Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Jvak0qmGusl_Nih3PsrByS0B0YI.roa
File: Jvak0qmGusl_Nih3PsrByS0B0YI.roa (raw, json)
Hash identifier: tVcZotg/B+dnw+R3datmTx8/65KJ1BCLHOTuDAolw98=
Subject key identifier: 26:F6:A4:D2:A9:86:BA:C9:7F:36:28:77:3E:CA:C1:C9:2D:01:D1:82
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CDE9B98216CCCCEDC785F2D987809FE6B
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Jvak0qmGusl_Nih3PsrByS0B0YI.roa
Signing time: Sat 06 Jan 2024 11:49:48 +0000
ROA not before: Sat 06 Jan 2024 11:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jan 2024 00:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:de:9b:98:21:6c:cc:ce:dc:78:5f:2d:98:78:09:fe:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 6 11:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26f6a4d2a986bac97f3628773ecac1c92d01d182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e7:30:8d:57:63:bc:e7:91:b8:8b:fb:52:65:
79:39:74:62:73:53:be:8f:22:82:be:d2:1a:d9:30:
af:3a:6d:6a:67:81:75:8c:a8:3f:04:bb:b7:13:e9:
82:2f:f5:8a:08:1c:ec:02:46:6b:52:09:dd:a8:ba:
35:ba:44:d3:ff:e4:aa:fb:eb:ef:51:be:6f:a1:62:
7d:6b:f7:f8:a7:90:5b:a2:48:ab:5c:8c:e1:1f:b2:
b2:27:6d:0d:00:ff:b1:62:2b:34:82:d6:97:c7:33:
54:7d:76:56:32:bc:b6:1a:8b:09:fc:55:ea:12:d7:
6b:ca:d1:58:60:a7:a1:36:5c:5e:31:59:46:0b:f0:
ee:59:05:cc:a2:58:3c:a1:47:f0:7a:e7:3b:ba:94:
0f:11:a3:8f:8c:3c:1b:d5:92:b8:03:b8:a0:9c:aa:
ca:f2:ed:d0:ef:c8:bd:a9:14:4e:3c:98:c6:87:83:
27:3b:9e:20:ae:ed:b6:99:60:30:30:71:af:b3:04:
71:a4:e4:b2:5e:39:32:00:f1:02:c2:89:2b:68:4d:
f4:4b:9b:02:09:31:25:fe:68:9f:11:0d:6b:db:a2:
6b:51:25:31:b8:cb:af:f5:32:ad:62:22:a5:a3:37:
ef:50:5b:d4:8d:1e:20:08:ad:6b:67:1c:f5:0d:07:
47:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F6:A4:D2:A9:86:BA:C9:7F:36:28:77:3E:CA:C1:C9:2D:01:D1:82
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Jvak0qmGusl_Nih3PsrByS0B0YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:d6:55:2f:84:0a:51:8e:b9:3b:db:c4:ac:37:33:81:b9:74:
78:4a:16:71:0e:82:f6:ae:7d:ba:c0:40:ed:64:fc:52:77:27:
4c:91:fc:4f:ac:10:49:f1:67:2e:f4:a0:2b:df:2b:ca:ec:3a:
ef:11:4e:12:bf:da:52:08:8c:c3:79:45:8d:9e:49:67:32:60:
ca:06:fb:ce:98:72:e2:e0:20:68:69:2c:88:2e:fb:1c:67:8c:
8f:d6:57:83:2d:cc:f3:25:19:ff:89:c5:86:e8:62:1c:57:4a:
6c:a4:ab:6b:9c:01:e6:20:90:3d:39:07:52:63:ca:0a:e9:33:
45:e8:cc:4b:c2:34:d8:c7:3b:a9:c6:6a:f3:f3:cf:e8:40:cb:
2c:b0:c5:1c:ad:85:da:d2:81:09:a7:e5:9b:26:a1:c9:8a:5d:
ee:3c:ac:db:75:a8:16:ed:14:bb:3b:8e:8c:5f:e4:d7:da:c1:
bb:42:e0:c4:d6:f7:2e:c9:17:e4:c6:d5:b3:45:86:a8:a2:38:
bb:63:51:91:93:eb:95:eb:39:21:d5:1a:a6:f2:50:29:f2:77:
1d:95:35:c3:3f:e5:df:e5:53:6c:d2:e9:bf:9b:0d:d5:a7:01:
be:5c:cf:04:39:88:ce:e6:7f:80:3b:57:ff:ba:8c:46:30:14:
48:34:e1:51
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzem5ghbMzO3HhfLZh4Cf5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTA2MTE0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmY2YTRkMmE5ODZiYWM5N2YzNjI4NzczZWNhYzFjOTJkMDFkMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ucwjVdjvOeRuIv7UmV5OXRic1O+
jyKCvtIa2TCvOm1qZ4F1jKg/BLu3E+mCL/WKCBzsAkZrUgndqLo1ukTT/+Sq++vv
Ub5voWJ9a/f4p5BbokirXIzhH7KyJ20NAP+xYis0gtaXxzNUfXZWMry2GosJ/FXq
EtdrytFYYKehNlxeMVlGC/DuWQXMolg8oUfweuc7upQPEaOPjDwb1ZK4A7ignKrK
8u3Q78i9qRROPJjGh4MnO54gru22mWAwMHGvswRxpOSyXjkyAPECwokraE30S5sC
CTEl/mifEQ1r26JrUSUxuMuv9TKtYiKlozfvUFvUjR4gCK1rZxz1DQdHEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCb2pNKphrrJfzYodz7KwcktAdGCMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvSnZhazBxbUd1c2xfTmloM1BzckJ5UzBCMFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZv8AwQA
LZv/AwQAsH37AwQAuceXAwQAucfVAwQAueK1AwQAwpJcMA0GCSqGSIb3DQEBCwUA
A4IBAQCb1lUvhApRjrk728SsNzOBuXR4ShZxDoL2rn26wEDtZPxSdydMkfxPrBBJ
8Wcu9KAr3yvK7DrvEU4Sv9pSCIzDeUWNnklnMmDKBvvOmHLi4CBoaSyILvscZ4yP
1leDLczzJRn/icWG6GIcV0pspKtrnAHmIJA9OQdSY8oK6TNF6MxLwjTYxzupxmrz
88/oQMsssMUcrYXa0oEJp+WbJqHJil3uPKzbdagW7RS7O46MX+TX2sG7QuDE1vcu
yRfkxtWzRYaooji7Y1GRk+uV6zkh1Rqm8lAp8ncdlTXDP+Xf5VNs0um/mw3VpwG+
XM8EOYjO5n+AO1f/uoxGMBRINOFR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org