ef:56:0c:7c:90:ab:63:94:1b:72:13:62:06:5e:ea:
40:59:6d:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/YXy9GgyzhFuCUz3YGFnsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNjAyMDk1NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFkOWVhMGE4YTkyNmFlNzQxOTY5NDQ2N2Y5MWY0OTY3NzU1NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTuzCRCYeftUasLuPdFbW8lTz/L6
eI0cjuuaTDvIStmYyGTRwDPGbTjdb05FHd7nuLpkgijf7OfZZAXHgmmVrFFf9g6t
N5Z0bvM7UPuSCCyfxMxa0Gyq1qrIvmmDWwnx+0D02WIxaUfo4fESTDz+ue94o94a
hFZTNwM7h5UxbX3BvHjpmArW4gGX70KxlWdS30DVvE1INqLBi5XuP3XB8bhZL9mP
XiCRbeleXJzt6bPkS63BpLC75xZQjYbETmN1xUhQQFoLQ2eCAWlUPQzl8+4Yo7MQ
fXWYDVIhqOKMQ6HC9gl6Ja2FMMw4HNYR4LvgHTRE6mfSd5CPPfNlOxm/2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMYdnqCoqSaudBlpRGf5H0lndVQvMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveGgyZW9LaXBKcTUwR1dsRVpfa2ZTV2QxVkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH37AwQA
ucfVAwQAueK2MA0GCSqGSIb3DQEBCwUAA4IBAQDQeoLe37J0AK7gyVTUUSYDw+qP
IG8BkLf4RY3Gofax847leAXs6lu7poGOMfetKEqERGy8Xcx6X0ntHKsNdJXZtPH3
tgcPRiB2iMxcoURzuX8gxGZS9hvjh85jNA7/fCsSIgE+maYAo0la58fcB4K5lpDF
ZFlkDO8BzGssRvTMI6zXT95ErEOq6Caml3SoSBlLnsXQ00Y/TbEcUpdM1BWz89Y2
Lb3OzkzmUhhU/bQ/3I3vCaHEn5ZIQ8sa+yjizdvyelaW+1SPAWoNXjMLyC0os88h
oBgKp/P6EUK05nSJu0TrLSSTfcihK83SMcPvVgx8kKtjlBtyE2IGXupAWW2k
-----END CERTIFICATE-----
Generated at Fri Jun 14 01:56:05 2024 by rpki-client on console-ams.rpki-client.org