Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3LgpcYh5G2SeuUgE283sVRSrv0U.roa
File: 3LgpcYh5G2SeuUgE283sVRSrv0U.roa (raw, json)
Hash identifier: rmGw6f9iFwWf299y3h9PwydRwg2HV1R0BkbCC4zzhUE=
Subject key identifier: DC:B8:29:71:88:79:1B:64:9E:B9:48:04:DB:CD:EC:55:14:AB:BF:45
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018A5D0293F8AB139E4386231A22E2A3DA4D
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3LgpcYh5G2SeuUgE283sVRSrv0U.roa
Signing time: Sun 03 Sep 2023 21:46:04 +0000
ROA not before: Sun 03 Sep 2023 21:46:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 45.157.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 11:07:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5d:02:93:f8:ab:13:9e:43:86:23:1a:22:e2:a3:da:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 3 21:46:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcb8297188791b649eb94804dbcdec5514abbf45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d0:14:f4:7b:b7:c0:2e:90:74:57:29:fe:f2:
16:cb:b7:9a:16:18:f7:0c:85:77:d9:12:d6:de:84:
1c:9b:44:b5:6a:98:79:ee:c2:cd:50:9e:36:ac:60:
40:3e:6a:01:82:f4:41:79:6c:94:00:96:5a:b3:c4:
9d:06:88:c5:60:bb:a8:89:0f:59:a1:66:c5:4b:97:
55:d9:35:ff:e2:5a:b0:44:14:66:e3:86:9e:76:8b:
a6:a3:95:55:db:40:9c:b0:ce:9f:3e:bc:f3:f8:16:
f9:5e:e5:bb:01:c0:75:b9:cc:64:cd:38:2c:81:70:
7c:23:37:5e:b4:ae:f1:8d:e8:92:b9:b4:07:cb:22:
19:f1:00:f1:2e:90:b0:47:1a:6f:1a:4f:25:67:4a:
d8:cd:13:67:55:97:30:7d:dd:92:e7:a9:be:95:ce:
2d:96:54:8f:51:96:93:13:c3:13:f9:77:25:9e:a6:
fa:5a:8b:2f:1f:0d:fe:da:da:c8:d6:70:12:f5:26:
37:de:ce:66:51:34:f1:82:3b:86:85:ff:16:48:6c:
1c:32:14:4b:9c:7c:7c:38:dc:1a:63:be:cd:11:4d:
c1:68:cb:87:b2:37:1a:9b:6e:e2:bf:8f:ff:56:b1:
aa:f5:31:de:55:b2:db:f8:31:a6:b5:b8:01:fb:27:
22:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B8:29:71:88:79:1B:64:9E:B9:48:04:DB:CD:EC:55:14:AB:BF:45
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3LgpcYh5G2SeuUgE283sVRSrv0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.209.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:78:5d:27:c7:70:45:8b:f9:99:0d:af:ae:a7:90:a5:09:76:
15:59:a0:00:5f:a4:30:e5:af:c7:71:70:36:a3:c6:b1:f2:99:
c8:b5:35:01:0b:fd:c5:06:09:cb:d7:6d:ad:03:74:d2:39:11:
b4:ba:42:ed:15:e0:c4:74:b3:98:61:4d:b8:5d:ff:ab:68:2b:
cf:c8:fa:b2:02:39:91:46:31:19:55:dd:8d:f9:69:78:e1:11:
57:d9:43:38:7c:41:34:af:3c:2b:74:dc:9a:db:b7:ca:dc:84:
4f:f2:b3:ca:64:94:e2:f0:9e:cf:46:43:3b:8d:6f:10:59:a9:
52:99:8e:89:c7:90:f5:6d:4e:30:fb:d2:a4:12:6d:60:93:9b:
53:29:66:5b:cb:ad:1f:a9:df:67:a5:06:04:62:e7:74:44:54:
09:0f:00:52:b3:45:a3:de:57:ff:8f:9d:c4:e5:3e:48:32:ed:
a2:f1:ea:68:e3:10:d7:63:f9:73:b9:67:20:00:fb:f2:07:5d:
e7:0a:4e:c9:7b:66:91:81:7d:35:12:2d:6c:0b:24:6c:12:d7:
ca:5d:2c:bd:c3:5e:52:f9:01:24:75:54:a5:bd:d1:61:01:88:
02:ee:76:32:5f:1c:2e:09:a4:1a:3f:c0:ac:ea:aa:5e:27:c0:
1a:3f:95:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpdApP4qxOeQ4YjGiLio9pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwOTAzMjE0NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2I4Mjk3MTg4NzkxYjY0OWViOTQ4MDRkYmNkZWM1NTE0YWJiZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9AU9Hu3wC6QdFcp/vIWy7eaFhj3
DIV32RLW3oQcm0S1aph57sLNUJ42rGBAPmoBgvRBeWyUAJZas8SdBojFYLuoiQ9Z
oWbFS5dV2TX/4lqwRBRm44aedoumo5VV20CcsM6fPrzz+Bb5XuW7AcB1ucxkzTgs
gXB8IzdetK7xjeiSubQHyyIZ8QDxLpCwRxpvGk8lZ0rYzRNnVZcwfd2S56m+lc4t
llSPUZaTE8MT+Xclnqb6WosvHw3+2trI1nAS9SY33s5mUTTxgjuGhf8WSGwcMhRL
nHx8ONwaY77NEU3BaMuHsjcam27iv4//VrGq9THeVbLb+DGmtbgB+yciEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNy4KXGIeRtknrlIBNvN7FUUq79FMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvM0xncGNZaDVHMlNldVVnRTI4M3NWUlNydjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ3RMA0G
CSqGSIb3DQEBCwUAA4IBAQCfeF0nx3BFi/mZDa+up5ClCXYVWaAAX6Qw5a/HcXA2
o8ax8pnItTUBC/3FBgnL122tA3TSORG0ukLtFeDEdLOYYU24Xf+raCvPyPqyAjmR
RjEZVd2N+Wl44RFX2UM4fEE0rzwrdNya27fK3IRP8rPKZJTi8J7PRkM7jW8QWalS
mY6Jx5D1bU4w+9KkEm1gk5tTKWZby60fqd9npQYEYud0RFQJDwBSs0Wj3lf/j53E
5T5IMu2i8epo4xDXY/lzuWcgAPvyB13nCk7Je2aRgX01Ei1sCyRsEtfKXSy9w15S
+QEkdVSlvdFhAYgC7nYyXxwuCaQaP8Cs6qpeJ8AaP5UR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org