Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-oUbUZ5Nk3poTOqSHB0f-_iThN8.roa
File: 1-oUbUZ5Nk3poTOqSHB0f-_iThN8.roa (raw, json)
Hash identifier: tfr/pvI2mMUBVBjYlMc9TKITssPs2vPZbedCwCY4z1M=
Subject key identifier: FA:85:1B:51:9E:4D:93:7A:68:4C:EA:92:1C:1D:1F:FB:F8:93:84:DF
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01882A4CC4917862831D1D07E8FF8EA779D4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-oUbUZ5Nk3poTOqSHB0f-_iThN8.roa
Signing time: Wed 17 May 2023 15:20:54 +0000
ROA not before: Wed 17 May 2023 15:20:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 May 2023 17:34:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2a:4c:c4:91:78:62:83:1d:1d:07:e8:ff:8e:a7:79:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 17 15:20:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa851b519e4d937a684cea921c1d1ffbf89384df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6a:97:42:96:d9:a8:26:e5:50:fc:eb:5e:03:
4c:fd:c5:1d:69:1e:b0:1f:ea:76:5a:07:28:b2:b7:
b5:23:4b:bf:96:e0:02:2f:1d:ee:b8:13:2d:88:ef:
bc:a3:aa:2b:2e:e2:ce:11:1a:1f:e1:1a:9b:3b:8b:
9a:74:6f:3d:e5:5b:15:64:65:24:09:66:b4:b0:0a:
9f:aa:7a:54:59:77:48:44:61:8d:05:4f:62:1d:85:
fe:48:2b:2d:1c:2c:b5:36:15:a4:fa:d5:db:29:95:
ae:30:86:09:d7:09:8a:88:ec:4e:a9:f4:9e:c7:3e:
58:ca:70:c8:53:76:d3:df:99:8a:e8:b4:7c:99:54:
b9:1c:1f:ec:19:d8:66:c3:a6:60:aa:a4:33:de:01:
d2:04:a5:06:32:6c:b1:fa:46:bf:3f:73:d8:19:bf:
4f:1b:d7:00:ef:93:ba:cb:43:9e:f3:06:72:5e:a6:
26:fd:9e:4d:87:34:84:5b:23:37:26:05:4e:5d:b3:
52:2e:b2:e6:78:9d:26:87:64:b6:fb:35:38:e2:7e:
bb:9e:7f:a9:23:ba:87:38:83:db:ce:2f:5f:4f:75:
c7:b2:0f:c8:42:31:dc:2d:49:15:32:00:53:49:de:
fa:bd:5e:4e:d0:93:a9:cd:2c:26:b9:cb:da:e1:33:
c8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:85:1B:51:9E:4D:93:7A:68:4C:EA:92:1C:1D:1F:FB:F8:93:84:DF
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-oUbUZ5Nk3poTOqSHB0f-_iThN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
79.98.246.0/24
185.199.148.0/23
185.199.213.0/24
185.225.170.0/23
185.250.25.0-185.250.26.255
Signature Algorithm: sha256WithRSAEncryption
6e:69:93:0e:77:cb:d5:3f:eb:af:c2:8d:ed:c2:a1:5f:d8:78:
55:69:01:e5:83:90:3e:38:86:90:62:57:20:8e:e3:d2:26:96:
fd:f8:62:fe:28:b1:86:a5:04:af:12:af:d5:88:eb:be:09:af:
7e:20:f9:f4:ba:09:3b:f7:17:7a:c4:69:36:35:d6:59:aa:63:
d1:36:c9:84:f4:31:fe:ab:66:b6:42:d2:a9:80:e4:ec:7e:7f:
a1:eb:ff:91:b7:4f:59:01:a8:ad:b5:0d:e0:9b:ae:bf:0f:b8:
08:0a:f4:a3:3d:3b:25:be:4f:7c:fb:ca:8c:90:48:13:86:b5:
a2:c4:77:18:ea:5a:36:46:a3:85:27:c9:f9:21:df:41:c2:14:
8a:7e:e1:09:30:cf:12:9e:d1:60:16:48:ac:55:c6:5f:bf:f1:
6a:df:e3:ea:67:5a:e6:40:0d:ad:1f:aa:96:6d:85:10:22:0d:
a6:8e:40:6a:00:0d:65:c1:14:1a:15:f0:41:84:09:54:21:20:
18:a0:10:51:fb:4d:39:71:c8:ff:74:3f:29:6c:a4:f5:ee:8f:
2d:b8:d7:7f:80:ef:01:77:5a:bc:38:4d:43:d5:e7:b3:27:c5:
3e:4a:fc:27:f0:b5:5a:c5:f1:4c:16:0b:9b:f5:e0:ac:0c:12:
2b:9a:94:82
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYgqTMSReGKDHR0H6P+Op3nUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTE3MTUyMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg1MWI1MTllNGQ5MzdhNjg0Y2VhOTIxYzFkMWZmYmY4OTM4NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGqXQpbZqCblUPzrXgNM/cUdaR6w
H+p2Wgcosre1I0u/luACLx3uuBMtiO+8o6orLuLOERof4RqbO4uadG895VsVZGUk
CWa0sAqfqnpUWXdIRGGNBU9iHYX+SCstHCy1NhWk+tXbKZWuMIYJ1wmKiOxOqfSe
xz5YynDIU3bT35mK6LR8mVS5HB/sGdhmw6ZgqqQz3gHSBKUGMmyx+ka/P3PYGb9P
G9cA75O6y0Oe8wZyXqYm/Z5NhzSEWyM3JgVOXbNSLrLmeJ0mh2S2+zU44n67nn+p
I7qHOIPbzi9fT3XHsg/IQjHcLUkVMgBTSd76vV5O0JOpzSwmucva4TPImQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPqFG1GeTZN6aEzqkhwdH/v4k4TfMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMS1vVWJVWjVOazNwb1RPcVNIQjBmLV9pVGhOOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5
Mi8xL05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAC2b/AME
AE9i9gMEAbnHlAMEALnH1QMEAbnhqjAMAwQAufoZAwQAufoaMA0GCSqGSIb3DQEB
CwUAA4IBAQBuaZMOd8vVP+uvwo3twqFf2HhVaQHlg5A+OIaQYlcgjuPSJpb9+GL+
KLGGpQSvEq/ViOu+Ca9+IPn0ugk79xd6xGk2NdZZqmPRNsmE9DH+q2a2QtKpgOTs
fn+h6/+Rt09ZAaittQ3gm66/D7gICvSjPTslvk98+8qMkEgThrWixHcY6lo2RqOF
J8n5Id9BwhSKfuEJMM8SntFgFkisVcZfv/Fq3+PqZ1rmQA2tH6qWbYUQIg2mjkBq
AA1lwRQaFfBBhAlUISAYoBBR+005ccj/dD8pbKT17o8tuNd/gO8Bd1q8OE1D1eez
J8U+Svwn8LVaxfFMFgub9eCsDBIrmpSC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org