Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/IrXrLK1xDMuwmG3aeD_UC7E_HW0.roa
File: IrXrLK1xDMuwmG3aeD_UC7E_HW0.roa (raw, json)
Hash identifier: DEz8rKbTqoF0y7VljDQ2MbfQRf5p9sMbhTII/jNh4t4=
Subject key identifier: 22:B5:EB:2C:AD:71:0C:CB:B0:98:6D:DA:78:3F:D4:0B:B1:3F:1D:6D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CC8DF131B5D46FD2FBC2625F4A9639A0B
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/IrXrLK1xDMuwmG3aeD_UC7E_HW0.roa
Signing time: Tue 02 Jan 2024 06:31:51 +0000
ROA not before: Tue 02 Jan 2024 06:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 07:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:13:1b:5d:46:fd:2f:bc:26:25:f4:a9:63:9a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 06:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22b5eb2cad710ccbb0986dda783fd40bb13f1d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0b:84:68:f2:1a:a1:95:eb:a8:c6:af:da:27:
c2:b3:47:69:db:5b:e3:3d:fc:ca:ff:db:0d:93:86:
eb:38:8d:d1:37:1b:31:38:e4:5a:c2:6b:0b:e9:47:
c7:46:fc:80:43:ea:aa:2c:be:5a:fb:ef:b5:7f:78:
67:69:46:10:2d:b2:e5:03:f6:4d:b3:7c:b7:f3:0c:
4c:0a:16:01:d5:c9:e5:4f:dd:de:08:1e:4e:41:de:
3d:f3:77:d0:7b:f5:e9:29:4c:36:24:d1:fb:ab:aa:
ec:75:8f:85:1e:b5:1f:7f:d5:f5:ab:2a:30:bb:00:
56:53:30:4e:c2:fb:ea:44:b3:06:9f:09:f3:a2:14:
7d:24:78:4a:4a:cf:ce:4f:85:f2:39:c2:5a:7e:91:
56:1a:b2:9d:dc:0d:ea:47:d6:cf:ab:cc:c2:ba:e0:
55:8b:97:26:69:9d:a2:27:0a:c3:ea:3b:14:15:5e:
7b:dc:dc:57:37:03:49:6e:d6:0b:fb:43:47:52:39:
a8:33:0c:d9:e5:a0:a1:99:80:fb:35:05:11:3d:80:
74:64:6b:30:85:b7:0b:9b:09:23:3f:b5:2c:ac:af:
59:e9:b8:38:3f:bd:49:40:08:fe:b0:16:97:f0:59:
e3:10:62:c3:26:c8:d5:a8:76:ed:53:b9:72:d5:39:
64:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B5:EB:2C:AD:71:0C:CB:B0:98:6D:DA:78:3F:D4:0B:B1:3F:1D:6D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/IrXrLK1xDMuwmG3aeD_UC7E_HW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
176.125.251.0/24
185.199.149.0/24
185.199.151.0/24
185.199.212.0/23
185.250.26.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:7c:14:41:3d:58:96:08:02:14:65:6f:ad:8e:6d:5a:6e:6d:
a3:2c:90:e6:13:9f:ed:68:a1:2e:46:76:2e:3d:f3:9d:7f:21:
e3:30:8f:2a:52:6f:0a:2e:6e:5b:3b:57:ca:be:4c:2b:7b:f3:
80:48:2e:22:7e:4e:0c:7b:5c:07:d1:57:1a:47:7f:02:b8:34:
e6:ae:35:b7:94:0e:44:89:72:f1:2d:f2:83:03:24:d3:3d:66:
32:d8:28:c6:fc:c9:d8:1a:5f:a7:bd:d3:df:a2:86:7e:77:23:
7f:42:07:99:83:04:cb:10:9d:d5:b9:19:8f:5f:e8:98:74:80:
4d:b8:fe:13:23:03:d3:a2:65:d1:8f:36:1b:16:6a:ad:f8:49:
eb:59:2f:2d:28:05:26:b0:de:70:42:b7:a5:02:71:76:c5:10:
de:9a:bf:77:e3:ec:7d:c0:aa:fc:51:5a:d3:b9:5d:3e:fc:d3:
99:db:0a:b7:d0:39:fe:c2:87:72:19:fd:5c:f8:b0:67:10:b3:
b9:fb:22:3c:f6:b7:9b:60:87:ed:51:8e:7f:7f:fe:90:ac:e8:
67:4e:c8:5a:0d:8a:f0:81:27:c7:01:2b:80:33:9f:e8:6d:cc:
13:26:63:b3:60:31:e3:28:de:85:f9:cb:41:7a:b9:a1:14:13:
39:24:f9:7e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzI3xMbXUb9L7wmJfSpY5oLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTAyMDYzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI1ZWIyY2FkNzEwY2NiYjA5ODZkZGE3ODNmZDQwYmIxM2YxZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtguEaPIaoZXrqMav2ifCs0dp21vj
PfzK/9sNk4brOI3RNxsxOORawmsL6UfHRvyAQ+qqLL5a+++1f3hnaUYQLbLlA/ZN
s3y38wxMChYB1cnlT93eCB5OQd4983fQe/XpKUw2JNH7q6rsdY+FHrUff9X1qyow
uwBWUzBOwvvqRLMGnwnzohR9JHhKSs/OT4XyOcJafpFWGrKd3A3qR9bPq8zCuuBV
i5cmaZ2iJwrD6jsUFV573NxXNwNJbtYL+0NHUjmoMwzZ5aChmYD7NQURPYB0ZGsw
hbcLmwkjP7UsrK9Z6bg4P71JQAj+sBaX8FnjEGLDJsjVqHbtU7ly1TlklQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCK16yytcQzLsJht2ng/1AuxPx1tMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvSXJYckxLMXhETXV3bUczYWVEX1VDN0VfSFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZv8AwQA
LZv/AwQAsH37AwQAuceVAwQAuceXAwQBucfUAwQAufoaAwQAwpJcMA0GCSqGSIb3
DQEBCwUAA4IBAQCMfBRBPViWCAIUZW+tjm1abm2jLJDmE5/taKEuRnYuPfOdfyHj
MI8qUm8KLm5bO1fKvkwre/OASC4ifk4Me1wH0VcaR38CuDTmrjW3lA5EiXLxLfKD
AyTTPWYy2CjG/MnYGl+nvdPfooZ+dyN/QgeZgwTLEJ3VuRmPX+iYdIBNuP4TIwPT
omXRjzYbFmqt+EnrWS8tKAUmsN5wQrelAnF2xRDemr934+x9wKr8UVrTuV0+/NOZ
2wq30Dn+wodyGf1c+LBnELO5+yI89rebYIftUY5/f/6QrOhnTshaDYrwgSfHASuA
M5/obcwTJmOzYDHjKN6F+ctBermhFBM5JPl+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org