Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1eNUMgg5UZQEzzo57RCmRasddHs.roa
File: 1eNUMgg5UZQEzzo57RCmRasddHs.roa (raw, json)
Hash identifier: q++eF5KOSUCunuQsx7A0JfTaJzgWDa4Y+55G7A3/CwY=
Subject key identifier: D5:E3:54:32:08:39:51:94:04:CF:3A:39:ED:10:A6:45:AB:1D:74:7B
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0188A7880F8A152836721116C643A09989C0
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1eNUMgg5UZQEzzo57RCmRasddHs.roa
Signing time: Sat 10 Jun 2023 22:58:11 +0000
ROA not before: Sat 10 Jun 2023 22:58:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.199.212.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
45.157.208.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.244.0/23 maxlen: 24
79.98.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Jun 2023 16:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a7:88:0f:8a:15:28:36:72:11:16:c6:43:a0:99:89:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 10 22:58:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5e354320839519404cf3a39ed10a645ab1d747b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7e:b1:da:52:75:f9:b2:a4:d5:6f:c8:98:3d:
ce:c3:f3:a8:27:3f:4b:e4:3f:9e:21:cb:53:17:58:
bc:35:76:f6:26:59:b5:7d:ef:fe:a0:0c:dc:b1:15:
62:ea:4b:69:48:98:2a:06:7d:e6:fc:29:85:f1:6d:
46:f4:47:88:33:db:19:3f:1a:19:47:5c:a7:1c:d2:
81:9a:3e:3b:31:5e:90:a5:49:1a:7d:26:7a:d9:f1:
ae:14:e9:f4:8e:a3:6a:02:bf:80:b2:26:c5:3b:5d:
17:33:60:cb:2a:b1:59:86:1a:74:11:bb:00:16:a0:
bc:c8:b6:d4:20:9b:a0:a0:bc:03:7c:ed:f8:dc:74:
5c:35:74:d4:f4:9e:74:07:22:79:46:a4:0f:d5:16:
81:db:ef:0b:10:95:38:5c:cf:5d:63:f7:c2:29:4d:
79:93:66:53:12:09:ee:0b:18:70:e0:02:1d:25:2f:
81:67:cf:dd:8d:7e:dc:c0:f1:79:e5:7a:ea:f6:c3:
db:5b:88:90:60:26:66:81:8f:06:4a:b6:d7:ee:ab:
ef:21:c4:ee:d2:d8:7b:d8:ea:6d:8e:af:1f:8a:e7:
cb:5f:f3:88:3a:c4:99:86:79:9c:9a:8b:71:2c:e0:
a0:7f:cf:6f:e3:d7:85:31:ce:ea:24:d9:ed:a7:cd:
37:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E3:54:32:08:39:51:94:04:CF:3A:39:ED:10:A6:45:AB:1D:74:7B
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1eNUMgg5UZQEzzo57RCmRasddHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.208.0/24
45.157.211.0/24
79.98.244.0/23
79.98.247.0/24
185.199.212.0/24
185.225.168.0/23
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:5c:23:32:2f:0d:47:83:de:2e:1f:c3:c2:ba:2e:02:71:49:
ce:89:76:8a:ef:17:b7:4f:53:6e:79:e5:18:fc:e0:e3:16:8a:
83:b4:68:06:4e:4d:60:57:33:fe:56:33:7b:a8:66:70:a3:c8:
55:86:50:32:6f:41:ad:1c:65:9a:44:3c:25:37:ce:96:e8:56:
0f:82:54:d3:87:6d:a7:1d:50:ff:5b:70:47:7b:52:91:7c:76:
e4:c5:b2:07:de:c5:90:3b:9b:eb:6f:db:ec:16:d8:5b:b3:08:
90:19:75:d5:6e:4e:dd:66:07:05:be:7c:32:9e:9f:f3:b0:22:
c2:69:13:fe:95:da:1c:ed:dc:32:47:f9:d7:0d:cd:d6:29:20:
bb:13:09:eb:9f:7e:f8:9b:51:69:e6:71:b7:b4:67:e4:df:e8:
0e:dd:22:46:57:43:fc:b2:bc:e5:68:5d:c0:41:d6:59:0c:26:
9d:e2:54:bc:04:86:67:94:05:ae:33:39:dc:9b:b3:8b:7a:97:
12:f6:0a:2f:a6:6c:45:e3:93:c9:aa:79:44:61:95:75:e5:38:
ba:f1:6f:da:c7:de:10:49:26:44:2b:27:bb:3e:d4:34:b3:1b:
1a:d1:31:94:c3:56:1f:62:69:0f:e9:b7:bc:1e:a2:a3:67:a3:
4f:4b:1a:47
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYiniA+KFSg2chEWxkOgmYnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjEwMjI1ODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUzNTQzMjA4Mzk1MTk0MDRjZjNhMzllZDEwYTY0NWFiMWQ3NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn6x2lJ1+bKk1W/ImD3Ow/OoJz9L
5D+eIctTF1i8NXb2Jlm1fe/+oAzcsRVi6ktpSJgqBn3m/CmF8W1G9EeIM9sZPxoZ
R1ynHNKBmj47MV6QpUkafSZ62fGuFOn0jqNqAr+AsibFO10XM2DLKrFZhhp0EbsA
FqC8yLbUIJugoLwDfO343HRcNXTU9J50ByJ5RqQP1RaB2+8LEJU4XM9dY/fCKU15
k2ZTEgnuCxhw4AIdJS+BZ8/djX7cwPF55Xrq9sPbW4iQYCZmgY8GSrbX7qvvIcTu
0th72Optjq8fiufLX/OIOsSZhnmcmotxLOCgf89v49eFMc7qJNntp8030wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNXjVDIIOVGUBM86Oe0QpkWrHXR7MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMWVOVU1nZzVVWlFFenpvNTdSQ21SYXNkZEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZ3QAwQA
LZ3TAwQBT2L0AwQAT2L3AwQAucfUAwQBueGoAwQAwpJdMA0GCSqGSIb3DQEBCwUA
A4IBAQCmXCMyLw1Hg94uH8PCui4CcUnOiXaK7xe3T1NueeUY/ODjFoqDtGgGTk1g
VzP+VjN7qGZwo8hVhlAyb0GtHGWaRDwlN86W6FYPglTTh22nHVD/W3BHe1KRfHbk
xbIH3sWQO5vrb9vsFthbswiQGXXVbk7dZgcFvnwynp/zsCLCaRP+ldoc7dwyR/nX
Dc3WKSC7Ewnrn374m1Fp5nG3tGfk3+gO3SJGV0P8srzlaF3AQdZZDCad4lS8BIZn
lAWuMzncm7OLepcS9govpmxF45PJqnlEYZV15Ti68W/ax94QSSZEKye7PtQ0sxsa
0TGUw1YfYmkP6be8HqKjZ6NPSxpH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org