Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2SIJbpgQv7h0DCXJC1mJgpxTB00.roa
File: 2SIJbpgQv7h0DCXJC1mJgpxTB00.roa (raw, json)
Hash identifier: sWqoa/7xyBZKu/Nfak8LyqzHeNiniL2lfnhpWTJhvv8=
Subject key identifier: D9:22:09:6E:98:10:BF:B8:74:0C:25:C9:0B:59:89:82:9C:53:07:4D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018D31D61BF04A65736CDCD413175D0728C0
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2SIJbpgQv7h0DCXJC1mJgpxTB00.roa
Signing time: Mon 22 Jan 2024 15:42:11 +0000
ROA not before: Mon 22 Jan 2024 15:42:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201575
IP address blocks: 45.157.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 19:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:d6:1b:f0:4a:65:73:6c:dc:d4:13:17:5d:07:28:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 22 15:42:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d922096e9810bfb8740c25c90b5989829c53074d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:dc:a5:6b:3c:54:d1:4d:c0:ec:e6:7c:f4:ab:
01:a3:1c:4c:a0:de:9d:ca:44:01:16:2c:40:f9:a6:
31:ec:6b:ea:61:a3:fc:c8:b6:07:68:d0:b2:00:b9:
e8:ce:ce:a5:69:f9:5b:8c:56:e2:67:b8:79:55:cd:
e8:a6:7a:1b:b2:6e:53:9c:38:1b:24:e7:7b:a4:6b:
6e:78:21:55:78:6f:53:ce:01:6c:4e:72:7b:c1:16:
e3:17:e5:a9:23:e1:9f:5f:58:c7:ef:8c:8a:22:99:
1b:69:9e:95:ee:c2:ef:2c:88:0b:d3:af:67:1e:ea:
ed:82:33:e9:53:4e:38:f4:7e:78:e1:ff:08:d5:98:
fc:59:1d:81:8b:1d:9b:b3:e5:b3:1b:df:7a:ec:24:
e1:29:0b:4a:80:f3:9c:2b:9f:a9:f6:ed:dd:2e:5e:
d0:52:79:7d:68:c8:c7:62:7e:69:51:08:ab:a5:8f:
8c:bf:00:6a:73:9b:17:bc:0f:f0:02:f5:1c:7c:5b:
52:f8:89:50:d6:06:ad:dd:ad:0d:d0:e5:06:46:8d:
1c:60:3f:df:bc:e8:a1:a8:cf:9d:1a:04:d6:fc:18:
fb:1c:88:94:f3:cf:ac:0a:07:a4:fc:30:83:53:c8:
13:e8:d9:d9:fc:32:fe:9d:7c:aa:2d:a8:f6:b7:0b:
15:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:22:09:6E:98:10:BF:B8:74:0C:25:C9:0B:59:89:82:9C:53:07:4D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2SIJbpgQv7h0DCXJC1mJgpxTB00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.210.0/24
Signature Algorithm: sha256WithRSAEncryption
05:5a:8d:32:04:7a:f1:36:8c:24:3d:42:ca:4d:82:1c:49:37:
4b:dd:e0:fb:ad:5a:1c:58:d4:24:f4:a3:22:c5:95:b1:bb:f9:
82:62:13:66:ec:c1:38:1d:49:d4:36:68:ca:c3:95:e1:35:9e:
b7:f0:f7:33:eb:0a:f0:77:75:0f:9a:8d:7d:6b:e4:39:06:a8:
74:99:29:96:9c:f8:58:55:61:f9:0f:df:c5:5e:3f:10:27:3d:
f5:c0:2c:83:1d:be:5d:a9:77:5c:cc:e6:76:3d:d8:71:d8:0a:
d1:5d:07:c3:87:d2:13:ea:35:15:35:37:21:d5:e9:e4:ef:69:
d7:2c:5b:f3:85:b4:4e:7e:14:b8:1f:89:97:d0:03:7a:92:64:
9d:47:9c:ee:0f:b0:97:e8:f8:28:19:3a:a0:87:20:5c:29:e0:
e8:b2:5f:6c:06:21:eb:7c:61:78:67:81:c5:a7:25:4c:3d:13:
90:c8:11:11:1b:e0:b4:fe:8f:44:21:dc:6d:12:b9:4e:ef:54:
fa:6d:43:f4:a5:89:78:00:7b:d6:3c:de:61:31:c8:52:89:e2:
b7:9d:37:6a:4e:28:db:72:dd:0c:bd:60:e3:5c:53:6f:5e:84:
eb:e5:96:2b:a2:31:50:93:b2:14:21:c7:cb:b0:14:45:7d:c3:
8f:5c:a0:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0x1hvwSmVzbNzUExddByjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTIyMTU0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTIyMDk2ZTk4MTBiZmI4NzQwYzI1YzkwYjU5ODk4MjljNTMwNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdylazxU0U3A7OZ89KsBoxxMoN6d
ykQBFixA+aYx7GvqYaP8yLYHaNCyALnozs6laflbjFbiZ7h5Vc3opnobsm5TnDgb
JOd7pGtueCFVeG9TzgFsTnJ7wRbjF+WpI+GfX1jH74yKIpkbaZ6V7sLvLIgL069n
HurtgjPpU0449H544f8I1Zj8WR2Bix2bs+WzG9967CThKQtKgPOcK5+p9u3dLl7Q
Unl9aMjHYn5pUQirpY+MvwBqc5sXvA/wAvUcfFtS+IlQ1gat3a0N0OUGRo0cYD/f
vOihqM+dGgTW/Bj7HIiU88+sCgek/DCDU8gT6NnZ/DL+nXyqLaj2twsV3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNkiCW6YEL+4dAwlyQtZiYKcUwdNMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMlNJSmJwZ1F2N2gwRENYSkMxbUpncHhUQjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ3SMA0G
CSqGSIb3DQEBCwUAA4IBAQAFWo0yBHrxNowkPULKTYIcSTdL3eD7rVocWNQk9KMi
xZWxu/mCYhNm7ME4HUnUNmjKw5XhNZ638Pcz6wrwd3UPmo19a+Q5Bqh0mSmWnPhY
VWH5D9/FXj8QJz31wCyDHb5dqXdczOZ2Pdhx2ArRXQfDh9IT6jUVNTch1enk72nX
LFvzhbROfhS4H4mX0AN6kmSdR5zuD7CX6PgoGTqghyBcKeDosl9sBiHrfGF4Z4HF
pyVMPROQyBERG+C0/o9EIdxtErlO71T6bUP0pYl4AHvWPN5hMchSieK3nTdqTijb
ct0MvWDjXFNvXoTr5ZYrojFQk7IUIcfLsBRFfcOPXKDa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org