Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zsN50shhH9PoJ5NAf0jBagXMfUo.roa
File: zsN50shhH9PoJ5NAf0jBagXMfUo.roa (raw, json)
Hash identifier: 5tXqKQlJnWUX0sGxwZvI27pSubRYnoi0OrvO+tpCThY=
Subject key identifier: CE:C3:79:D2:C8:61:1F:D3:E8:27:93:40:7F:48:C1:6A:05:CC:7D:4A
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01888C816C1D766A8C16B8DCA9F85847C579
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zsN50shhH9PoJ5NAf0jBagXMfUo.roa
Signing time: Mon 05 Jun 2023 17:01:11 +0000
ROA not before: Mon 05 Jun 2023 17:01:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.199.212.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Jun 2023 15:24:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:81:6c:1d:76:6a:8c:16:b8:dc:a9:f8:58:47:c5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 5 17:01:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cec379d2c8611fd3e82793407f48c16a05cc7d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e9:08:11:36:38:4d:90:08:38:66:22:41:99:
ef:54:ef:46:6d:47:a9:c7:96:c8:62:4b:cf:67:55:
ab:4b:56:0e:b6:15:8e:86:9f:c0:ac:05:58:39:53:
ef:36:84:8e:7c:7f:aa:3e:47:bf:2a:1a:4a:97:06:
15:9a:a0:75:05:b2:71:83:5f:a3:63:27:fd:42:a2:
b3:58:08:08:3c:bd:7c:ad:03:9b:ef:7b:22:a5:59:
11:ac:6c:fa:e4:df:4b:4f:a6:b1:a0:06:d2:08:01:
ec:27:48:7e:55:34:84:3d:c6:6c:3f:5d:5b:a8:2d:
fa:af:b0:b5:e2:f3:f8:97:b6:18:68:ba:2a:ec:d5:
54:bb:66:6b:fa:c9:fb:65:45:1d:ad:7a:84:ad:61:
07:23:47:ba:bc:7c:3a:0e:2e:42:91:8f:68:74:c2:
02:10:72:a3:ec:6e:d5:b9:57:83:f7:b0:ba:4d:09:
06:34:11:af:e6:eb:95:0f:f5:70:b8:8c:dc:39:6a:
03:9c:cd:fa:d5:cb:39:2b:39:16:1e:3a:23:6e:c0:
27:e9:81:5f:84:9c:c8:10:2a:33:27:72:41:63:f8:
15:6f:fc:03:e5:72:6f:a1:ff:af:34:89:4b:d5:ce:
21:a9:3d:4a:92:c0:5b:72:d0:da:9c:5e:82:5f:1c:
1d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C3:79:D2:C8:61:1F:D3:E8:27:93:40:7F:48:C1:6A:05:CC:7D:4A
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zsN50shhH9PoJ5NAf0jBagXMfUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.149.0/24
185.199.212.0/24
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
74:e8:e2:32:e8:e2:69:c1:bb:c3:49:6f:24:bf:7c:77:68:c7:
87:15:99:7b:ff:37:07:2a:6f:7b:85:ac:45:31:80:8d:37:bd:
c7:02:c5:f4:9f:5d:de:24:95:b1:6c:8f:5a:fd:79:75:25:f8:
41:62:19:3b:5e:58:61:06:aa:06:35:be:fe:70:5c:7e:ce:16:
b9:cd:ca:55:df:72:52:a0:2b:84:24:a0:0c:50:ae:f1:72:b2:
0c:5d:24:11:e6:32:71:6a:4a:d7:04:03:d4:f3:8d:3f:5c:d3:
24:9d:e9:4d:11:27:bd:bb:39:e7:1e:5d:52:e6:f0:7f:3e:72:
d3:af:f6:be:16:2d:a4:23:55:33:7a:70:94:23:77:60:89:fc:
9c:24:4c:16:17:c6:62:c1:f3:06:da:a5:57:99:37:4d:04:ab:
c7:f3:84:d4:62:24:61:e7:be:3b:3d:d9:79:e5:40:14:9d:5a:
85:0a:3c:80:21:b0:99:40:43:e7:43:a8:b6:8d:a8:76:4f:8e:
d1:ad:3a:1d:6e:66:14:1e:ec:af:f5:02:c2:70:2f:da:11:44:
d5:70:31:0c:a0:95:91:ac:7c:41:cf:5d:c7:01:51:10:3e:18:
d9:e3:0a:48:e8:0e:00:7b:9c:cc:cf:70:1a:03:37:a3:56:52:
80:d8:74:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiMgWwddmqMFrjcqfhYR8V5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjA1MTcwMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMzNzlkMmM4NjExZmQzZTgyNzkzNDA3ZjQ4YzE2YTA1Y2M3ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+kIETY4TZAIOGYiQZnvVO9GbUep
x5bIYkvPZ1WrS1YOthWOhp/ArAVYOVPvNoSOfH+qPke/KhpKlwYVmqB1BbJxg1+j
Yyf9QqKzWAgIPL18rQOb73sipVkRrGz65N9LT6axoAbSCAHsJ0h+VTSEPcZsP11b
qC36r7C14vP4l7YYaLoq7NVUu2Zr+sn7ZUUdrXqErWEHI0e6vHw6Di5CkY9odMIC
EHKj7G7VuVeD97C6TQkGNBGv5uuVD/VwuIzcOWoDnM361cs5KzkWHjojbsAn6YFf
hJzIECozJ3JBY/gVb/wD5XJvof+vNIlL1c4hqT1KksBbctDanF6CXxwdAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM7DedLIYR/T6CeTQH9IwWoFzH1KMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvenNONTBzaGhIOVBvSjVOQWYwakJhZ1hNZlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuceVAwQA
ucfUAwQAwpJdMA0GCSqGSIb3DQEBCwUAA4IBAQB06OIy6OJpwbvDSW8kv3x3aMeH
FZl7/zcHKm97haxFMYCNN73HAsX0n13eJJWxbI9a/Xl1JfhBYhk7XlhhBqoGNb7+
cFx+zha5zcpV33JSoCuEJKAMUK7xcrIMXSQR5jJxakrXBAPU840/XNMknelNESe9
uznnHl1S5vB/PnLTr/a+Fi2kI1UzenCUI3dgifycJEwWF8ZiwfMG2qVXmTdNBKvH
84TUYiRh5747Pdl55UAUnVqFCjyAIbCZQEPnQ6i2jah2T47RrTodbmYUHuyv9QLC
cC/aEUTVcDEMoJWRrHxBz13HAVEQPhjZ4wpI6A4Ae5zMz3AaAzejVlKA2HSZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org