Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/cAvyWMWTnjb_A_DWgdDdk-Q_AWI.roa
File: cAvyWMWTnjb_A_DWgdDdk-Q_AWI.roa (raw, json)
Hash identifier: NWM26W/FrG4PQXvK8fnkhbmKAH+ZMZHkctpCh5oZFfU=
Subject key identifier: 70:0B:F2:58:C5:93:9E:36:FF:03:F0:D6:81:D0:DD:93:E4:3F:01:62
Certificate issuer: /CN=6044f6ea79e4e2a3e02a8b38ed0cd3a4059138ac
Certificate serial: 01856ECB7E52A6E7C2A4BF5469CE076C028C
Authority key identifier: 60:44:F6:EA:79:E4:E2:A3:E0:2A:8B:38:ED:0C:D3:A4:05:91:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YET26nnk4qPgKos47QzTpAWROKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/cAvyWMWTnjb_A_DWgdDdk-Q_AWI.roa
Signing time: Sun 01 Jan 2023 19:25:07 +0000
ROA not before: Sun 01 Jan 2023 19:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39534
IP address blocks: 194.50.38.0/24 maxlen: 24
185.151.68.0/24 maxlen: 24
185.151.70.0/24 maxlen: 24
185.151.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:7e:52:a6:e7:c2:a4:bf:54:69:ce:07:6c:02:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6044f6ea79e4e2a3e02a8b38ed0cd3a4059138ac
Validity
Not Before: Jan 1 19:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=700bf258c5939e36ff03f0d681d0dd93e43f0162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0b:a8:b8:a1:ed:87:22:24:a9:c2:20:07:be:
7c:ed:48:9a:5b:92:0a:cc:3b:40:cf:12:56:93:7e:
48:88:fd:19:d8:cf:8e:77:bf:45:0e:a0:78:2d:90:
14:db:80:3b:f2:8d:bb:9b:27:02:4a:db:03:1f:e2:
dd:a2:88:a0:2d:3d:89:78:53:7a:24:4a:07:9d:b8:
e5:10:3c:59:56:e9:6d:e2:bb:d6:0a:e6:69:16:2d:
92:9e:5f:a1:1b:0a:38:c9:d6:b3:32:d7:32:b0:ac:
fc:7d:e2:87:9e:65:ae:13:a4:de:7b:7a:c6:78:e5:
b1:bc:63:08:e2:8f:60:58:0f:11:f7:dd:da:4f:13:
67:64:85:16:a4:38:c3:10:68:03:f3:3f:95:d7:5b:
cc:4c:89:19:62:3b:1a:64:51:6e:d4:55:2c:8b:77:
b2:04:0a:e7:8b:fe:15:96:f1:dd:59:29:03:24:d8:
85:8e:ac:bb:c9:84:36:20:38:cf:d7:5a:5d:a1:0a:
fd:b5:91:6d:dc:5c:af:4d:37:16:3c:11:00:db:2f:
75:ed:ff:eb:98:f8:3d:ed:30:2c:61:12:68:c9:f7:
43:c1:16:dc:3b:27:71:c9:58:aa:59:5f:65:25:53:
73:67:82:87:4f:d2:fa:30:fc:ed:c8:94:a1:74:e6:
de:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0B:F2:58:C5:93:9E:36:FF:03:F0:D6:81:D0:DD:93:E4:3F:01:62
X509v3 Authority Key Identifier:
keyid:60:44:F6:EA:79:E4:E2:A3:E0:2A:8B:38:ED:0C:D3:A4:05:91:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YET26nnk4qPgKos47QzTpAWROKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/cAvyWMWTnjb_A_DWgdDdk-Q_AWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/YET26nnk4qPgKos47QzTpAWROKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.68.0-185.151.70.255
194.50.38.0/24
Signature Algorithm: sha256WithRSAEncryption
70:49:0d:69:70:53:ba:d8:d9:5f:99:71:96:47:a3:9f:eb:ec:
0e:e7:d3:4a:6c:be:0d:af:eb:91:18:f1:96:f6:84:6b:10:bf:
cb:fc:99:30:55:99:43:ba:36:5c:62:37:6b:23:a5:d4:b7:28:
56:c3:c6:ab:44:25:cc:a4:88:c7:c0:f6:11:ff:0e:41:67:55:
c0:b0:b2:0e:4c:a2:6c:02:91:5a:13:f1:04:9a:6b:e1:2b:13:
e6:53:21:34:cd:30:69:18:e5:26:33:dc:49:83:af:06:0b:c3:
c8:84:31:93:5d:c1:d7:38:7e:11:64:d8:b4:20:d6:5d:5d:2b:
5f:76:f1:ea:de:85:31:8f:89:45:6c:9b:73:ec:22:c7:ab:0e:
c3:14:08:5d:1d:d3:ea:5d:23:9a:4e:89:03:b8:9d:33:1b:ac:
34:e7:13:3a:3a:5b:cb:fe:b9:a9:92:1c:17:14:ae:6f:29:ca:
19:8c:d8:b9:34:23:9a:e6:d3:7c:e8:4a:7f:2f:9d:8d:31:49:
c9:be:42:af:81:f0:03:0e:f8:83:38:e3:63:34:a4:ac:5a:b6:
bb:24:87:01:06:d8:e2:aa:68:e9:96:cf:ca:7b:76:27:05:dd:
a7:1b:2d:2c:ae:bc:3a:58:b5:eb:fe:5c:93:ea:1e:31:39:3a:
91:39:d3:c5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVuy35SpufCpL9Uac4HbAKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNDRmNmVhNzllNGUyYTNlMDJhOGIzOGVkMGNkM2E0MDU5
MTM4YWMwHhcNMjMwMTAxMTkyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDBiZjI1OGM1OTM5ZTM2ZmYwM2YwZDY4MWQwZGQ5M2U0M2YwMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AuouKHthyIkqcIgB7587UiaW5IK
zDtAzxJWk35IiP0Z2M+Od79FDqB4LZAU24A78o27mycCStsDH+LdooigLT2JeFN6
JEoHnbjlEDxZVult4rvWCuZpFi2Snl+hGwo4ydazMtcysKz8feKHnmWuE6Tee3rG
eOWxvGMI4o9gWA8R993aTxNnZIUWpDjDEGgD8z+V11vMTIkZYjsaZFFu1FUsi3ey
BArni/4VlvHdWSkDJNiFjqy7yYQ2IDjP11pdoQr9tZFt3FyvTTcWPBEA2y917f/r
mPg97TAsYRJoyfdDwRbcOydxyViqWV9lJVNzZ4KHT9L6MPztyJShdObedQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHAL8ljFk542/wPw1oHQ3ZPkPwFiMB8GA1UdIwQY
MBaAFGBE9up55OKj4CqLOO0M06QFkTisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUVUMjZubms0cVBnS29zNDdRelRwQVdST0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS82MTFhNDAtYjQ0NC00OTBjLTlkZWUt
MjdkNjA4ZDIwODczLzEvY0F2eVdNV1RuamJfQV9EV2dkRGRrLVFfQVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS82MTFhNDAtYjQ0NC00OTBjLTlkZWUtMjdkNjA4ZDIwODcz
LzEvWUVUMjZubms0cVBnS29zNDdRelRwQVdST0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAK5l0QD
BAC5l0YDBADCMiYwDQYJKoZIhvcNAQELBQADggEBAHBJDWlwU7rY2V+ZcZZHo5/r
7A7n00psvg2v65EY8Zb2hGsQv8v8mTBVmUO6NlxiN2sjpdS3KFbDxqtEJcykiMfA
9hH/DkFnVcCwsg5MomwCkVoT8QSaa+ErE+ZTITTNMGkY5SYz3EmDrwYLw8iEMZNd
wdc4fhFk2LQg1l1dK1928erehTGPiUVsm3PsIserDsMUCF0d0+pdI5pOiQO4nTMb
rDTnEzo6W8v+uamSHBcUrm8pyhmM2Lk0I5rm03zoSn8vnY0xScm+Qq+B8AMO+IM4
42M0pKxatrskhwEG2OKqaOmWz8p7dicF3acbLSyuvDpYtev+XJPqHjE5OpE508U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:53 2024 by rpki-client on console-fra.rpki-client.org