Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/C-XwBq_BGRjaPNIHbALi_38WjD0.roa
File: C-XwBq_BGRjaPNIHbALi_38WjD0.roa (raw, json)
Hash identifier: ZJiz+AjlknwPvAFRNWJeogzrQLu1Prl4lIli/h82d64=
Subject key identifier: 0B:E5:F0:06:AF:C1:19:18:DA:3C:D2:07:6C:02:E2:FF:7F:16:8C:3D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01894B912939B1BE923637E2D73FE43AA963
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/C-XwBq_BGRjaPNIHbALi_38WjD0.roa
Signing time: Wed 12 Jul 2023 19:25:51 +0000
ROA not before: Wed 12 Jul 2023 19:25:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4b:91:29:39:b1:be:92:36:37:e2:d7:3f:e4:3a:a9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 12 19:25:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0be5f006afc11918da3cd2076c02e2ff7f168c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:05:05:b4:62:a5:35:c4:32:65:c1:bf:ec:
30:61:38:79:57:54:55:b9:57:7c:8f:e9:19:d3:8b:
84:a5:b6:02:2c:6a:4a:d7:f2:ac:82:31:5d:80:51:
5c:c2:db:22:9f:bb:59:f0:6e:42:5b:81:18:45:32:
04:2c:b3:72:77:a2:be:a3:6a:5e:a9:b4:5d:9a:17:
cd:da:15:54:e7:ab:ce:cf:ad:7c:00:84:3f:c5:28:
62:6b:d7:e5:57:e2:66:17:92:2b:c5:eb:b0:83:09:
c1:fa:1b:23:53:54:a4:05:d7:62:98:8f:23:b2:49:
7f:6a:3e:76:e8:c4:f7:44:e2:6f:c2:94:65:bb:7f:
99:01:50:7e:2d:9c:e2:e1:a2:1c:9d:fb:ee:2d:dc:
e9:52:fa:21:5d:49:6e:5b:d2:ee:4b:c9:7b:16:31:
b5:28:a9:66:c8:01:23:d0:02:68:51:54:52:fe:b9:
10:04:54:dc:ab:e5:c1:09:52:0e:b5:76:4f:fc:36:
28:d1:90:81:f1:7a:e2:64:5f:90:1f:35:e3:b9:7d:
bb:07:83:17:67:6a:d0:83:66:b0:7e:71:10:14:8f:
0a:cd:63:71:ee:1d:5a:c9:a7:4b:e3:b1:ae:69:3f:
62:20:28:3f:02:8e:17:85:49:c3:a1:02:47:d1:dc:
5c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E5:F0:06:AF:C1:19:18:DA:3C:D2:07:6C:02:E2:FF:7F:16:8C:3D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/C-XwBq_BGRjaPNIHbALi_38WjD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.246.0/23
185.225.170.0/24
185.226.181.0/24
185.250.26.0/24
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1a:77:bd:a7:3d:90:5e:3a:73:2b:60:e9:de:ba:dd:8e:a5:
65:ac:1c:eb:77:a5:6c:e2:c7:b3:73:db:75:11:b4:e4:f7:40:
72:4e:61:76:49:db:2e:b5:eb:8d:0e:2a:9e:c0:42:5c:df:4d:
c0:4a:77:43:55:1f:b7:db:4b:2d:b3:f4:74:a0:d3:c1:89:6a:
77:93:9e:23:d9:57:9d:84:20:08:e5:a1:35:31:fa:23:74:be:
d3:e1:3c:8c:6d:bf:10:5a:fe:e5:72:6d:52:ab:72:5d:b7:09:
dd:33:d5:0e:ed:6b:f9:81:70:1c:99:97:cd:eb:15:bc:cc:f8:
a6:bf:06:2a:07:5a:a0:c3:13:df:96:9d:ba:ab:04:93:0f:99:
76:5a:51:b5:54:a8:46:48:eb:3f:f9:26:32:d7:12:5c:f9:29:
d9:29:f2:7c:4a:57:5f:ed:50:ba:53:62:6b:66:ac:70:e2:e8:
a1:11:8e:6b:ad:2e:99:31:f3:9f:56:e5:7f:34:99:5c:eb:d0:
79:05:96:05:15:31:e7:1a:d9:6b:87:58:03:b8:f1:50:aa:c1:
2b:9e:cd:71:8d:6d:92:23:eb:cb:9a:b0:e0:29:24:29:4c:0c:
19:99:03:58:c5:71:6e:94:11:b2:28:15:82:36:40:c5:69:31:
c8:5b:b9:51
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYlLkSk5sb6SNjfi1z/kOqljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNzEyMTkyNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmU1ZjAwNmFmYzExOTE4ZGEzY2QyMDc2YzAyZTJmZjdmMTY4YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKkFBbRipTXEMmXBv+wwYTh5V1RV
uVd8j+kZ04uEpbYCLGpK1/KsgjFdgFFcwtsin7tZ8G5CW4EYRTIELLNyd6K+o2pe
qbRdmhfN2hVU56vOz618AIQ/xShia9flV+JmF5IrxeuwgwnB+hsjU1SkBddimI8j
skl/aj526MT3ROJvwpRlu3+ZAVB+LZzi4aIcnfvuLdzpUvohXUluW9LuS8l7FjG1
KKlmyAEj0AJoUVRS/rkQBFTcq+XBCVIOtXZP/DYo0ZCB8XriZF+QHzXjuX27B4MX
Z2rQg2awfnEQFI8KzWNx7h1ayadL47GuaT9iICg/Ao4XhUnDoQJH0dxcyQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAvl8AavwRkY2jzSB2wC4v9/Fow9MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQy1Yd0JxX0JHUmphUE5JSGJBTGlfMzhXakQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZv8AwQA
LZv/AwQALZ3RAwQBT2L2AwQAueGqAwQAueK1AwQAufoaAwQAwpJdMA0GCSqGSIb3
DQEBCwUAA4IBAQCEGne9pz2QXjpzK2Dp3rrdjqVlrBzrd6Vs4sezc9t1EbTk90By
TmF2SdsuteuNDiqewEJc303ASndDVR+320sts/R0oNPBiWp3k54j2VedhCAI5aE1
MfojdL7T4TyMbb8QWv7lcm1Sq3JdtwndM9UO7Wv5gXAcmZfN6xW8zPimvwYqB1qg
wxPflp26qwSTD5l2WlG1VKhGSOs/+SYy1xJc+SnZKfJ8Sldf7VC6U2JrZqxw4uih
EY5rrS6ZMfOfVuV/NJlc69B5BZYFFTHnGtlrh1gDuPFQqsErns1xjW2SI+vLmrDg
KSQpTAwZmQNYxXFulBGyKBWCNkDFaTHIW7lR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:11 2023 by rpki-client on console-ams.rpki-client.org