Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/xuE8CYKo3ncBg2yGTYo6hsyftxI.roa
File: xuE8CYKo3ncBg2yGTYo6hsyftxI.roa (raw, json)
Hash identifier: G8lE47r7GHWZWHpJgFXUBgX1m9xzYq2CfJmN/UAkCCM=
Subject key identifier: C6:E1:3C:09:82:A8:DE:77:01:83:6C:86:4D:8A:3A:86:CC:9F:B7:12
Certificate issuer: /CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
Certificate serial: 018CC8DD0C68B4B347C5BEC22E3BFF901A43
Authority key identifier: 35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/xuE8CYKo3ncBg2yGTYo6hsyftxI.roa
Signing time: Tue 02 Jan 2024 06:29:38 +0000
ROA not before: Tue 02 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200553
IP address blocks: 185.100.33.0/24 maxlen: 24
185.100.32.0/22 maxlen: 22
185.100.34.0/24 maxlen: 24
185.100.35.0/24 maxlen: 24
185.100.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 08:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:0c:68:b4:b3:47:c5:be:c2:2e:3b:ff:90:1a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
Validity
Not Before: Jan 2 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6e13c0982a8de7701836c864d8a3a86cc9fb712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7e:fc:b2:c1:54:ef:f0:73:5a:7d:e6:e7:cb:
98:01:a1:93:ab:31:a6:d8:bd:fb:b7:de:e1:8c:d2:
fd:8d:96:28:a9:19:a3:2f:20:68:56:42:bf:bd:ce:
52:8f:03:87:3c:ff:68:8d:95:92:c8:9b:8f:ca:26:
2c:f0:a7:67:69:b9:1f:ed:c1:15:0b:a5:68:77:f6:
a6:58:cf:d4:ec:cf:4f:63:8f:42:85:32:fb:da:19:
c2:3f:0a:bd:b7:26:3f:3e:52:a9:25:3b:a7:9f:05:
27:dd:96:e8:5c:56:b9:2f:ed:54:49:bf:16:43:e8:
35:e8:fc:5f:46:33:5f:d1:62:ae:41:f8:96:c7:87:
b3:f8:6a:d6:fc:fd:ed:da:95:83:16:ca:20:96:ad:
0a:19:f5:16:27:80:f3:ae:f5:c9:cc:9d:4f:b5:ab:
57:5a:d2:a0:c3:2e:63:15:3c:da:0e:4f:09:f6:80:
9a:a8:b7:df:9f:e6:7e:82:ec:fa:66:e3:12:d0:15:
9d:08:89:8e:fc:71:dd:96:a2:7f:d8:08:b9:b2:4c:
e4:e6:31:65:44:a5:dd:e6:86:85:0a:cc:c2:8e:97:
28:da:d8:70:19:28:2e:29:15:d3:6d:d9:82:fb:4d:
9b:14:e5:e1:28:ff:66:34:f4:e0:25:fe:b7:4c:21:
8c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E1:3C:09:82:A8:DE:77:01:83:6C:86:4D:8A:3A:86:CC:9F:B7:12
X509v3 Authority Key Identifier:
keyid:35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/xuE8CYKo3ncBg2yGTYo6hsyftxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/NdHNq6MVWd4SqxnXnxri0hjDefc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.32.0/22
Signature Algorithm: sha256WithRSAEncryption
76:cc:bb:df:22:d7:98:cc:d0:90:b2:87:a2:d9:df:d9:f1:2a:
1d:b9:17:77:42:fe:77:27:e5:db:83:b8:d1:f0:3d:45:b7:e4:
4b:51:59:1b:12:7b:0f:2a:27:72:a3:76:f9:c3:13:31:85:36:
0f:d3:fe:4d:92:5f:b3:8f:37:01:63:6e:8d:d5:18:b3:9d:db:
fe:a9:86:fa:8c:6b:77:64:61:9d:a0:68:de:65:0c:9c:cb:1b:
a8:3b:75:7e:24:17:7d:31:3f:79:28:47:24:81:a3:9f:ec:f9:
02:e2:97:a7:cc:c8:5c:d8:1d:19:94:07:e3:26:ca:8c:21:8a:
b0:a5:4c:f5:1b:a3:0f:bf:43:7b:5d:15:59:c9:78:89:eb:44:
60:22:ec:70:53:4d:d7:62:71:7e:3a:a5:35:15:0f:19:79:57:
4c:79:ce:86:1f:de:c7:59:7b:1c:b4:9f:87:a8:4d:25:f9:aa:
ad:bc:4e:80:73:5c:ab:75:66:b6:b1:0c:fc:c2:f6:82:30:23:
46:67:36:8d:cb:0c:1f:04:c8:f9:ef:80:b0:40:28:f7:be:9f:
d4:ca:f3:86:f4:bf:5d:7a:a8:92:86:f1:d4:73:b9:66:bc:d9:
5e:c1:d0:54:df:22:01:dc:ae:18:60:67:75:2b:a9:87:06:55:
43:82:93:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QxotLNHxb7CLjv/kBpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDFjZGFiYTMxNTU5ZGUxMmFiMTlkNzlmMWFlMmQyMThj
Mzc5ZjcwHhcNMjQwMTAyMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmUxM2MwOTgyYThkZTc3MDE4MzZjODY0ZDhhM2E4NmNjOWZiNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn378ssFU7/BzWn3m58uYAaGTqzGm
2L37t97hjNL9jZYoqRmjLyBoVkK/vc5SjwOHPP9ojZWSyJuPyiYs8Kdnabkf7cEV
C6Vod/amWM/U7M9PY49ChTL72hnCPwq9tyY/PlKpJTunnwUn3ZboXFa5L+1USb8W
Q+g16PxfRjNf0WKuQfiWx4ez+GrW/P3t2pWDFsoglq0KGfUWJ4DzrvXJzJ1PtatX
WtKgwy5jFTzaDk8J9oCaqLffn+Z+guz6ZuMS0BWdCImO/HHdlqJ/2Ai5skzk5jFl
RKXd5oaFCszCjpco2thwGSguKRXTbdmC+02bFOXhKP9mNPTgJf63TCGM5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbhPAmCqN53AYNshk2KOobMn7cSMB8GA1UdIwQY
MBaAFDXRzaujFVneEqsZ158a4tIYw3n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAt
M2ZmOTI2MDg1NTI3LzEveHVFOENZS28zbmNCZzJ5R1RZbzZoc3lmdHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAtM2ZmOTI2MDg1NTI3
LzEvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWQgMA0G
CSqGSIb3DQEBCwUAA4IBAQB2zLvfIteYzNCQsoei2d/Z8SoduRd3Qv53J+Xbg7jR
8D1Ft+RLUVkbEnsPKidyo3b5wxMxhTYP0/5Nkl+zjzcBY26N1Rizndv+qYb6jGt3
ZGGdoGjeZQycyxuoO3V+JBd9MT95KEckgaOf7PkC4penzMhc2B0ZlAfjJsqMIYqw
pUz1G6MPv0N7XRVZyXiJ60RgIuxwU03XYnF+OqU1FQ8ZeVdMec6GH97HWXsctJ+H
qE0l+aqtvE6Ac1yrdWa2sQz8wvaCMCNGZzaNywwfBMj574CwQCj3vp/UyvOG9L9d
eqiShvHUc7lmvNlewdBU3yIB3K4YYGd1K6mHBlVDgpNC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:42 2024 by rpki-client on console-ams.rpki-client.org