Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/BuM0JdbGGm0Ojz8yugEgLN1x9ck.roa
File: BuM0JdbGGm0Ojz8yugEgLN1x9ck.roa (raw, json)
Hash identifier: xAfehrNHziJRDW8QTGzR7qtaQH3d6ZGDTLWNSgUvQy4=
Subject key identifier: 06:E3:34:25:D6:C6:1A:6D:0E:8F:3F:32:BA:01:20:2C:DD:71:F5:C9
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018DF10A6B8B6A5F04950468D655613DAB52
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/BuM0JdbGGm0Ojz8yugEgLN1x9ck.roa
Signing time: Wed 28 Feb 2024 18:46:48 +0000
ROA not before: Wed 28 Feb 2024 18:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Mar 2024 08:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f1:0a:6b:8b:6a:5f:04:95:04:68:d6:55:61:3d:ab:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Feb 28 18:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06e33425d6c61a6d0e8f3f32ba01202cdd71f5c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b9:3e:93:0e:1a:c3:be:e0:e0:f0:31:f3:49:
d7:ba:47:35:9d:e7:b4:56:73:73:a7:a0:f1:5a:af:
9a:25:e5:21:68:39:d8:8d:39:69:7b:51:b5:5d:a7:
2c:4c:b6:80:93:dd:01:2d:fa:95:e6:92:04:a1:b2:
b7:41:c3:1e:f6:8b:56:70:79:47:c6:63:4e:47:15:
62:2a:31:15:69:fc:d1:3f:83:95:dd:c6:52:88:eb:
d1:ab:ef:55:29:1e:4c:80:83:bb:0a:83:9b:60:63:
7c:a7:37:f7:1d:82:3c:a0:67:3b:17:78:08:b4:53:
e3:00:75:46:34:2a:0a:62:4e:6d:60:5c:93:88:77:
08:25:0b:1d:55:7b:8a:ac:4e:39:ac:7a:97:b9:0b:
e7:3d:74:6c:54:26:12:a5:59:d3:62:cb:89:8f:2d:
80:4b:79:be:6f:3b:f1:64:5b:52:80:ad:60:20:5c:
3f:7a:24:30:4d:fd:c3:81:84:4a:f9:6f:08:39:1b:
d2:0b:5d:2e:a8:61:b5:8e:77:4d:ae:23:96:b5:6a:
b6:90:91:c1:93:7d:a8:84:c3:8a:1f:f6:da:f3:84:
83:95:8d:67:0a:5c:ec:3d:01:e8:25:41:d1:02:2e:
78:77:ed:da:70:c3:db:93:c6:9a:39:90:5d:ec:cc:
97:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E3:34:25:D6:C6:1A:6D:0E:8F:3F:32:BA:01:20:2C:DD:71:F5:C9
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/BuM0JdbGGm0Ojz8yugEgLN1x9ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0-45.157.210.255
79.98.246.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
54:06:1e:66:05:61:de:6e:b5:40:25:83:72:25:2e:e3:78:a3:
f0:f6:01:a3:57:43:dc:3c:7a:fa:fd:fe:70:bb:6b:5c:51:b8:
c6:2e:ce:bc:0c:c6:76:58:83:3c:52:a1:cb:48:a8:59:94:6c:
cd:ec:96:8e:6e:f2:df:52:f7:8a:ff:8a:93:67:1e:03:5b:88:
cc:e5:49:f0:7c:86:f1:af:f5:b6:b0:5f:0d:b4:34:33:74:8c:
a1:08:54:e5:4b:e2:da:63:c1:9a:ee:6e:47:fe:55:9b:da:ee:
68:1f:b2:80:42:64:96:34:77:7c:d7:c5:01:8a:1d:f4:ca:bd:
a9:7d:f3:04:60:0e:74:d4:8d:35:dd:84:29:3f:05:ba:37:09:
38:ee:61:4d:27:7c:3e:0d:f6:6e:eb:a8:bd:9d:2c:01:44:95:
05:31:25:28:a4:16:6e:0b:da:b2:f0:10:d4:fc:48:7b:5c:e8:
c3:a7:4c:8f:99:16:94:d1:2f:12:57:26:74:c6:a1:8d:94:1e:
2d:5e:df:69:f1:c2:ad:13:02:96:af:19:5b:9c:19:65:c2:db:
36:42:b0:9f:3a:2e:25:68:1a:73:9b:32:ca:e3:4c:47:a3:59:
59:96:c9:f5:a8:e0:43:68:bb:05:4a:1a:da:6f:04:37:aa:80:
f6:14:46:19
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY3xCmuLal8ElQRo1lVhPatSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMjI4MTg0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUzMzQyNWQ2YzYxYTZkMGU4ZjNmMzJiYTAxMjAyY2RkNzFmNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLk+kw4aw77g4PAx80nXukc1nee0
VnNzp6DxWq+aJeUhaDnYjTlpe1G1XacsTLaAk90BLfqV5pIEobK3QcMe9otWcHlH
xmNORxViKjEVafzRP4OV3cZSiOvRq+9VKR5MgIO7CoObYGN8pzf3HYI8oGc7F3gI
tFPjAHVGNCoKYk5tYFyTiHcIJQsdVXuKrE45rHqXuQvnPXRsVCYSpVnTYsuJjy2A
S3m+bzvxZFtSgK1gIFw/eiQwTf3DgYRK+W8IORvSC10uqGG1jndNriOWtWq2kJHB
k32ohMOKH/ba84SDlY1nClzsPQHoJUHRAi54d+3acMPbk8aaOZBd7MyXwQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAbjNCXWxhptDo8/MroBICzdcfXJMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQnVNMEpkYkdHbTBPano4eXVnRWdMTjF4OWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALZv8AwQA
LZv/MAwDBAAtndEDBAAtndIDBABPYvYDBAC5x5cDBAC5x9UDBAC54rUwDQYJKoZI
hvcNAQELBQADggEBAFQGHmYFYd5utUAlg3IlLuN4o/D2AaNXQ9w8evr9/nC7a1xR
uMYuzrwMxnZYgzxSoctIqFmUbM3slo5u8t9S94r/ipNnHgNbiMzlSfB8hvGv9baw
Xw20NDN0jKEIVOVL4tpjwZrubkf+VZva7mgfsoBCZJY0d3zXxQGKHfTKval98wRg
DnTUjTXdhCk/Bbo3CTjuYU0nfD4N9m7rqL2dLAFElQUxJSikFm4L2rLwENT8SHtc
6MOnTI+ZFpTRLxJXJnTGoY2UHi1e32nxwq0TApavGVucGWXC2zZCsJ86LiVoGnOb
MsrjTEejWVmWyfWo4ENouwVKGtpvBDeqgPYURhk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org