Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/BsSXshMVkTpybqBKYZPhfeoRTq4.roa
File: BsSXshMVkTpybqBKYZPhfeoRTq4.roa (raw, json)
Hash identifier: I/MdGHYOKYzKdkzyfeMSmoivBq74TfEfT3/XnwokS7I=
Subject key identifier: 06:C4:97:B2:13:15:91:3A:72:6E:A0:4A:61:93:E1:7D:EA:11:4E:AE
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CC8DF16CEA562F2D0777FC2F2592CDA2E
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/BsSXshMVkTpybqBKYZPhfeoRTq4.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205663
IP address blocks: 45.157.210.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jan 2024 11:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:16:ce:a5:62:f2:d0:77:7f:c2:f2:59:2c:da:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06c497b21315913a726ea04a6193e17dea114eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ac:9f:01:39:91:d3:58:0c:f3:81:39:83:38:
7b:33:9e:69:83:d1:8c:8a:df:6f:e0:95:03:c3:88:
ef:c3:fd:11:b6:fa:72:1e:d8:bd:6c:ee:40:2f:cc:
84:d1:62:27:30:22:2f:e9:33:2c:fe:a4:74:ce:48:
4a:ec:18:85:d9:36:bd:81:3e:15:01:64:21:5f:ff:
c4:d1:32:f7:c1:2b:2d:95:94:3c:8b:13:84:79:06:
05:95:34:3b:1c:07:67:3e:85:cb:56:e5:87:b7:4a:
7c:21:55:fc:25:97:1b:9a:1f:84:dc:e5:16:1e:4d:
95:16:0f:7b:ae:61:33:c0:48:3b:4e:7e:b8:a5:1c:
dc:b4:5c:d2:e4:60:a0:53:15:0e:ed:7c:2c:da:7f:
a9:18:b9:07:65:2d:7d:e5:40:a8:79:37:c1:85:e5:
df:af:2f:09:89:dc:25:0f:f0:0d:d8:0e:bb:21:d6:
cb:6a:9f:32:8b:a3:34:9e:8d:22:be:02:7e:44:7c:
fa:cc:d5:ad:63:ae:50:ed:81:35:30:d0:95:d3:9a:
c9:9e:88:96:3f:f6:33:7a:2d:b3:dd:43:83:3e:e5:
5f:05:e5:8e:e4:66:a6:fa:ca:fb:4c:50:fe:11:72:
a9:20:52:57:b1:25:5c:c8:11:1e:ca:d2:c6:6b:7e:
b5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C4:97:B2:13:15:91:3A:72:6E:A0:4A:61:93:E1:7D:EA:11:4E:AE
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/BsSXshMVkTpybqBKYZPhfeoRTq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.209.0-45.157.210.255
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:d0:cb:0f:38:23:c3:5d:98:fe:b6:4f:44:e4:b3:6c:7b:2b:
54:16:5d:57:40:32:80:59:14:68:72:e0:9f:b8:80:51:69:19:
74:fa:e9:93:3b:be:6f:8c:e9:65:63:20:2c:a4:d5:08:09:5e:
fb:6c:7f:f4:21:8e:b8:41:db:38:42:af:0d:17:ff:ef:fb:e2:
44:15:f0:ce:b5:f4:de:a8:db:b9:e9:43:19:6f:d8:72:da:81:
06:61:4e:31:c4:a3:b6:9c:b2:8b:8c:53:22:f3:10:1a:c7:a3:
30:73:00:27:69:f1:f7:33:23:16:69:f1:38:26:5e:68:aa:3d:
b7:ec:c7:06:af:0d:e8:5a:b9:5f:d0:a0:c8:f5:fd:45:ff:7d:
52:75:1d:66:5e:5b:49:c8:40:0b:0b:c3:01:89:d3:23:22:bf:
93:90:ad:75:bf:e3:e1:34:f1:b9:76:dd:f5:66:f5:a0:14:db:
43:2b:aa:44:d0:8e:4a:ea:e2:55:10:03:c9:cc:3f:ed:c0:3c:
ce:b7:a3:19:a4:c9:a0:61:52:cb:48:02:a5:ee:dd:53:94:10:
2b:1f:87:d4:e0:41:7c:28:c8:38:b8:cc:2f:e0:c2:95:e3:a4:
b8:c2:9a:7e:08:93:1f:45:1e:10:63:f0:6a:0a:64:30:c2:53:
0a:85:d9:e9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3xbOpWLy0Hd/wvJZLNouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM0OTdiMjEzMTU5MTNhNzI2ZWEwNGE2MTkzZTE3ZGVhMTE0ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6yfATmR01gM84E5gzh7M55pg9GM
it9v4JUDw4jvw/0RtvpyHti9bO5AL8yE0WInMCIv6TMs/qR0zkhK7BiF2Ta9gT4V
AWQhX//E0TL3wSstlZQ8ixOEeQYFlTQ7HAdnPoXLVuWHt0p8IVX8JZcbmh+E3OUW
Hk2VFg97rmEzwEg7Tn64pRzctFzS5GCgUxUO7Xws2n+pGLkHZS195UCoeTfBheXf
ry8JidwlD/AN2A67IdbLap8yi6M0no0ivgJ+RHz6zNWtY65Q7YE1MNCV05rJnoiW
P/Yzei2z3UODPuVfBeWO5Gam+sr7TFD+EXKpIFJXsSVcyBEeytLGa361jwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAbEl7ITFZE6cm6gSmGT4X3qEU6uMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQnNTWHNoTVZrVHB5YnFCS1laUGhmZW9SVHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtndED
BAAtndIDBAC54rUwDQYJKoZIhvcNAQELBQADggEBAG7Qyw84I8NdmP62T0Tks2x7
K1QWXVdAMoBZFGhy4J+4gFFpGXT66ZM7vm+M6WVjICyk1QgJXvtsf/QhjrhB2zhC
rw0X/+/74kQV8M619N6o27npQxlv2HLagQZhTjHEo7acsouMUyLzEBrHozBzACdp
8fczIxZp8TgmXmiqPbfsxwavDehauV/QoMj1/UX/fVJ1HWZeW0nIQAsLwwGJ0yMi
v5OQrXW/4+E08bl23fVm9aAU20MrqkTQjkrq4lUQA8nMP+3APM63oxmkyaBhUstI
AqXu3VOUECsfh9TgQXwoyDi4zC/gwpXjpLjCmn4Ikx9FHhBj8GoKZDDCUwqF2ek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org