Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/j0DybYlL7aDvYhJrhkNXSrimHz8.roa
File: j0DybYlL7aDvYhJrhkNXSrimHz8.roa (raw, json)
Hash identifier: ZvscgntwK938fBHmxLoDmqpd0dAJiVWWkFT//RjKnUA=
Subject key identifier: 8F:40:F2:6D:89:4B:ED:A0:EF:62:12:6B:86:43:57:4A:B8:A6:1F:3F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01937021E6BDEC776E567DF4ADB80CE618FE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/j0DybYlL7aDvYhJrhkNXSrimHz8.roa
Signing time: Thu 28 Nov 2024 00:18:10 +0000
ROA not before: Thu 28 Nov 2024 00:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 18:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:70:21:e6:bd:ec:77:6e:56:7d:f4:ad:b8:0c:e6:18:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 28 00:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f40f26d894beda0ef62126b8643574ab8a61f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f9:b1:65:72:08:85:04:4e:e8:5d:13:06:11:
a5:20:8e:a7:c7:fb:3f:24:9d:f3:cc:ad:9f:78:59:
81:a4:37:2f:28:30:9d:82:43:ef:37:c7:8e:39:8e:
29:a5:a3:97:7c:d3:39:b1:b9:84:20:a2:4f:a3:8f:
13:d8:85:65:41:d7:d6:f5:40:5c:51:b8:02:4c:5a:
9a:9b:2d:a3:fe:1d:31:5d:e0:8e:1b:a5:96:e1:11:
46:d8:6b:95:e9:83:9e:03:ed:86:02:a1:bd:4d:b6:
21:c0:20:fb:f2:f2:18:72:f7:9b:71:f0:2d:e2:fd:
8e:61:d0:dd:97:f1:38:03:18:ad:dc:e7:df:35:84:
6c:fb:1d:c2:51:11:f5:9a:cb:5f:32:b7:79:76:f6:
23:87:5e:d2:da:66:8e:81:17:4e:9a:33:b9:6e:b1:
1c:8a:11:8b:dc:b5:85:f6:05:1e:5d:3b:28:bf:26:
2a:eb:7f:3c:07:01:d3:b8:0d:18:5f:41:e7:48:d9:
c4:2c:3e:a3:52:f4:61:e4:ad:36:b5:27:8e:bb:6b:
c0:2f:93:a8:90:84:eb:e9:0b:90:58:83:c0:be:c4:
48:6a:f5:c6:31:ff:97:df:2f:4a:ee:a8:d8:c6:e4:
1e:e8:5f:43:64:39:93:9f:9c:21:51:98:ce:a2:0b:
7c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:40:F2:6D:89:4B:ED:A0:EF:62:12:6B:86:43:57:4A:B8:A6:1F:3F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/j0DybYlL7aDvYhJrhkNXSrimHz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
185.221.26.0/24
185.226.181.0/24
185.250.27.0/24
Signature Algorithm: sha256WithRSAEncryption
17:c5:73:a0:c2:60:ec:ca:1a:94:b6:ee:f1:59:a5:52:4b:db:
0e:64:f9:4b:76:92:a6:c9:eb:2e:ef:6d:98:03:19:5f:4b:b4:
74:7b:c5:c5:36:dc:7b:37:ef:d2:00:7b:67:c7:4c:f0:ca:ea:
bd:b8:30:40:38:2c:6d:f8:cf:7c:46:a4:79:d7:95:85:bc:d4:
fa:64:fc:7a:58:ca:e8:0e:6c:7a:4b:03:66:44:78:a4:b8:5c:
af:d1:57:27:3c:1a:00:4b:75:c4:4b:67:7b:d9:18:62:a4:02:
27:0f:3a:8e:62:aa:0b:fd:80:03:37:25:02:b8:d0:f6:cb:f6:
d7:b2:b4:28:5e:cf:c2:12:fe:ea:c7:a6:4d:c6:ed:e0:7b:d0:
e8:50:4a:e1:f5:b1:44:0d:36:20:a7:7f:90:bb:e7:21:44:f9:
54:0c:48:dd:e6:ec:d2:d1:32:7c:c5:2d:98:a5:39:b5:79:bf:
e3:59:3d:fa:d2:a1:b2:53:7a:c9:35:5b:af:3b:be:97:2f:e5:
de:2a:dd:fa:15:ba:76:20:25:57:9c:06:b9:05:88:cd:8a:09:
38:84:bf:77:90:37:32:e1:a4:27:70:fb:68:5b:c5:e2:df:0c:
bf:13:51:f2:9b:e0:1f:1a:72:bc:82:06:b2:b8:51:97:03:85:
75:00:90:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNwIea97HduVn30rbgM5hj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMTI4MDAxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQwZjI2ZDg5NGJlZGEwZWY2MjEyNmI4NjQzNTc0YWI4YTYxZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfmxZXIIhQRO6F0TBhGlII6nx/s/
JJ3zzK2feFmBpDcvKDCdgkPvN8eOOY4ppaOXfNM5sbmEIKJPo48T2IVlQdfW9UBc
UbgCTFqamy2j/h0xXeCOG6WW4RFG2GuV6YOeA+2GAqG9TbYhwCD78vIYcvebcfAt
4v2OYdDdl/E4Axit3OffNYRs+x3CURH1mstfMrd5dvYjh17S2maOgRdOmjO5brEc
ihGL3LWF9gUeXTsovyYq6388BwHTuA0YX0HnSNnELD6jUvRh5K02tSeOu2vAL5Oo
kITr6QuQWIPAvsRIavXGMf+X3y9K7qjYxuQe6F9DZDmTn5whUZjOogt8bQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI9A8m2JS+2g72ISa4ZDV0q4ph8/MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvajBEeWJZbEw3YUR2WWhKcmhrTlhTcmltSHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAucfVAwQA
ud0aAwQAueK1AwQAufobMA0GCSqGSIb3DQEBCwUAA4IBAQAXxXOgwmDsyhqUtu7x
WaVSS9sOZPlLdpKmyesu722YAxlfS7R0e8XFNtx7N+/SAHtnx0zwyuq9uDBAOCxt
+M98RqR515WFvNT6ZPx6WMroDmx6SwNmRHikuFyv0VcnPBoAS3XES2d72RhipAIn
DzqOYqoL/YADNyUCuND2y/bXsrQoXs/CEv7qx6ZNxu3ge9DoUErh9bFEDTYgp3+Q
u+chRPlUDEjd5uzS0TJ8xS2YpTm1eb/jWT360qGyU3rJNVuvO76XL+XeKt36Fbp2
ICVXnAa5BYjNigk4hL93kDcy4aQncPtoW8Xi3wy/E1Hym+AfGnK8ggayuFGXA4V1
AJCJ
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:13:13 2025 by rpki-client