Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1SUaeA-057XB_aE_fz_tRtLh4r4.roa
File: 1SUaeA-057XB_aE_fz_tRtLh4r4.roa (raw, json)
Hash identifier: X+rTn50oyN60pRSzS5Esvx40pccmDxOr4iEj15sH/ZM=
Subject key identifier: D5:25:1A:78:0F:B4:E7:B5:C1:FD:A1:3F:7F:3F:ED:46:D2:E1:E2:BE
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018804B065E5CE116E4D7A64BBA6FB5505CE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1SUaeA-057XB_aE_fz_tRtLh4r4.roa
Signing time: Wed 10 May 2023 08:04:09 +0000
ROA not before: Wed 10 May 2023 08:04:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
45.155.253.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:b0:65:e5:ce:11:6e:4d:7a:64:bb:a6:fb:55:05:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 10 08:04:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5251a780fb4e7b5c1fda13f7f3fed46d2e1e2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:44:e9:ab:f8:af:9a:e1:8e:2a:7a:0d:9d:30:
81:4b:4f:5b:65:4e:e5:91:bd:8f:84:5b:d2:9a:0b:
93:f9:02:31:08:4c:ad:6b:16:41:74:4c:f8:f4:d6:
12:16:e6:bd:97:b8:58:29:69:2f:d5:01:5a:eb:f3:
f9:4d:a5:c8:c3:00:df:fa:36:a3:67:2e:28:30:d7:
d7:dd:33:73:67:a1:d0:7a:f8:ce:ba:bb:31:61:e4:
83:8c:1c:2e:81:05:da:e9:6d:7f:09:ed:58:f6:b2:
be:0a:93:78:e0:e9:da:29:43:45:5d:19:eb:64:ff:
12:d5:e9:89:3f:17:d3:c3:0f:ae:e3:b1:d5:80:e3:
ef:08:b8:43:2e:a6:05:96:eb:45:e5:bd:b3:4d:90:
10:da:bb:f0:97:73:81:51:7b:72:3e:ae:cc:c2:4a:
a8:49:38:72:74:5b:88:fa:27:73:56:09:fa:87:5a:
3a:b4:fb:b9:ec:e2:9b:12:ed:f7:3d:b8:04:1b:74:
64:be:1b:9f:37:22:6b:1f:0a:6d:27:4a:b3:55:2e:
c5:3a:41:1d:d2:94:5f:df:ec:b6:8a:58:80:c7:d8:
9a:c0:3d:d9:5f:d6:fa:8f:ff:9a:ab:4b:6f:22:97:
7f:10:9c:15:7e:72:ce:9f:62:0a:19:9f:25:0c:b0:
fb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:25:1A:78:0F:B4:E7:B5:C1:FD:A1:3F:7F:3F:ED:46:D2:E1:E2:BE
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1SUaeA-057XB_aE_fz_tRtLh4r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0-45.155.254.255
45.157.209.0-45.157.210.255
79.98.246.0/24
185.199.148.0/23
185.199.212.0/23
185.225.170.0/23
185.226.180.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a5:3c:5a:0b:1b:e1:0f:14:8a:d9:c3:76:f6:cb:f7:63:dd:
35:c5:96:2e:71:a4:e1:f6:d3:0f:3c:3b:40:5e:aa:01:fc:56:
cf:9f:92:d7:29:16:4c:50:5c:03:8e:f5:5c:60:b5:47:1b:0e:
9e:60:fd:04:51:81:ac:e3:73:cd:64:f9:07:74:72:a2:b3:9d:
a4:b8:30:87:34:7c:60:7c:34:1c:98:0a:28:3e:16:b9:f0:6d:
53:b8:f0:25:2f:c3:92:e7:12:3f:cb:55:6f:08:66:49:66:14:
8b:14:d1:4a:98:8c:69:6c:25:12:fe:7c:d2:ba:7a:7f:ef:a2:
88:98:a0:ad:22:86:cf:20:ac:2c:5e:2c:b5:6d:ce:66:9a:eb:
9d:d4:8b:fa:c1:4d:02:8d:95:34:4e:ca:54:e7:04:65:83:4f:
c9:83:11:24:83:a9:ef:88:e4:f6:97:41:cd:8b:40:40:de:5e:
29:9f:ee:62:be:25:3a:e0:2a:91:58:ee:1f:36:7a:42:24:1c:
f2:4f:cd:ac:96:8a:67:77:39:4c:b6:96:8d:a2:ce:84:8e:dc:
15:f1:12:46:ce:00:4b:83:f1:8e:3e:64:0d:18:3d:a4:d9:c6:
bc:4f:fe:dc:85:5e:ad:58:eb:8b:37:3e:35:5d:e8:c1:40:15:
f0:e6:bd:aa
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYgEsGXlzhFuTXpku6b7VQXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTEwMDgwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI1MWE3ODBmYjRlN2I1YzFmZGExM2Y3ZjNmZWQ0NmQyZTFlMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUTpq/ivmuGOKnoNnTCBS09bZU7l
kb2PhFvSmguT+QIxCEytaxZBdEz49NYSFua9l7hYKWkv1QFa6/P5TaXIwwDf+jaj
Zy4oMNfX3TNzZ6HQevjOursxYeSDjBwugQXa6W1/Ce1Y9rK+CpN44OnaKUNFXRnr
ZP8S1emJPxfTww+u47HVgOPvCLhDLqYFlutF5b2zTZAQ2rvwl3OBUXtyPq7Mwkqo
SThydFuI+idzVgn6h1o6tPu57OKbEu33PbgEG3RkvhufNyJrHwptJ0qzVS7FOkEd
0pRf3+y2iliAx9iawD3ZX9b6j/+aq0tvIpd/EJwVfnLOn2IKGZ8lDLD7/QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNUlGngPtOe1wf2hP38/7UbS4eK+MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMVNVYWVBLTA1N1hCX2FFX2Z6X3RSdExoNHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAItm/wD
BAAtm/4wDAMEAC2d0QMEAC2d0gMEAE9i9gMEAbnHlAMEAbnH1AMEAbnhqgMEALni
tAMEAMKSXDANBgkqhkiG9w0BAQsFAAOCAQEAlKU8Wgsb4Q8UitnDdvbL92PdNcWW
LnGk4fbTDzw7QF6qAfxWz5+S1ykWTFBcA471XGC1RxsOnmD9BFGBrONzzWT5B3Ry
orOdpLgwhzR8YHw0HJgKKD4WufBtU7jwJS/DkucSP8tVbwhmSWYUixTRSpiMaWwl
Ev580rp6f++iiJigrSKGzyCsLF4stW3OZprrndSL+sFNAo2VNE7KVOcEZYNPyYMR
JIOp74jk9pdBzYtAQN5eKZ/uYr4lOuAqkVjuHzZ6QiQc8k/NrJaKZ3c5TLaWjaLO
hI7cFfESRs4AS4Pxjj5kDRg9pNnGvE/+3IVerVjrizc+NV3owUAV8Oa9qg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:26 2023 by rpki-client on console-fra.rpki-client.org