Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-YcGYK5G0qD9n4SSboQIp2ntv4Y.roa
File: 1-YcGYK5G0qD9n4SSboQIp2ntv4Y.roa (raw, json)
Hash identifier: lZiynA16ZhPLQcIzhIYpIiDrb3fw827/uioOwCckKjY=
Subject key identifier: F9:87:06:60:AE:46:D2:A0:FD:9F:84:92:6E:84:08:A7:69:ED:BF:86
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018A4A7EE4CF8EFFC0F221014080D77252B8
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-YcGYK5G0qD9n4SSboQIp2ntv4Y.roa
Signing time: Thu 31 Aug 2023 07:29:04 +0000
ROA not before: Thu 31 Aug 2023 07:29:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 45.157.209.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Sep 2023 21:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:7e:e4:cf:8e:ff:c0:f2:21:01:40:80:d7:72:52:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 31 07:29:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9870660ae46d2a0fd9f84926e8408a769edbf86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e2:3c:54:f4:d0:55:88:b2:54:f5:6c:e2:6e:
74:ad:25:b1:8b:9b:79:62:a4:6b:9f:35:da:b3:dc:
a7:89:90:de:cc:e7:0c:38:14:92:69:29:48:dc:4f:
c6:b5:a9:68:a0:4a:74:ca:b4:fd:43:87:64:30:34:
0d:af:9d:51:63:19:80:63:af:f7:9b:a6:6e:36:b2:
ea:ce:b5:53:50:b8:5f:d3:5e:f7:2f:a4:b5:80:a9:
d8:80:7e:42:13:62:50:c8:0d:b3:e1:ef:ab:64:61:
40:82:8f:1f:37:12:de:46:23:d8:d4:44:5d:d8:af:
d8:fd:38:fe:15:67:e5:57:e1:bc:87:61:fe:51:3d:
99:06:2a:f7:bf:33:5c:a2:ae:4a:ba:84:59:8b:36:
13:11:ae:11:30:0a:f0:20:a3:e0:74:0e:0b:84:26:
2e:8e:e4:3b:28:15:6b:aa:21:93:e5:fd:e7:e7:5c:
7d:43:4f:fb:82:4a:76:a5:e4:31:f3:7d:97:c8:d4:
69:e0:38:58:51:67:2a:90:a5:9e:7b:13:9b:4c:57:
46:61:33:14:fe:8b:83:de:4b:73:c4:80:7c:39:54:
f6:c9:48:b3:98:ca:fb:5c:de:e8:72:5e:86:c6:b1:
cb:39:05:99:7d:67:9a:cc:1d:3d:e9:90:ba:d7:59:
03:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:87:06:60:AE:46:D2:A0:FD:9F:84:92:6E:84:08:A7:69:ED:BF:86
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-YcGYK5G0qD9n4SSboQIp2ntv4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.209.0/24
185.225.171.0/24
185.250.25.0/24
Signature Algorithm: sha256WithRSAEncryption
38:3d:f4:e6:af:c3:10:27:08:46:4f:6a:e8:e1:ea:bb:57:a4:
6a:14:6e:47:7f:41:aa:a7:37:49:bc:2a:73:eb:b0:98:ef:d9:
5b:3b:87:78:1a:19:80:90:5b:0d:a5:5d:2d:b5:6f:62:bb:12:
3f:9a:e9:bd:0c:dc:4c:b7:61:3f:a5:cb:bf:52:8b:08:61:ca:
b3:ff:32:26:c7:02:9b:48:fe:e6:62:dc:3f:ac:90:32:51:29:
46:24:87:4c:a6:b8:ae:bb:ae:0e:a5:79:64:f2:f5:c8:54:39:
4c:82:b3:22:dd:9e:40:f4:3d:78:91:93:2e:d0:63:4c:65:2f:
af:e0:26:24:3c:d4:d4:2b:e7:bc:33:36:ce:b9:5e:e2:c6:d2:
e9:a2:f9:d4:55:a3:83:47:9c:31:8f:d1:de:78:d8:00:4d:d0:
0b:25:cd:e6:97:44:84:bb:dc:47:19:35:73:11:fb:a0:1e:74:
b3:c1:36:3d:76:02:3b:9c:9e:70:da:bd:5c:28:9d:79:ec:d8:
99:01:c3:bc:e2:8a:66:71:fe:3c:c8:88:19:3b:ad:7c:65:01:
c9:a1:24:ca:4a:20:e0:0a:33:36:9a:7e:c9:7c:a3:a0:b0:6c:
42:6e:08:4d:8f:53:dc:ae:a7:86:3c:73:ca:79:cd:82:04:69:
5c:8c:ca:16
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYpKfuTPjv/A8iEBQIDXclK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODMxMDcyOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg3MDY2MGFlNDZkMmEwZmQ5Zjg0OTI2ZTg0MDhhNzY5ZWRiZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuI8VPTQVYiyVPVs4m50rSWxi5t5
YqRrnzXas9yniZDezOcMOBSSaSlI3E/GtalooEp0yrT9Q4dkMDQNr51RYxmAY6/3
m6ZuNrLqzrVTULhf0173L6S1gKnYgH5CE2JQyA2z4e+rZGFAgo8fNxLeRiPY1ERd
2K/Y/Tj+FWflV+G8h2H+UT2ZBir3vzNcoq5KuoRZizYTEa4RMArwIKPgdA4LhCYu
juQ7KBVrqiGT5f3n51x9Q0/7gkp2peQx832XyNRp4DhYUWcqkKWeexObTFdGYTMU
/ouD3ktzxIB8OVT2yUizmMr7XN7ocl6GxrHLOQWZfWeazB096ZC611kDQQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPmHBmCuRtKg/Z+Ekm6ECKdp7b+GMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMS1ZY0dZSzVHMHFEOW40U1Nib1FJcDJudHY0WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5
Mi8xL05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC2d0QME
ALnhqwMEALn6GTANBgkqhkiG9w0BAQsFAAOCAQEAOD305q/DECcIRk9q6OHqu1ek
ahRuR39Bqqc3Sbwqc+uwmO/ZWzuHeBoZgJBbDaVdLbVvYrsSP5rpvQzcTLdhP6XL
v1KLCGHKs/8yJscCm0j+5mLcP6yQMlEpRiSHTKa4rruuDqV5ZPL1yFQ5TIKzIt2e
QPQ9eJGTLtBjTGUvr+AmJDzU1CvnvDM2zrle4sbS6aL51FWjg0ecMY/R3njYAE3Q
CyXN5pdEhLvcRxk1cxH7oB50s8E2PXYCO5yecNq9XCideezYmQHDvOKKZnH+PMiI
GTutfGUByaEkykog4AozNpp+yXyjoLBsQm4ITY9T3K6nhjxzynnNggRpXIzKFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org