Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/FbN0ecRXU4CgbmptcGb_-0FfcSU.roa
File: FbN0ecRXU4CgbmptcGb_-0FfcSU.roa (raw, json)
Hash identifier: CbZutrP6G6NHT17qDYIqdFOe3DIobRy8ZLgqfApexWM=
Subject key identifier: 15:B3:74:79:C4:57:53:80:A0:6E:6A:6D:70:66:FF:FB:41:5F:71:25
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018C91CDE3407D22F936BD5293A9536D615B
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/FbN0ecRXU4CgbmptcGb_-0FfcSU.roa
Signing time: Fri 22 Dec 2023 13:53:58 +0000
ROA not before: Fri 22 Dec 2023 13:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205663
IP address blocks: 45.157.210.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:cd:e3:40:7d:22:f9:36:bd:52:93:a9:53:6d:61:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 22 13:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15b37479c4575380a06e6a6d7066fffb415f7125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7c:a3:22:0a:9d:b1:9a:51:91:27:96:1f:41:
ae:cb:ad:20:19:2c:5f:7f:18:67:ad:5e:89:28:42:
0a:d2:32:9f:9b:ed:cb:c8:b7:47:2f:7f:f2:73:19:
6b:0d:16:7d:79:7a:b1:fe:3f:5f:50:3c:aa:f2:e1:
28:19:eb:e5:a7:2f:d6:d6:50:35:d5:9e:5e:49:78:
ff:64:4b:e5:36:d8:1e:13:c5:31:0e:a9:13:87:6c:
d3:34:74:a9:0b:9c:58:9d:10:f6:9a:6f:32:00:99:
f1:d5:77:33:a7:5d:15:3a:ef:73:03:b2:8d:96:7c:
d7:70:96:3e:27:f0:84:19:e2:e6:3a:53:a1:bf:2c:
c8:ae:8c:4a:7a:c2:8f:b6:1b:78:f2:65:38:6f:15:
31:ec:b3:08:13:f8:8c:dc:22:e4:96:b2:03:7e:19:
80:a7:4f:e5:bf:82:38:23:3e:85:94:d9:87:0c:f8:
d5:84:15:d8:dd:ac:d8:1a:1e:01:4c:41:90:a3:90:
5f:90:77:e5:e0:06:12:8d:73:c2:66:e5:f2:a7:72:
78:12:25:f3:32:23:9b:a7:27:e7:d9:62:e7:b7:76:
7c:72:b8:c8:81:55:93:07:bd:a2:88:82:dc:fe:66:
39:a9:09:15:09:08:bb:64:4b:5f:e8:65:7a:fe:db:
47:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B3:74:79:C4:57:53:80:A0:6E:6A:6D:70:66:FF:FB:41:5F:71:25
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/FbN0ecRXU4CgbmptcGb_-0FfcSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.209.0-45.157.210.255
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
67:87:e2:3c:be:f6:53:20:69:3a:c7:8e:2c:8d:c1:72:b8:37:
6c:60:d9:f0:98:36:91:2a:7f:3b:0b:67:4d:84:ff:26:2c:f1:
fe:4d:d4:69:3a:a3:8a:be:54:4f:c6:ed:80:44:23:29:bb:ed:
85:b2:d8:77:33:5f:ef:c8:d4:7c:38:15:6a:0c:a3:f2:aa:5d:
a6:c7:90:51:03:5d:95:9f:0a:52:ea:8a:c8:72:a4:42:c3:5e:
f2:9a:bf:51:47:81:c1:57:23:64:b5:1b:5b:a7:8f:e6:64:1c:
59:49:e3:48:0b:df:a3:b4:50:2f:cb:63:99:e8:fe:1f:57:ad:
29:be:b1:9c:23:d7:dd:0b:20:e9:5a:e3:eb:e5:c1:91:c7:09:
8a:b2:a3:a1:6a:28:e5:f7:bb:5d:61:24:5f:2f:ec:11:36:5a:
37:4e:1d:8c:fe:83:e1:d1:13:70:03:bc:51:c7:8e:a0:4c:c5:
da:f7:ed:a1:25:52:22:25:e9:bf:8b:2e:b9:f2:9e:04:cb:1e:
df:0b:cf:cb:90:73:e1:ef:e6:56:1c:1c:ce:8b:0b:86:94:4b:
fc:66:68:6b:99:f5:11:6b:07:52:83:30:eb:58:fa:63:17:2b:
7c:7f:85:3d:54:ae:7b:be:b7:80:b7:93:a7:50:cc:0f:77:49:
78:fd:ee:33
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYyRzeNAfSL5Nr1Sk6lTbWFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjIyMTM1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWIzNzQ3OWM0NTc1MzgwYTA2ZTZhNmQ3MDY2ZmZmYjQxNWY3MTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23yjIgqdsZpRkSeWH0Guy60gGSxf
fxhnrV6JKEIK0jKfm+3LyLdHL3/ycxlrDRZ9eXqx/j9fUDyq8uEoGevlpy/W1lA1
1Z5eSXj/ZEvlNtgeE8UxDqkTh2zTNHSpC5xYnRD2mm8yAJnx1Xczp10VOu9zA7KN
lnzXcJY+J/CEGeLmOlOhvyzIroxKesKPtht48mU4bxUx7LMIE/iM3CLklrIDfhmA
p0/lv4I4Iz6FlNmHDPjVhBXY3azYGh4BTEGQo5BfkHfl4AYSjXPCZuXyp3J4EiXz
MiObpyfn2WLnt3Z8crjIgVWTB72iiILc/mY5qQkVCQi7ZEtf6GV6/ttHVwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBWzdHnEV1OAoG5qbXBm//tBX3ElMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvRmJOMGVjUlhVNENnYm1wdGNHYl8tMEZmY1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtndED
BAAtndIDBAC54rUwDQYJKoZIhvcNAQELBQADggEBAGeH4jy+9lMgaTrHjiyNwXK4
N2xg2fCYNpEqfzsLZ02E/yYs8f5N1Gk6o4q+VE/G7YBEIym77YWy2HczX+/I1Hw4
FWoMo/KqXabHkFEDXZWfClLqishypELDXvKav1FHgcFXI2S1G1unj+ZkHFlJ40gL
36O0UC/LY5no/h9XrSm+sZwj190LIOla4+vlwZHHCYqyo6FqKOX3u11hJF8v7BE2
WjdOHYz+g+HRE3ADvFHHjqBMxdr37aElUiIl6b+LLrnyngTLHt8Lz8uQc+Hv5lYc
HM6LC4aUS/xmaGuZ9RFrB1KDMOtY+mMXK3x/hT1Urnu+t4C3k6dQzA93SXj97jM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org