Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3beoDE_n-6blJrgoy5F85eugZ3w.roa
File: 3beoDE_n-6blJrgoy5F85eugZ3w.roa (raw, json)
Hash identifier: trwfWoyi2A58Lokt8Ak2aV+wnOJ1ur7O501tNFam0HQ=
Subject key identifier: DD:B7:A8:0C:4F:E7:FB:A6:E5:26:B8:28:CB:91:7C:E5:EB:A0:67:7C
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01896D3524DF6D5200AB0D0FEE740932E991
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3beoDE_n-6blJrgoy5F85eugZ3w.roa
Signing time: Wed 19 Jul 2023 08:12:26 +0000
ROA not before: Wed 19 Jul 2023 08:12:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
79.98.244.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jul 2023 09:44:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6d:35:24:df:6d:52:00:ab:0d:0f:ee:74:09:32:e9:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 19 08:12:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddb7a80c4fe7fba6e526b828cb917ce5eba0677c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:30:c9:c2:36:20:1c:36:4e:40:7e:7c:ac:13:
64:6b:a3:f9:32:56:04:0b:d2:29:00:09:63:11:33:
67:56:9b:49:2f:47:ea:4d:78:9c:53:f1:8a:5d:b5:
05:52:78:c2:3e:58:d1:26:d4:31:fb:c2:86:97:ee:
a1:79:f3:9f:ee:71:73:72:ef:af:e4:87:0f:cd:fb:
26:91:33:76:91:f7:b2:1a:16:9b:95:b1:53:f3:ee:
4d:c4:52:39:e4:ce:58:85:39:c3:3d:31:d9:52:ed:
32:b5:cb:e8:b6:3c:72:eb:cf:d2:12:cb:08:94:4d:
7f:4e:f7:76:83:da:f3:a6:18:4c:13:47:6a:0e:e3:
9f:5a:11:e0:01:ec:49:22:01:a3:1e:d5:08:9d:a4:
38:a1:2f:44:f2:bc:a3:2b:19:01:cf:88:00:94:f1:
ca:b2:9c:a6:12:bf:1e:1c:28:de:ce:20:34:32:18:
c0:50:fc:2d:a9:8d:a8:31:1a:de:9d:26:ff:2a:fc:
65:b8:78:3b:bf:27:85:5f:5a:24:d0:12:ca:9d:ea:
b7:77:10:9a:6e:d1:3b:66:31:e7:b9:ce:69:01:73:
4b:fe:dc:48:f1:f1:fa:86:91:49:8c:19:a9:2d:8e:
af:bf:b7:f2:b4:ba:a4:92:cf:c3:81:48:e2:79:e8:
05:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B7:A8:0C:4F:E7:FB:A6:E5:26:B8:28:CB:91:7C:E5:EB:A0:67:7C
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3beoDE_n-6blJrgoy5F85eugZ3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
45.157.211.0/24
79.98.244.0/22
185.199.151.0/24
185.199.212.0/24
185.225.168.0/22
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:ba:84:af:83:74:2d:2a:2e:85:d1:20:e8:c2:5a:5d:6c:bd:
8c:87:9a:f0:cc:47:67:09:c2:d4:e5:c8:77:54:8d:41:f3:4e:
23:40:42:a1:c1:ba:ba:6f:8b:7f:d4:ff:e4:51:3c:46:16:b4:
84:ec:18:4e:03:9e:dd:a4:a6:95:1b:58:10:55:f7:db:c4:0e:
da:e1:12:f5:d4:91:2a:e7:d4:0e:01:f6:c7:d1:df:a6:43:44:
b6:bd:80:11:f8:d1:06:58:57:1e:58:90:ee:45:f9:84:01:de:
f0:d9:1e:84:f9:8a:ce:d4:2b:5d:45:6c:e4:eb:81:66:ca:9c:
2d:54:04:63:a4:a7:f1:c5:08:12:1b:42:13:d0:93:9b:aa:ef:
b4:ff:7e:c2:7b:24:0e:8d:b3:2c:e5:cc:f3:e6:ef:b0:e8:61:
29:8b:55:97:f8:36:fa:dd:24:28:3e:20:76:4f:ad:5b:12:21:
8c:32:15:21:78:d9:da:e4:32:29:3b:4a:22:b0:f7:c7:9d:97:
fc:b7:0b:55:61:fe:6d:c8:f0:6c:08:12:75:75:37:3c:8b:58:
f5:77:c5:1e:9e:c5:d6:02:65:15:88:2f:5e:33:4e:27:0b:f4:
d8:53:dc:00:d6:39:ab:9b:72:bf:76:f8:da:e4:96:48:93:7a:
ce:cf:fe:de
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYltNSTfbVIAqw0P7nQJMumRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNzE5MDgxMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGI3YTgwYzRmZTdmYmE2ZTUyNmI4MjhjYjkxN2NlNWViYTA2NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDDJwjYgHDZOQH58rBNka6P5MlYE
C9IpAAljETNnVptJL0fqTXicU/GKXbUFUnjCPljRJtQx+8KGl+6hefOf7nFzcu+v
5IcPzfsmkTN2kfeyGhablbFT8+5NxFI55M5YhTnDPTHZUu0ytcvotjxy68/SEssI
lE1/Tvd2g9rzphhME0dqDuOfWhHgAexJIgGjHtUInaQ4oS9E8ryjKxkBz4gAlPHK
spymEr8eHCjeziA0MhjAUPwtqY2oMRrenSb/KvxluHg7vyeFX1ok0BLKneq3dxCa
btE7ZjHnuc5pAXNL/txI8fH6hpFJjBmpLY6vv7fytLqkks/DgUjieegF7wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN23qAxP5/um5Sa4KMuRfOXroGd8MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvM2Jlb0RFX24tNmJsSnJnb3k1Rjg1ZXVnWjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZv8AwQA
LZv/AwQALZ3RAwQALZ3TAwQCT2L0AwQAuceXAwQAucfUAwQCueGoAwQAufoaAwQB
wpJcMA0GCSqGSIb3DQEBCwUAA4IBAQB6uoSvg3QtKi6F0SDowlpdbL2Mh5rwzEdn
CcLU5ch3VI1B804jQEKhwbq6b4t/1P/kUTxGFrSE7BhOA57dpKaVG1gQVffbxA7a
4RL11JEq59QOAfbH0d+mQ0S2vYAR+NEGWFceWJDuRfmEAd7w2R6E+YrO1CtdRWzk
64FmypwtVARjpKfxxQgSG0IT0JObqu+0/37CeyQOjbMs5czz5u+w6GEpi1WX+Db6
3SQoPiB2T61bEiGMMhUheNna5DIpO0oisPfHnZf8twtVYf5tyPBsCBJ1dTc8i1j1
d8UensXWAmUViC9eM04nC/TYU9wA1jmrm3K/dvja5JZIk3rOz/7e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org