Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/io3cktqVwC55c_uUDtdOabokzps.roa
File: io3cktqVwC55c_uUDtdOabokzps.roa (raw, json)
Hash identifier: buyryCacdEUshENtRjqm7HUI48Ozy/FsblGVvCgmvrM=
Subject key identifier: 8A:8D:DC:92:DA:95:C0:2E:79:73:FB:94:0E:D7:4E:69:BA:24:CE:9B
Certificate issuer: /CN=dfa7e00738d3f7b8de48de38627567768e2f89b6
Certificate serial: 018E707D040502EEF5AF004B8FBC00CECB23
Authority key identifier: DF:A7:E0:07:38:D3:F7:B8:DE:48:DE:38:62:75:67:76:8E:2F:89:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36fgBzjT97jeSN44YnVndo4vibY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/io3cktqVwC55c_uUDtdOabokzps.roa
Signing time: Sun 24 Mar 2024 12:43:44 +0000
ROA not before: Sun 24 Mar 2024 12:43:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199987
IP address blocks: 185.40.35.0/24 maxlen: 24
2a01:4ba0::/29 maxlen: 29
2a01:4ba0::/48 maxlen: 48
2a01:4ba0:1::/48 maxlen: 48
2a01:4ba0:2::/48 maxlen: 48
2a01:4ba0:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 May 2024 18:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:70:7d:04:05:02:ee:f5:af:00:4b:8f:bc:00:ce:cb:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa7e00738d3f7b8de48de38627567768e2f89b6
Validity
Not Before: Mar 24 12:43:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a8ddc92da95c02e7973fb940ed74e69ba24ce9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:73:75:e1:c6:99:a3:72:8a:d6:67:ac:cf:a3:
06:79:3b:4c:5b:72:68:15:b9:b5:a2:87:72:b2:de:
b3:97:ef:9d:f9:f3:ae:cf:44:36:d3:21:20:4a:a0:
1c:9f:fe:55:ac:88:c1:51:78:e2:29:d5:e5:0e:91:
e8:dd:0e:14:1e:b8:59:0c:67:bd:3e:08:71:98:93:
32:d1:e8:12:2b:fb:52:ac:2c:63:d3:d7:2e:1e:e3:
28:e3:80:2f:96:e7:93:6e:1f:37:40:04:a7:1f:a0:
eb:20:a6:63:92:9e:0d:17:89:5e:29:c6:85:e0:1c:
3a:89:6f:e5:15:b6:25:9f:cd:b0:09:24:f3:63:b8:
31:4d:97:4b:b7:c7:28:89:a5:19:db:18:2b:9c:83:
0c:e0:c9:55:5e:28:9f:1b:4d:b0:11:71:31:19:ce:
cf:15:c5:62:6d:07:fc:12:a6:11:99:f3:a8:3b:d3:
9c:22:17:5f:c7:d2:09:42:f7:09:fc:d0:29:48:c2:
0d:49:9b:ee:ad:6f:02:5b:de:f6:61:8f:02:a3:67:
e3:49:53:4a:6a:07:77:a5:7e:02:75:85:fa:d2:18:
ef:84:d1:b4:b2:84:20:81:2a:84:bf:89:25:e2:99:
35:78:22:e8:54:5b:39:25:18:a9:b9:b3:88:28:2b:
3f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:8D:DC:92:DA:95:C0:2E:79:73:FB:94:0E:D7:4E:69:BA:24:CE:9B
X509v3 Authority Key Identifier:
keyid:DF:A7:E0:07:38:D3:F7:B8:DE:48:DE:38:62:75:67:76:8E:2F:89:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36fgBzjT97jeSN44YnVndo4vibY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/io3cktqVwC55c_uUDtdOabokzps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/36fgBzjT97jeSN44YnVndo4vibY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.35.0/24
IPv6:
2a01:4ba0::/29
Signature Algorithm: sha256WithRSAEncryption
32:77:13:72:f8:2b:96:2d:75:5e:5f:e6:00:1d:a9:3d:b4:99:
fe:f8:e2:23:f9:75:d5:75:d3:87:bf:69:12:7e:ed:0c:df:3f:
af:87:61:8a:21:76:34:ea:22:4e:7a:44:74:5b:08:5a:15:6b:
50:19:61:7c:a8:76:e1:7b:b3:32:98:6c:eb:c3:40:8b:42:7a:
92:a8:d6:e4:5e:7f:01:55:80:d8:47:56:05:ed:f4:43:59:4d:
7d:d4:b2:8b:e8:e9:e4:ee:26:26:00:3b:14:c4:07:f6:bb:2d:
c8:a9:0e:11:61:ef:ea:cc:ba:91:89:12:44:3b:e8:5e:12:a3:
28:1d:e1:c5:01:68:6d:83:7f:81:9d:3d:5b:80:a0:10:00:f7:
5f:e5:09:a2:a2:2c:5c:eb:54:d3:ac:f3:ad:39:1e:4d:8d:1d:
5b:3b:a2:99:f7:88:9a:66:8f:18:f2:40:db:53:8e:a3:46:ae:
33:4d:da:18:a2:0e:6f:e7:40:cb:50:6b:bd:30:67:01:e7:77:
7a:05:78:71:21:e2:9b:a0:39:fb:cd:00:37:2f:5c:d9:f3:f5:
9d:b5:bd:41:18:96:02:a6:88:2b:a0:54:a0:44:f5:51:45:16:
df:cb:66:32:94:3d:82:07:89:e8:d0:e5:9b:b5:1d:71:9d:cf:
17:74:7f:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5wfQQFAu71rwBLj7wAzssjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTdlMDA3MzhkM2Y3YjhkZTQ4ZGUzODYyNzU2Nzc2OGUy
Zjg5YjYwHhcNMjQwMzI0MTI0MzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YThkZGM5MmRhOTVjMDJlNzk3M2ZiOTQwZWQ3NGU2OWJhMjRjZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXN14caZo3KK1mesz6MGeTtMW3Jo
Fbm1oodyst6zl++d+fOuz0Q20yEgSqAcn/5VrIjBUXjiKdXlDpHo3Q4UHrhZDGe9
PghxmJMy0egSK/tSrCxj09cuHuMo44AvlueTbh83QASnH6DrIKZjkp4NF4leKcaF
4Bw6iW/lFbYln82wCSTzY7gxTZdLt8coiaUZ2xgrnIMM4MlVXiifG02wEXExGc7P
FcVibQf8EqYRmfOoO9OcIhdfx9IJQvcJ/NApSMINSZvurW8CW972YY8Co2fjSVNK
agd3pX4CdYX60hjvhNG0soQggSqEv4kl4pk1eCLoVFs5JRipubOIKCs/0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIqN3JLalcAueXP7lA7XTmm6JM6bMB8GA1UdIwQY
MBaAFN+n4Ac40/e43kjeOGJ1Z3aOL4m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZmZ0J6alQ5N2plU040NFluVm5kbzR2aWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYmVjMWYtMDdjNS00OWYyLWJhNjYt
MmIxZmFmY2NkZDBiLzEvaW8zY2t0cVZ3QzU1Y191VUR0ZE9hYm9renBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kYmVjMWYtMDdjNS00OWYyLWJhNjYtMmIxZmFmY2NkZDBi
LzEvMzZmZ0J6alQ5N2plU040NFluVm5kbzR2aWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSgjMA0E
AgACMAcDBQMqAUugMA0GCSqGSIb3DQEBCwUAA4IBAQAydxNy+CuWLXVeX+YAHak9
tJn++OIj+XXVddOHv2kSfu0M3z+vh2GKIXY06iJOekR0WwhaFWtQGWF8qHbhe7My
mGzrw0CLQnqSqNbkXn8BVYDYR1YF7fRDWU191LKL6Onk7iYmADsUxAf2uy3IqQ4R
Ye/qzLqRiRJEO+heEqMoHeHFAWhtg3+BnT1bgKAQAPdf5Qmioixc61TTrPOtOR5N
jR1bO6KZ94iaZo8Y8kDbU46jRq4zTdoYog5v50DLUGu9MGcB53d6BXhxIeKboDn7
zQA3L1zZ8/Wdtb1BGJYCpogroFSgRPVRRRbfy2YylD2CB4no0OWbtR1xnc8XdH8l
-----END CERTIFICATE-----
Generated at Thu May 16 21:49:34 2024 by rpki-client on console-ams.rpki-client.org