Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/tfY1d8sX60HKV6h-8QCRX4nE0cI.roa
File: tfY1d8sX60HKV6h-8QCRX4nE0cI.roa (raw, json)
Hash identifier: NS5D33ulqtHKmURnrvab/9CJGzEIdg0lF0t6QLWdJJA=
Subject key identifier: B5:F6:35:77:CB:17:EB:41:CA:57:A8:7E:F1:00:91:5F:89:C4:D1:C2
Certificate issuer: /CN=603831a61bc8a8f4cb85887022fb6f86397345dc
Certificate serial: 018EBD9797E8DEC071A6008AD1F175C3AFE4
Authority key identifier: 60:38:31:A6:1B:C8:A8:F4:CB:85:88:70:22:FB:6F:86:39:73:45:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDgxphvIqPTLhYhwIvtvhjlzRdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/tfY1d8sX60HKV6h-8QCRX4nE0cI.roa
Signing time: Mon 08 Apr 2024 12:03:32 +0000
ROA not before: Mon 08 Apr 2024 12:03:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 185.34.224.0/24 maxlen: 24
185.34.225.0/24 maxlen: 24
185.34.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 07:39:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:97:97:e8:de:c0:71:a6:00:8a:d1:f1:75:c3:af:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=603831a61bc8a8f4cb85887022fb6f86397345dc
Validity
Not Before: Apr 8 12:03:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5f63577cb17eb41ca57a87ef100915f89c4d1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ca:16:05:00:4e:da:92:89:25:86:77:52:bd:
c8:aa:72:4a:de:d4:40:27:03:36:e3:25:1a:8a:9b:
b5:2e:11:a2:70:90:88:99:c8:89:fd:4d:bb:74:77:
9f:41:8f:55:4c:ef:80:c5:9e:ea:34:a1:6a:e0:ed:
da:79:d5:40:83:b1:05:ed:b4:76:ef:5d:f3:ce:f9:
37:a2:06:bc:e3:14:f1:c2:a5:74:53:45:7e:91:28:
d0:98:94:d2:f5:43:af:aa:b6:ef:9d:dc:18:57:f0:
46:88:01:c4:73:94:f0:e8:73:1f:07:0e:54:70:ac:
26:de:25:c5:e1:f5:55:d5:0a:9d:58:0e:9a:a2:fc:
03:9f:55:d6:46:3e:d5:30:39:d8:2d:47:a6:71:db:
9e:06:46:40:25:a6:91:e8:86:b9:df:6a:3f:66:0a:
0c:68:e8:62:09:ad:ec:c8:03:da:55:b6:c6:e4:0c:
b0:75:9d:e6:24:8f:4a:45:34:5a:a7:fe:cf:80:03:
8e:6c:71:f7:8d:0e:68:83:42:fb:19:e1:81:7e:65:
e6:12:56:0e:e3:65:87:2e:83:9a:86:83:ae:56:a9:
77:eb:26:c4:c0:7b:58:97:59:08:55:5e:28:a6:51:
f6:34:d6:77:54:9e:48:06:4a:e5:af:48:5c:e9:0b:
91:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F6:35:77:CB:17:EB:41:CA:57:A8:7E:F1:00:91:5F:89:C4:D1:C2
X509v3 Authority Key Identifier:
keyid:60:38:31:A6:1B:C8:A8:F4:CB:85:88:70:22:FB:6F:86:39:73:45:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDgxphvIqPTLhYhwIvtvhjlzRdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/tfY1d8sX60HKV6h-8QCRX4nE0cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/YDgxphvIqPTLhYhwIvtvhjlzRdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.224.0-185.34.226.255
Signature Algorithm: sha256WithRSAEncryption
bb:1e:79:6d:b4:0a:02:bd:65:8d:ef:3e:c9:0d:01:ff:d4:ee:
c7:85:36:30:b5:a1:66:55:df:9c:b3:9c:15:79:84:58:c3:e8:
df:0b:02:28:bc:a2:2e:6e:82:17:ec:3c:e1:8d:6f:19:67:70:
dd:c2:14:d1:27:10:1f:db:a1:d5:f7:11:d7:8d:87:42:94:91:
10:2e:6b:26:2d:8b:e2:f4:dd:83:87:92:d7:3f:6a:70:6b:93:
b1:0c:e8:99:6c:9f:bd:5d:df:9a:e6:59:23:25:6d:db:08:42:
b3:92:99:13:4b:b8:25:af:ba:2e:d9:96:20:8b:2c:c4:8b:8e:
d6:31:48:d1:a1:6f:91:15:dc:07:ab:99:c2:fd:34:13:7e:ee:
1d:7b:3a:18:47:c7:96:ed:93:84:10:43:1c:ba:51:67:9a:66:
cc:32:1d:1e:59:93:51:93:eb:5b:27:b6:d4:f4:8a:8c:56:3b:
55:63:0a:7a:ca:33:46:79:13:ac:3e:92:5b:80:e2:14:7b:f8:
ae:fc:f3:9d:84:9f:94:83:02:c9:83:71:15:91:4b:4b:33:ca:
51:ac:56:31:b0:fc:ac:96:f8:5b:21:f8:76:ef:0c:4b:eb:cf:
8c:18:6b:d1:7a:0f:4b:3c:a2:c4:0c:e0:11:79:3f:4c:c0:fe:
19:89:13:76
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY69l5fo3sBxpgCK0fF1w6/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzgzMWE2MWJjOGE4ZjRjYjg1ODg3MDIyZmI2Zjg2Mzk3
MzQ1ZGMwHhcNMjQwNDA4MTIwMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY2MzU3N2NiMTdlYjQxY2E1N2E4N2VmMTAwOTE1Zjg5YzRkMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMoWBQBO2pKJJYZ3Ur3IqnJK3tRA
JwM24yUaipu1LhGicJCImciJ/U27dHefQY9VTO+AxZ7qNKFq4O3aedVAg7EF7bR2
713zzvk3oga84xTxwqV0U0V+kSjQmJTS9UOvqrbvndwYV/BGiAHEc5Tw6HMfBw5U
cKwm3iXF4fVV1QqdWA6aovwDn1XWRj7VMDnYLUemcdueBkZAJaaR6Ia532o/ZgoM
aOhiCa3syAPaVbbG5AywdZ3mJI9KRTRap/7PgAOObHH3jQ5og0L7GeGBfmXmElYO
42WHLoOahoOuVql36ybEwHtYl1kIVV4oplH2NNZ3VJ5IBkrlr0hc6QuR5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLX2NXfLF+tByleofvEAkV+JxNHCMB8GA1UdIwQY
MBaAFGA4MaYbyKj0y4WIcCL7b4Y5c0XcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURneHBodklxUFRMaFlod0l2dHZoamx6UmR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzMyNzYtNTBhZC00ZWJjLWEyYTYt
OTgwODU0NTkzM2M5LzEvdGZZMWQ4c1g2MEhLVjZoLThRQ1JYNG5FMGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzMyNzYtNTBhZC00ZWJjLWEyYTYtOTgwODU0NTkzM2M5
LzEvWURneHBodklxUFRMaFlod0l2dHZoamx6UmR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAW5IuAD
BAC5IuIwDQYJKoZIhvcNAQELBQADggEBALseeW20CgK9ZY3vPskNAf/U7seFNjC1
oWZV35yznBV5hFjD6N8LAii8oi5ughfsPOGNbxlncN3CFNEnEB/bodX3EdeNh0KU
kRAuayYti+L03YOHktc/anBrk7EM6Jlsn71d35rmWSMlbdsIQrOSmRNLuCWvui7Z
liCLLMSLjtYxSNGhb5EV3AermcL9NBN+7h17OhhHx5btk4QQQxy6UWeaZswyHR5Z
k1GT61snttT0ioxWO1VjCnrKM0Z5E6w+kluA4hR7+K78852En5SDAsmDcRWRS0sz
ylGsVjGw/KyW+Fsh+HbvDEvrz4wYa9F6D0s8osQM4BF5P0zA/hmJE3Y=
-----END CERTIFICATE-----
Generated at Wed May 1 12:49:33 2024 by rpki-client on console-fra.rpki-client.org