Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Ct9ZVG3tFWkXm6qkfHGIpu4sWlo.roa
File: Ct9ZVG3tFWkXm6qkfHGIpu4sWlo.roa (raw, json)
Hash identifier: +DA9Bl5Ob0Jude+B2gxhc+zLR1GIRbHBh8Ct95PQbjY=
Subject key identifier: 0A:DF:59:54:6D:ED:15:69:17:9B:AA:A4:7C:71:88:A6:EE:2C:5A:5A
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CD374FB31F101FE602BCFA2F20788A632
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Ct9ZVG3tFWkXm6qkfHGIpu4sWlo.roa
Signing time: Thu 04 Jan 2024 07:51:48 +0000
ROA not before: Thu 04 Jan 2024 07:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 45.157.211.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 12:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:74:fb:31:f1:01:fe:60:2b:cf:a2:f2:07:88:a6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 4 07:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0adf59546ded1569179baaa47c7188a6ee2c5a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b7:dc:1c:4a:53:de:9c:0b:b6:f3:c3:dd:12:
8a:5c:d6:2f:1a:97:99:30:95:4b:50:68:1a:db:e5:
b1:5c:85:97:ae:83:29:cf:2d:ef:0f:d1:1e:22:de:
11:13:aa:b3:86:29:e6:e5:e8:c4:bc:47:dc:9d:e7:
2b:1a:f7:24:50:67:31:53:e5:8e:ce:79:c7:47:4a:
58:d1:2c:d3:5e:c9:59:4c:b5:31:f6:d3:d7:5d:f2:
98:1a:82:0e:5c:30:de:51:57:33:e0:f9:80:a7:c2:
76:b4:9d:c7:2d:a3:c7:eb:83:3c:ce:2c:c5:af:79:
ba:28:19:31:27:0f:e6:9a:3c:40:e0:91:59:62:f1:
99:e7:ec:dd:5c:2c:34:94:3c:d9:31:3e:ad:17:ba:
f5:62:57:cb:ba:71:a0:bf:53:6a:dd:8b:7c:d9:10:
dd:9b:e2:66:0e:bf:20:8c:c4:92:80:d6:0c:c1:f6:
8a:83:66:2a:2b:f6:62:9e:c3:7f:a2:65:20:58:93:
93:a0:9a:b4:c0:69:f5:b5:07:e1:3b:fa:e3:96:1f:
e0:0d:29:94:b5:9f:f8:99:6c:dc:05:99:a1:59:80:
e5:3b:0d:44:a7:34:a6:23:f5:90:30:2b:93:83:22:
74:ff:2c:ad:c9:ac:23:19:89:7f:d0:17:bf:70:a6:
7f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:DF:59:54:6D:ED:15:69:17:9B:AA:A4:7C:71:88:A6:EE:2C:5A:5A
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Ct9ZVG3tFWkXm6qkfHGIpu4sWlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.211.0/24
79.98.246.0/23
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
84:b7:37:ea:45:87:ae:9f:91:4d:8d:49:a3:21:7e:66:57:a7:
59:e9:68:d1:0f:df:57:20:5c:a3:11:3a:25:68:2d:e8:20:fc:
3f:8b:96:34:3e:3d:59:52:a2:70:fa:06:c8:51:94:07:4b:df:
57:8e:b5:c2:63:ea:a7:80:5a:80:c4:3e:2e:80:90:15:6a:f0:
5e:39:b6:cb:f6:a1:4f:00:8a:6c:d3:66:10:a2:40:06:93:fb:
25:ad:ab:ec:1a:c4:c3:a1:05:0f:0c:3c:29:c2:7f:1c:9c:f5:
2f:cb:19:79:ba:24:5b:61:bf:cf:14:ff:0c:40:bb:db:c7:cb:
ad:cb:ca:bc:19:a7:9f:d8:2c:bc:3c:76:ca:69:d3:b9:78:bf:
f4:da:2a:97:94:54:61:72:07:60:58:62:70:10:a7:2a:71:8f:
bc:bc:11:c3:d4:a3:87:40:36:d1:f9:bc:4c:9c:31:34:27:0b:
71:f2:4a:ea:0d:fb:49:eb:f9:6e:7c:d0:c6:0d:28:bd:b4:02:
f2:04:d3:b5:5f:7e:fe:62:91:b2:60:4d:e2:8b:05:e1:c5:b4:
a1:b6:26:ba:a9:b9:56:b5:ba:24:53:f2:eb:d0:b7:86:11:cc:
e6:97:b5:45:af:09:19:c2:83:6b:95:75:f6:4b:db:f9:26:91:
a7:50:3b:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzTdPsx8QH+YCvPovIHiKYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTA0MDc1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWRmNTk1NDZkZWQxNTY5MTc5YmFhYTQ3YzcxODhhNmVlMmM1YTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37fcHEpT3pwLtvPD3RKKXNYvGpeZ
MJVLUGga2+WxXIWXroMpzy3vD9EeIt4RE6qzhinm5ejEvEfcnecrGvckUGcxU+WO
znnHR0pY0SzTXslZTLUx9tPXXfKYGoIOXDDeUVcz4PmAp8J2tJ3HLaPH64M8zizF
r3m6KBkxJw/mmjxA4JFZYvGZ5+zdXCw0lDzZMT6tF7r1YlfLunGgv1Nq3Yt82RDd
m+JmDr8gjMSSgNYMwfaKg2YqK/ZinsN/omUgWJOToJq0wGn1tQfhO/rjlh/gDSmU
tZ/4mWzcBZmhWYDlOw1EpzSmI/WQMCuTgyJ0/yytyawjGYl/0Be/cKZ/FwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFArfWVRt7RVpF5uqpHxxiKbuLFpaMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQ3Q5WlZHM3RGV2tYbTZxa2ZIR0lwdTRzV2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZ3TAwQB
T2L2AwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQCEtzfqRYeun5FNjUmjIX5mV6dZ
6WjRD99XIFyjETolaC3oIPw/i5Y0Pj1ZUqJw+gbIUZQHS99XjrXCY+qngFqAxD4u
gJAVavBeObbL9qFPAIps02YQokAGk/slravsGsTDoQUPDDwpwn8cnPUvyxl5uiRb
Yb/PFP8MQLvbx8uty8q8Gaef2Cy8PHbKadO5eL/02iqXlFRhcgdgWGJwEKcqcY+8
vBHD1KOHQDbR+bxMnDE0Jwtx8krqDftJ6/lufNDGDSi9tALyBNO1X37+YpGyYE3i
iwXhxbShtia6qblWtbokU/Lr0LeGEczml7VFrwkZwoNrlXX2S9v5JpGnUDsZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org