Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2xdhKzYxIpCsDP1iQkYvhv7g8eA.roa
File: 2xdhKzYxIpCsDP1iQkYvhv7g8eA.roa (raw, json)
Hash identifier: wRhWj37ZLYUZMq0GUGOxxGeAQoV226AnieGg5vduXPI=
Subject key identifier: DB:17:61:2B:36:31:22:90:AC:0C:FD:62:42:46:2F:86:FE:E0:F1:E0
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018C8348F684844EB13993A7F3BBEF48BB65
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2xdhKzYxIpCsDP1iQkYvhv7g8eA.roa
Signing time: Tue 19 Dec 2023 18:14:06 +0000
ROA not before: Tue 19 Dec 2023 18:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Dec 2023 13:53:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:48:f6:84:84:4e:b1:39:93:a7:f3:bb:ef:48:bb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 19 18:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db17612b36312290ac0cfd6242462f86fee0f1e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2f:c5:de:aa:88:80:bf:91:39:ae:c0:b7:0b:
d7:b9:fb:70:c0:e7:17:17:6a:9a:d1:ad:82:04:76:
ec:12:1b:99:15:af:b5:19:4f:26:4c:79:55:39:ef:
22:da:15:11:13:17:0a:fa:92:a0:14:d1:5f:e2:91:
7e:f0:2d:25:5a:d3:20:74:6d:6c:a8:e5:ab:bd:67:
9d:ca:84:0e:6b:0a:64:ff:e1:50:0f:29:02:50:24:
92:b3:12:02:e4:5f:dd:fb:e9:44:1c:09:57:13:c4:
45:92:bc:16:4b:04:6a:e9:bc:df:df:19:b7:40:76:
35:08:ce:88:61:9c:f3:d5:63:12:06:61:7b:82:83:
93:dd:4d:3a:6d:c9:b8:e4:44:08:51:9e:a5:de:a9:
df:5c:7a:57:0f:32:2a:41:d3:38:e7:ff:40:a8:7d:
84:8c:42:8b:d0:40:b0:6e:64:dd:eb:bf:99:bf:4d:
f0:55:42:6a:78:ba:d3:f2:24:4d:3b:d8:5d:98:85:
3b:a0:25:36:9f:f8:d9:07:1c:3b:5e:b2:f2:cd:73:
03:ee:f1:7f:88:7b:0d:13:3e:87:44:70:05:b9:01:
bb:d9:8d:08:7b:f7:9c:73:41:82:01:82:6d:35:39:
7b:b2:24:73:62:3f:58:e6:e6:7c:ce:6a:80:e7:f5:
94:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:17:61:2B:36:31:22:90:AC:0C:FD:62:42:46:2F:86:FE:E0:F1:E0
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2xdhKzYxIpCsDP1iQkYvhv7g8eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.210.0/23
176.125.251.0/24
185.199.149.0/24
185.199.151.0/24
185.199.212.0/23
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
d1:d1:7e:7f:f8:ce:e0:af:3e:43:b3:db:3f:4b:cd:d3:88:ac:
6a:5e:9b:9d:60:0d:ac:60:c0:6e:ec:35:34:f2:d2:b5:42:1c:
f7:d0:02:43:26:fa:01:f7:87:0f:b3:b0:16:23:99:64:60:3c:
f3:e1:13:4c:b2:58:ec:48:5b:06:bd:ce:a8:0f:96:40:71:9a:
4a:92:76:70:a8:5d:f6:18:f0:70:5b:06:55:ef:f1:fc:74:06:
c0:91:bd:98:0f:93:12:07:eb:8e:7a:c8:0b:a7:bf:80:ae:93:
1c:3d:5e:8c:54:5b:75:6f:d9:64:93:11:96:9e:08:c4:26:f0:
9a:1a:6d:25:30:8e:07:85:52:b2:38:5d:37:33:15:4d:17:5a:
17:d4:71:f6:2a:ba:da:9a:b6:e9:bb:91:2e:83:49:e4:cc:6c:
3b:d1:53:c9:ce:60:7b:fb:a5:f8:73:3e:e3:f1:18:d1:6f:fc:
02:8d:96:db:72:39:d9:38:4c:6b:48:47:47:bc:5a:9e:7e:ff:
9b:88:f4:24:f3:dc:16:06:e8:dc:54:34:37:90:f6:a1:93:1d:
eb:fd:c8:e1:bd:d9:20:e4:77:98:b5:87:ae:91:31:f7:c9:80:
26:e5:8b:3d:23:16:47:0c:e2:c3:01:19:b4:6e:b4:51:d8:09:
43:1a:89:af
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYyDSPaEhE6xOZOn87vvSLtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjE5MTgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE3NjEyYjM2MzEyMjkwYWMwY2ZkNjI0MjQ2MmY4NmZlZTBmMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgy/F3qqIgL+ROa7AtwvXuftwwOcX
F2qa0a2CBHbsEhuZFa+1GU8mTHlVOe8i2hURExcK+pKgFNFf4pF+8C0lWtMgdG1s
qOWrvWedyoQOawpk/+FQDykCUCSSsxIC5F/d++lEHAlXE8RFkrwWSwRq6bzf3xm3
QHY1CM6IYZzz1WMSBmF7goOT3U06bcm45EQIUZ6l3qnfXHpXDzIqQdM45/9AqH2E
jEKL0ECwbmTd67+Zv03wVUJqeLrT8iRNO9hdmIU7oCU2n/jZBxw7XrLyzXMD7vF/
iHsNEz6HRHAFuQG72Y0Ie/ecc0GCAYJtNTl7siRzYj9Y5uZ8zmqA5/WUiQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNsXYSs2MSKQrAz9YkJGL4b+4PHgMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMnhkaEt6WXhJcENzRFAxaVFrWXZodjdnOGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZv8AwQA
LZv/AwQBLZ3SAwQAsH37AwQAuceVAwQAuceXAwQBucfUAwQAufoaAwQBwpJcMA0G
CSqGSIb3DQEBCwUAA4IBAQDR0X5/+M7grz5Ds9s/S83TiKxqXpudYA2sYMBu7DU0
8tK1Qhz30AJDJvoB94cPs7AWI5lkYDzz4RNMsljsSFsGvc6oD5ZAcZpKknZwqF32
GPBwWwZV7/H8dAbAkb2YD5MSB+uOesgLp7+ArpMcPV6MVFt1b9lkkxGWngjEJvCa
Gm0lMI4HhVKyOF03MxVNF1oX1HH2Krramrbpu5Eug0nkzGw70VPJzmB7+6X4cz7j
8RjRb/wCjZbbcjnZOExrSEdHvFqefv+biPQk89wWBujcVDQ3kPahkx3r/cjhvdkg
5HeYtYeukTH3yYAm5Ys9IxZHDOLDARm0brRR2AlDGomv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org