Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/IEISJsgjX5ldVXjVplF3bWqomQU.roa
File: IEISJsgjX5ldVXjVplF3bWqomQU.roa (raw, json)
Hash identifier: vMxqanbU9IP6LTZS6J4lABe0vsLljhMiaWdFnJzfwD8=
Subject key identifier: 20:42:12:26:C8:23:5F:99:5D:55:78:D5:A6:51:77:6D:6A:A8:99:05
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018EC9588BEF8A3CC7DD026FC53E0EC56B3A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/IEISJsgjX5ldVXjVplF3bWqomQU.roa
Signing time: Wed 10 Apr 2024 18:50:07 +0000
ROA not before: Wed 10 Apr 2024 18:50:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.27.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 08:54:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:58:8b:ef:8a:3c:c7:dd:02:6f:c5:3e:0e:c5:6b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 10 18:50:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20421226c8235f995d5578d5a651776d6aa89905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0b:62:ba:be:92:74:68:bd:cc:f3:27:ba:35:
25:9c:70:5d:26:94:ba:95:92:83:58:e1:d2:42:fc:
54:cb:10:f3:61:9c:4b:50:d4:b4:a2:0a:b8:6f:22:
11:e6:b0:41:87:04:44:79:cb:16:53:b6:9f:48:cf:
5e:b0:45:05:5d:02:fd:a4:c9:87:d2:ea:3c:94:c1:
fa:3f:83:ab:78:51:d7:92:a6:1d:83:3c:3b:4a:36:
aa:1a:1d:80:3f:72:b6:06:af:13:cf:4a:b9:d2:fd:
e7:c3:a5:dc:55:c3:1f:17:82:df:ac:cc:c3:42:91:
79:7d:79:15:fb:83:e7:90:7c:b6:d7:25:2f:0c:41:
40:72:61:4f:8d:fd:f4:56:16:e6:88:69:3d:6c:11:
93:db:a0:44:5e:4d:73:98:e7:de:0f:63:5f:1e:60:
7a:c6:69:2c:97:a1:b8:a4:b9:8a:41:2e:08:4c:37:
f3:89:74:d0:bc:ab:fc:b8:7f:25:27:61:28:dd:cf:
32:47:0e:d6:86:04:aa:96:34:5a:37:f6:c2:87:a3:
9f:38:00:33:ee:fe:80:d0:1c:4a:0b:da:22:d5:50:
35:ad:b0:8c:df:b8:9c:da:38:d1:80:f6:1d:36:53:
7c:9b:ce:5c:8a:ce:64:71:da:a3:2b:44:fc:db:26:
cb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:42:12:26:C8:23:5F:99:5D:55:78:D5:A6:51:77:6D:6A:A8:99:05
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/IEISJsgjX5ldVXjVplF3bWqomQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
79.98.246.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
185.250.27.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:1d:30:2d:2b:86:99:08:3d:78:93:3b:35:a6:fc:78:ad:22:
26:b1:29:d4:88:0f:ac:85:2f:4e:f7:a6:2b:1c:b4:4a:ef:61:
61:ee:f4:d0:38:5e:b5:90:5f:d5:88:11:a4:78:28:ca:67:dd:
fe:ec:d6:29:28:69:53:76:80:77:27:0b:d9:4f:59:ed:15:46:
55:af:65:77:82:3a:ce:3a:8c:f6:aa:b2:40:56:7c:66:fa:47:
fe:42:57:d5:d4:ef:50:ed:f4:c7:65:e8:73:0e:15:7c:53:a4:
38:3d:28:8e:b0:6d:42:19:e0:c9:97:1c:70:c9:77:87:fd:21:
d6:cc:51:be:80:7c:fe:59:69:52:5c:d9:4c:48:2e:97:b6:3d:
93:29:76:ca:e3:42:12:2b:33:f3:b7:3d:98:c2:05:56:6f:90:
a3:b9:46:4a:40:4a:d6:5c:da:ae:88:b0:47:51:8b:c6:b1:a1:
c7:e2:16:c4:d4:3b:67:f3:2a:ac:12:6b:ea:9d:8a:f8:80:8e:
9d:74:25:06:14:f2:8f:c3:cd:b8:7a:79:e0:20:fd:21:59:31:
31:18:2b:33:6b:74:88:71:b1:e9:5d:f5:30:5f:53:46:1b:ae:
29:46:a9:1c:fc:12:33:95:8b:b5:5a:c1:99:16:00:03:40:b6:
a9:a6:3e:11
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY7JWIvvijzH3QJvxT4OxWs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNDEwMTg1MDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQyMTIyNmM4MjM1Zjk5NWQ1NTc4ZDVhNjUxNzc2ZDZhYTg5OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigtiur6SdGi9zPMnujUlnHBdJpS6
lZKDWOHSQvxUyxDzYZxLUNS0ogq4byIR5rBBhwREecsWU7afSM9esEUFXQL9pMmH
0uo8lMH6P4OreFHXkqYdgzw7SjaqGh2AP3K2Bq8Tz0q50v3nw6XcVcMfF4LfrMzD
QpF5fXkV+4PnkHy21yUvDEFAcmFPjf30VhbmiGk9bBGT26BEXk1zmOfeD2NfHmB6
xmksl6G4pLmKQS4ITDfziXTQvKv8uH8lJ2Eo3c8yRw7WhgSqljRaN/bCh6OfOAAz
7v6A0BxKC9oi1VA1rbCM37ic2jjRgPYdNlN8m85cis5kcdqjK0T82ybLVQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCBCEibII1+ZXVV41aZRd21qqJkFMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvSUVJU0pzZ2pYNWxkVlhqVnBsRjNiV3FvbVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZv8AwQA
LZv/AwQAT2L2AwQAsH37AwQAuceXAwQAucfVAwQAueK1AwQAufobAwQAwpJcMA0G
CSqGSIb3DQEBCwUAA4IBAQCmHTAtK4aZCD14kzs1pvx4rSImsSnUiA+shS9O96Yr
HLRK72Fh7vTQOF61kF/ViBGkeCjKZ93+7NYpKGlTdoB3JwvZT1ntFUZVr2V3gjrO
Ooz2qrJAVnxm+kf+QlfV1O9Q7fTHZehzDhV8U6Q4PSiOsG1CGeDJlxxwyXeH/SHW
zFG+gHz+WWlSXNlMSC6Xtj2TKXbK40ISKzPztz2YwgVWb5CjuUZKQErWXNquiLBH
UYvGsaHH4hbE1Dtn8yqsEmvqnYr4gI6ddCUGFPKPw824enngIP0hWTExGCsza3SI
cbHpXfUwX1NGG64pRqkc/BIzlYu1WsGZFgADQLappj4R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org