Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/pQ_NOWKKtIAxyuR0PADMICPogXg.roa
File: pQ_NOWKKtIAxyuR0PADMICPogXg.roa (raw, json)
Hash identifier: dDnBOvoj9tZGEVTIAryu/rIIcEn/HVHOSmX6eUyCCXk=
Subject key identifier: A5:0F:CD:39:62:8A:B4:80:31:CA:E4:74:3C:00:CC:20:23:E8:81:78
Certificate issuer: /CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Certificate serial: 018E00BBC0C037C9BDC0BB09D3A8C9FD8F64
Authority key identifier: 23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/pQ_NOWKKtIAxyuR0PADMICPogXg.roa
Signing time: Sat 02 Mar 2024 19:54:48 +0000
ROA not before: Sat 02 Mar 2024 19:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 185.203.232.0/24 maxlen: 24
185.203.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Mar 2024 02:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:00:bb:c0:c0:37:c9:bd:c0:bb:09:d3:a8:c9:fd:8f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Validity
Not Before: Mar 2 19:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a50fcd39628ab48031cae4743c00cc2023e88178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:8b:79:f3:d5:4c:e0:6f:df:70:e5:b8:c7:
36:8f:23:c1:b5:19:d4:c3:1a:01:9f:27:06:83:b4:
6f:cd:46:80:45:bb:6e:be:29:bf:dc:f4:27:96:3c:
8f:48:77:b9:b9:90:72:e3:2b:95:fb:75:8b:37:9b:
6a:77:57:5c:64:8c:66:c4:02:13:5e:70:72:fc:c2:
0c:48:bd:aa:7b:5a:a1:48:92:0e:6f:b3:b7:d9:14:
90:fe:03:6a:63:9b:6e:dc:dd:ae:75:57:6a:32:35:
e1:c2:50:b1:b5:e3:7f:ca:27:9d:0d:e4:31:31:b3:
3b:8b:d2:27:2f:99:b3:18:65:e9:c9:ef:33:dd:e1:
e3:de:d8:52:0e:fa:86:de:8b:1e:9a:0a:21:fd:f9:
5d:e8:3f:cc:f5:a2:de:22:1c:78:6e:03:e1:10:af:
9d:d0:58:bf:a3:36:3b:3e:bd:d3:d4:d7:b6:96:81:
f3:82:72:e8:eb:17:82:0b:ea:49:85:ab:71:4f:08:
40:db:2b:08:45:55:13:33:00:34:94:fe:ac:a9:c7:
c3:1b:a6:0a:8d:05:25:9d:d5:e2:25:c7:3b:39:21:
7c:72:e2:b6:4c:8a:9a:cf:66:e7:c3:26:8d:b3:ab:
a4:f8:38:a3:00:20:8b:cc:ce:41:72:09:6e:3a:1f:
2e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0F:CD:39:62:8A:B4:80:31:CA:E4:74:3C:00:CC:20:23:E8:81:78
X509v3 Authority Key Identifier:
keyid:23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/pQ_NOWKKtIAxyuR0PADMICPogXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.232.0/24
185.203.235.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:71:d9:55:2d:c0:7a:cd:9d:9d:be:cc:a4:92:37:52:32:06:
71:80:35:29:73:a3:8d:58:4f:83:5c:d3:4f:99:86:41:83:a7:
c6:b9:8b:67:e0:57:4b:7f:b6:54:2a:df:13:3f:7f:ae:4c:4e:
0e:56:ca:00:bd:2b:1a:f4:20:c9:5e:87:a4:34:9a:d4:ad:26:
4a:d1:95:09:d5:70:a4:1f:dd:aa:7d:68:78:39:c4:44:30:ad:
c3:78:66:fe:6c:32:d8:18:61:c4:ab:93:fa:7e:41:ae:ed:9f:
6a:5d:2f:d0:62:8f:30:6a:45:5c:37:1e:86:19:ea:a1:d1:e2:
97:01:65:17:d6:56:62:56:57:69:80:3a:ad:54:71:b8:8e:60:
cb:9a:43:b8:af:ef:b9:87:bd:fc:aa:e0:44:62:f9:7e:5f:5a:
c5:6d:d2:7a:60:46:38:8f:c0:82:90:82:43:99:0f:84:9d:a0:
fe:cf:27:f5:b9:1c:42:13:0a:1d:ec:b0:66:06:5d:81:17:77:
98:e0:a9:81:fc:9c:e4:dc:46:78:5e:39:6e:b9:22:37:77:a4:
d8:92:5d:d6:f3:94:7c:80:8c:fc:d6:d4:f3:81:06:d6:40:f8:
c9:ce:fa:85:c7:a6:fb:b0:ee:8f:aa:47:2e:27:50:80:e2:00:
b2:f2:76:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4Au8DAN8m9wLsJ06jJ/Y9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzBlMjYwNjA5MTNjNzU4MTM3NDg4YmZkN2FiMWJmZTll
MTBhZTIwHhcNMjQwMzAyMTk1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTBmY2QzOTYyOGFiNDgwMzFjYWU0NzQzYzAwY2MyMDIzZTg4MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQWLefPVTOBv33DluMc2jyPBtRnU
wxoBnycGg7RvzUaARbtuvim/3PQnljyPSHe5uZBy4yuV+3WLN5tqd1dcZIxmxAIT
XnBy/MIMSL2qe1qhSJIOb7O32RSQ/gNqY5tu3N2udVdqMjXhwlCxteN/yiedDeQx
MbM7i9InL5mzGGXpye8z3eHj3thSDvqG3osemgoh/fld6D/M9aLeIhx4bgPhEK+d
0Fi/ozY7Pr3T1Ne2loHzgnLo6xeCC+pJhatxTwhA2ysIRVUTMwA0lP6sqcfDG6YK
jQUlndXiJcc7OSF8cuK2TIqaz2bnwyaNs6uk+DijACCLzM5BcgluOh8uwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKUPzTliirSAMcrkdDwAzCAj6IF4MB8GA1UdIwQY
MBaAFCMw4mBgkTx1gTdIi/16sb/p4QriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0Yjkt
NzA2NzgyY2ZhMDNiLzEvcFFfTk9XS0t0SUF4eXVSMFBBRE1JQ1BvZ1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0YjktNzA2NzgyY2ZhMDNi
LzEvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucvoAwQA
ucvrMA0GCSqGSIb3DQEBCwUAA4IBAQB+cdlVLcB6zZ2dvsykkjdSMgZxgDUpc6ON
WE+DXNNPmYZBg6fGuYtn4FdLf7ZUKt8TP3+uTE4OVsoAvSsa9CDJXoekNJrUrSZK
0ZUJ1XCkH92qfWh4OcREMK3DeGb+bDLYGGHEq5P6fkGu7Z9qXS/QYo8wakVcNx6G
Geqh0eKXAWUX1lZiVldpgDqtVHG4jmDLmkO4r++5h738quBEYvl+X1rFbdJ6YEY4
j8CCkIJDmQ+EnaD+zyf1uRxCEwod7LBmBl2BF3eY4KmB/Jzk3EZ4XjluuSI3d6TY
kl3W85R8gIz81tTzgQbWQPjJzvqFx6b7sO6PqkcuJ1CA4gCy8nYb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:37 2024 by rpki-client on console-ams.rpki-client.org