Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yCCHFo6xNSJiKLRddMncZ-7Tpn4.roa
File: yCCHFo6xNSJiKLRddMncZ-7Tpn4.roa (raw, json)
Hash identifier: vOGC+c0FSNPQJJ/PVz1Bnfe+z/mQ9P/wC+SSbPFEkPQ=
Subject key identifier: C8:20:87:16:8E:B1:35:22:62:28:B4:5D:74:C9:DC:67:EE:D3:A6:7E
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018731CDE3591AB668FA33496931BB7A15D3
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yCCHFo6xNSJiKLRddMncZ-7Tpn4.roa
Signing time: Thu 30 Mar 2023 09:16:29 +0000
ROA not before: Thu 30 Mar 2023 09:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.199.212.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 10:37:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:31:cd:e3:59:1a:b6:68:fa:33:49:69:31:bb:7a:15:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 30 09:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82087168eb135226228b45d74c9dc67eed3a67e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:ae:f3:0b:05:2c:aa:43:dd:26:13:e4:47:
f7:38:8d:79:52:ce:f7:56:76:24:50:a7:6f:90:34:
36:b0:04:eb:90:96:ed:67:c9:13:fe:b1:cb:92:d3:
29:d5:f7:1d:5a:74:20:46:ca:94:e0:91:2f:c2:1f:
9c:c4:83:8b:dc:33:88:86:51:96:6a:64:45:2a:78:
ec:31:21:4d:59:91:fa:8d:b7:82:da:2e:d8:25:7c:
df:ef:9a:88:6d:8c:2e:08:55:56:0a:cd:98:9a:31:
42:af:14:e3:36:fc:5c:a8:5f:7e:fd:57:de:3a:41:
93:f5:9e:0b:45:96:64:a0:86:d8:66:84:9b:a1:dc:
ef:31:ef:41:2f:f4:b7:83:c0:9a:87:15:18:a0:8c:
33:5d:95:b8:3c:8f:c6:3f:dd:8c:34:4e:b2:ff:9e:
fa:34:53:ae:7c:8e:10:bb:6e:25:58:85:c7:0f:f5:
a1:81:09:10:19:b3:4c:5f:0b:25:d4:95:ca:61:3a:
c2:06:db:1a:ea:6f:07:48:57:32:93:4c:c8:8c:14:
8a:b6:6f:ba:bf:a3:1f:51:60:4d:f2:06:f1:19:53:
b7:2e:5b:3a:83:17:36:2f:7c:27:eb:53:49:d5:34:
49:ae:0a:e1:a8:f1:ba:19:b7:bb:55:69:d1:05:68:
e6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:20:87:16:8E:B1:35:22:62:28:B4:5D:74:C9:DC:67:EE:D3:A6:7E
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yCCHFo6xNSJiKLRddMncZ-7Tpn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.246.0/23
185.199.148.0/24
185.199.212.0/24
185.226.180.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:c1:75:b9:91:b5:5e:63:e9:45:59:7a:05:a9:42:85:62:6b:
0e:f6:b3:d1:49:58:e5:f3:ee:50:2d:6c:c6:3a:3b:d5:b4:ba:
fa:cb:00:d1:0a:13:28:3f:72:eb:33:52:8b:57:f2:60:f9:90:
59:87:e5:5c:b8:57:36:7c:a2:f9:7b:fc:52:7c:db:b8:38:69:
9c:c2:6d:46:fd:6c:82:34:28:1f:20:70:b2:56:65:de:66:a8:
e9:c2:0a:82:07:8b:84:5c:5b:0a:b4:82:72:4a:4e:05:b2:04:
40:3c:a2:24:8d:94:14:cd:31:ea:b0:c2:b5:b6:59:43:e9:71:
be:8a:e9:01:da:c7:57:60:c8:0c:68:5c:dc:26:e6:e0:ee:6e:
45:16:03:d2:34:1e:97:2c:5a:28:74:c2:f8:8d:cd:8d:a0:51:
35:21:f1:a8:eb:62:b3:43:7c:30:c7:af:cc:c1:fa:84:c3:6c:
fc:a1:e7:bc:8f:9c:56:b3:2b:fb:f0:de:a7:aa:99:db:bb:91:
3b:84:8e:c4:df:89:ce:21:3c:e3:f3:fd:f1:78:f2:1a:ab:5e:
9f:03:14:ef:b0:df:49:6b:41:bf:57:2b:f3:16:2e:df:0c:af:
42:43:dd:89:72:c5:57:56:ad:15:61:8a:94:6c:60:a5:de:c2:
e4:66:0e:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcxzeNZGrZo+jNJaTG7ehXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMzMwMDkxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIwODcxNjhlYjEzNTIyNjIyOGI0NWQ3NGM5ZGM2N2VlZDNhNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjyu8wsFLKpD3SYT5Ef3OI15Us73
VnYkUKdvkDQ2sATrkJbtZ8kT/rHLktMp1fcdWnQgRsqU4JEvwh+cxIOL3DOIhlGW
amRFKnjsMSFNWZH6jbeC2i7YJXzf75qIbYwuCFVWCs2YmjFCrxTjNvxcqF9+/Vfe
OkGT9Z4LRZZkoIbYZoSbodzvMe9BL/S3g8CahxUYoIwzXZW4PI/GP92MNE6y/576
NFOufI4Qu24lWIXHD/WhgQkQGbNMXwsl1JXKYTrCBtsa6m8HSFcyk0zIjBSKtm+6
v6MfUWBN8gbxGVO3Lls6gxc2L3wn61NJ1TRJrgrhqPG6Gbe7VWnRBWjmNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMgghxaOsTUiYii0XXTJ3Gfu06Z+MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveUNDSEZvNnhOU0ppS0xSZGRNbmNaLTdUcG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBT2L2AwQA
uceUAwQAucfUAwQAueK0AwQAwpJcMA0GCSqGSIb3DQEBCwUAA4IBAQCNwXW5kbVe
Y+lFWXoFqUKFYmsO9rPRSVjl8+5QLWzGOjvVtLr6ywDRChMoP3LrM1KLV/Jg+ZBZ
h+VcuFc2fKL5e/xSfNu4OGmcwm1G/WyCNCgfIHCyVmXeZqjpwgqCB4uEXFsKtIJy
Sk4FsgRAPKIkjZQUzTHqsMK1tllD6XG+iukB2sdXYMgMaFzcJubg7m5FFgPSNB6X
LFoodML4jc2NoFE1IfGo62KzQ3wwx6/MwfqEw2z8oee8j5xWsyv78N6nqpnbu5E7
hI7E34nOITzj8/3xePIaq16fAxTvsN9Ja0G/VyvzFi7fDK9CQ92JcsVXVq0VYYqU
bGCl3sLkZg6j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org