Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Cf3plB53ce17H6zkTaKSfCbecfI.roa
File: Cf3plB53ce17H6zkTaKSfCbecfI.roa (raw, json)
Hash identifier: 5uRK3lKlGz1V5QmSGQdXtV39m9htLEYfSSF2XvG5Wyc=
Subject key identifier: 09:FD:E9:94:1E:77:71:ED:7B:1F:AC:E4:4D:A2:92:7C:26:DE:71:F2
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018D0D303B5A822CC1D944C511B3BBC74710
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Cf3plB53ce17H6zkTaKSfCbecfI.roa
Signing time: Mon 15 Jan 2024 12:54:41 +0000
ROA not before: Mon 15 Jan 2024 12:54:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 22:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:30:3b:5a:82:2c:c1:d9:44:c5:11:b3:bb:c7:47:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 15 12:54:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09fde9941e7771ed7b1face44da2927c26de71f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:45:44:12:10:3c:24:9b:5e:2f:d3:cb:a1:9e:
a6:89:c1:97:46:09:0c:d8:9c:d1:9f:11:02:62:8b:
14:cc:25:f1:85:59:3d:8d:d2:ff:d0:ec:0d:fa:03:
26:de:4e:13:f7:fb:4e:ae:ea:67:28:17:a9:4f:61:
9c:0a:50:ee:77:9d:31:05:ad:d0:94:b5:ae:a6:a5:
2a:7f:d3:6b:cd:06:d1:d0:56:ec:47:dd:6d:cd:68:
d7:dd:14:44:d1:bd:89:7e:19:6a:86:3b:ad:44:fc:
19:ed:69:de:22:c0:ca:51:ab:32:6b:a7:2b:c6:f9:
ad:47:31:92:85:8c:ed:3b:ec:92:12:b6:29:c2:f8:
b4:47:e0:ff:89:9e:bb:c9:03:50:6d:aa:f8:f5:79:
27:5c:18:10:c5:16:06:7c:c4:d5:c2:97:99:97:d7:
64:3c:6f:47:02:72:ed:e4:e3:9b:d9:ee:5e:bd:d5:
96:e3:d2:fe:fc:a5:61:a5:59:c6:01:38:a9:fb:e3:
17:01:4c:02:4a:b2:07:55:2f:df:08:9d:4a:d5:da:
fe:f6:b2:59:c8:31:b5:82:44:28:1c:96:7f:89:22:
f0:d3:4d:eb:c5:2a:6e:77:d7:28:e9:d1:69:7f:6d:
97:4c:62:ac:7e:2b:47:d1:48:4e:0a:91:18:f5:b2:
e6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FD:E9:94:1E:77:71:ED:7B:1F:AC:E4:4D:A2:92:7C:26:DE:71:F2
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Cf3plB53ce17H6zkTaKSfCbecfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.246.0/23
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:a1:10:c0:3d:73:e5:54:2e:a8:1a:a2:37:29:4e:c5:4e:ea:
96:36:43:62:23:13:7a:3e:90:35:4e:e5:49:5b:3f:96:79:a3:
71:93:1b:01:7a:f3:8b:52:1d:fa:fa:a1:b3:b3:1d:10:65:89:
fa:6b:0c:66:18:6e:f1:75:ee:f4:56:c2:b4:f1:f8:73:59:4e:
7d:04:31:db:12:ce:63:e5:7f:c1:8f:bf:68:48:ca:07:7b:61:
aa:0d:90:8e:a7:40:d8:f1:87:18:81:f6:4e:79:85:d9:3d:43:
24:3f:6e:53:da:0d:08:68:13:da:a6:96:08:03:5b:ee:85:87:
1e:ff:01:a6:5d:65:c2:4c:fc:46:59:47:51:66:f9:3f:f7:01:
e5:1b:1a:49:6e:f3:aa:10:70:48:20:7d:f0:50:e1:35:c1:33:
c9:d2:c1:c0:07:29:e9:24:90:36:ee:d6:5b:f3:00:63:5d:d3:
ff:e4:41:0b:41:00:92:4d:75:02:4f:4e:af:37:bb:c7:97:47:
39:40:15:df:a1:3b:ca:92:4b:0d:27:a3:78:5b:aa:f9:bc:73:
43:36:ab:93:7b:f1:16:e8:71:87:d0:50:fc:b4:9b:c6:db:cf:
4c:98:47:0a:b2:c0:d7:69:31:b1:84:bd:5c:86:26:fa:fb:04:
1e:9c:a9:61
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0NMDtagizB2UTFEbO7x0cQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTE1MTI1NDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZkZTk5NDFlNzc3MWVkN2IxZmFjZTQ0ZGEyOTI3YzI2ZGU3MWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkVEEhA8JJteL9PLoZ6micGXRgkM
2JzRnxECYosUzCXxhVk9jdL/0OwN+gMm3k4T9/tOrupnKBepT2GcClDud50xBa3Q
lLWupqUqf9NrzQbR0FbsR91tzWjX3RRE0b2JfhlqhjutRPwZ7WneIsDKUasya6cr
xvmtRzGShYztO+ySErYpwvi0R+D/iZ67yQNQbar49XknXBgQxRYGfMTVwpeZl9dk
PG9HAnLt5OOb2e5evdWW49L+/KVhpVnGATip++MXAUwCSrIHVS/fCJ1K1dr+9rJZ
yDG1gkQoHJZ/iSLw003rxSpud9co6dFpf22XTGKsfitH0UhOCpEY9bLmOQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAn96ZQed3Htex+s5E2iknwm3nHyMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQ2YzcGxCNTNjZTE3SDZ6a1RhS1NmQ2JlY2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZv8AwQA
LZv/AwQALZ3RAwQBT2L2AwQAuceXAwQAucfVAwQAueK1MA0GCSqGSIb3DQEBCwUA
A4IBAQBNoRDAPXPlVC6oGqI3KU7FTuqWNkNiIxN6PpA1TuVJWz+WeaNxkxsBevOL
Uh36+qGzsx0QZYn6awxmGG7xde70VsK08fhzWU59BDHbEs5j5X/Bj79oSMoHe2Gq
DZCOp0DY8YcYgfZOeYXZPUMkP25T2g0IaBPappYIA1vuhYce/wGmXWXCTPxGWUdR
Zvk/9wHlGxpJbvOqEHBIIH3wUOE1wTPJ0sHABynpJJA27tZb8wBjXdP/5EELQQCS
TXUCT06vN7vHl0c5QBXfoTvKkksNJ6N4W6r5vHNDNquTe/EW6HGH0FD8tJvG289M
mEcKssDXaTGxhL1chib6+wQenKlh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org