Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/CYQgGjYv6oJg--uYg-DWPM3HyZU.roa
File: CYQgGjYv6oJg--uYg-DWPM3HyZU.roa (raw, json)
Hash identifier: ydNNbxjgCpPqmCtQH/Uh+0bacRgXqovKKqLmmuzs3Mc=
Subject key identifier: 09:84:20:1A:36:2F:EA:82:60:FB:EB:98:83:E0:D6:3C:CD:C7:C9:95
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018C9B521A1A89BA153C24CFFD26A21AEBFC
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/CYQgGjYv6oJg--uYg-DWPM3HyZU.roa
Signing time: Sun 24 Dec 2023 10:14:58 +0000
ROA not before: Sun 24 Dec 2023 10:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 13:14:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:52:1a:1a:89:ba:15:3c:24:cf:fd:26:a2:1a:eb:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 24 10:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0984201a362fea8260fbeb9883e0d63ccdc7c995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7e:75:cb:4c:fe:ad:ec:d5:33:5b:10:05:d5:
e0:ec:c1:ea:cd:71:b8:36:9f:34:cf:70:c6:36:c1:
92:f5:44:11:23:44:c2:70:d8:b8:96:b7:c2:a4:bb:
9c:39:1f:08:3d:3d:08:57:b4:b4:f6:23:95:d5:50:
88:08:61:3e:85:a7:27:8f:f1:d5:12:bc:40:dd:25:
6a:fd:98:ca:9b:ff:ea:fe:51:c8:1a:ce:13:27:75:
29:73:66:4e:4d:ab:a0:a7:47:51:70:8f:18:fe:d7:
56:70:06:a5:06:7d:b5:95:4f:1f:8d:9e:32:57:aa:
e5:6c:18:62:c8:a6:11:b1:e7:88:9f:ba:a6:d7:20:
f0:e0:81:9a:43:61:3e:c2:db:de:2b:72:18:a0:3a:
eb:85:38:c4:d2:3c:aa:8e:cb:dc:76:84:72:4e:2e:
8b:b0:bd:e2:28:a3:2c:68:f8:57:8e:d4:42:48:96:
97:88:0b:4d:e4:20:92:96:0f:f6:78:c4:43:53:b1:
96:b3:ff:38:4a:d0:8a:cc:0c:03:ec:91:d5:5c:da:
66:b7:14:37:cc:c3:c2:49:d3:81:ef:35:ba:61:3c:
a8:1e:6a:81:95:59:b8:70:72:46:74:7d:c8:89:be:
67:e5:55:a3:59:93:df:32:e1:01:ee:3c:42:94:b1:
b7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:84:20:1A:36:2F:EA:82:60:FB:EB:98:83:E0:D6:3C:CD:C7:C9:95
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/CYQgGjYv6oJg--uYg-DWPM3HyZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.211.0/24
176.125.251.0/24
185.199.149.0/24
185.199.151.0/24
185.199.212.0/23
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:f7:e5:3a:ba:7f:da:c5:b0:8d:3b:05:fc:b2:8f:9c:cb:c8:
5d:bf:a0:1c:48:92:7a:63:5f:70:20:b8:ca:54:4e:6d:42:71:
7e:25:c1:24:b4:e1:58:33:a2:41:de:47:22:d0:9d:9b:ed:a1:
4e:71:3a:5a:ba:c4:b5:e7:b0:c6:8c:85:b5:fa:3d:ef:3a:b2:
f8:2a:1f:12:d7:34:1d:ed:6f:92:76:1f:c0:6d:68:b6:86:8b:
32:c4:f1:dc:28:88:f4:d6:ba:a1:89:84:5b:22:eb:04:f2:d2:
b8:c6:a2:23:a7:eb:c0:73:14:e4:4a:bf:cf:06:26:9a:7a:2f:
ea:32:2c:0c:f7:9b:61:d2:f0:71:06:99:cb:dc:fe:a1:42:67:
8e:db:cf:38:13:16:e9:76:a5:71:15:ce:a5:32:62:0f:c2:8d:
3b:4f:29:da:84:fb:8b:bf:32:54:82:c3:1c:33:05:b0:23:08:
5f:ba:2b:f9:7d:05:05:f7:37:06:5e:51:40:5c:81:24:76:90:
45:7e:58:72:61:8a:33:0f:98:63:df:7e:49:5c:fc:9c:eb:8a:
f3:29:01:c6:38:59:2c:f5:83:a3:68:3a:7f:cd:e8:84:d3:c9:
96:43:77:b2:b9:f3:37:9b:91:46:41:b4:4b:17:cc:57:fa:5c:
aa:26:06:c3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYybUhoaiboVPCTP/SaiGuv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjI0MTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg0MjAxYTM2MmZlYTgyNjBmYmViOTg4M2UwZDYzY2NkYzdjOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon51y0z+rezVM1sQBdXg7MHqzXG4
Np80z3DGNsGS9UQRI0TCcNi4lrfCpLucOR8IPT0IV7S09iOV1VCICGE+hacnj/HV
ErxA3SVq/ZjKm//q/lHIGs4TJ3Upc2ZOTaugp0dRcI8Y/tdWcAalBn21lU8fjZ4y
V6rlbBhiyKYRseeIn7qm1yDw4IGaQ2E+wtveK3IYoDrrhTjE0jyqjsvcdoRyTi6L
sL3iKKMsaPhXjtRCSJaXiAtN5CCSlg/2eMRDU7GWs/84StCKzAwD7JHVXNpmtxQ3
zMPCSdOB7zW6YTyoHmqBlVm4cHJGdH3Iib5n5VWjWZPfMuEB7jxClLG3cQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAmEIBo2L+qCYPvrmIPg1jzNx8mVMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQ1lRZ0dqWXY2b0pnLS11WWctRFdQTTNIeVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZv8AwQA
LZv/AwQALZ3TAwQAsH37AwQAuceVAwQAuceXAwQBucfUAwQAufoaAwQBwpJcMA0G
CSqGSIb3DQEBCwUAA4IBAQDS9+U6un/axbCNOwX8so+cy8hdv6AcSJJ6Y19wILjK
VE5tQnF+JcEktOFYM6JB3kci0J2b7aFOcTpausS157DGjIW1+j3vOrL4Kh8S1zQd
7W+Sdh/AbWi2hosyxPHcKIj01rqhiYRbIusE8tK4xqIjp+vAcxTkSr/PBiaaei/q
MiwM95th0vBxBpnL3P6hQmeO2884ExbpdqVxFc6lMmIPwo07TynahPuLvzJUgsMc
MwWwIwhfuiv5fQUF9zcGXlFAXIEkdpBFflhyYYozD5hj335JXPyc64rzKQHGOFks
9YOjaDp/zeiE08mWQ3eyufM3m5FGQbRLF8xX+lyqJgbD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org