Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/LBRiLAh2aCDAb-O24BUD4v0h64A.roa
File: LBRiLAh2aCDAb-O24BUD4v0h64A.roa (raw, json)
Hash identifier: 2Dqm6+YVMkG/axgadB4P7i1zDfXcqgX+ZMDKSs6zvmg=
Subject key identifier: 2C:14:62:2C:08:76:68:20:C0:6F:E3:B6:E0:15:03:E2:FD:21:EB:80
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018DE7DF023740539887A7F6232E91718902
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/LBRiLAh2aCDAb-O24BUD4v0h64A.roa
Signing time: Tue 27 Feb 2024 00:02:48 +0000
ROA not before: Tue 27 Feb 2024 00:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 16:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e7:df:02:37:40:53:98:87:a7:f6:23:2e:91:71:89:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Feb 27 00:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c14622c08766820c06fe3b6e01503e2fd21eb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c1:86:72:a4:9f:4a:52:3c:fe:d5:da:13:18:
7a:fd:e9:f9:1a:13:62:de:32:f8:4d:72:e7:1f:5d:
cc:8c:91:a5:6a:d7:aa:12:f8:f1:0c:af:6e:2a:89:
87:12:e3:5f:7d:18:ec:cb:38:c3:fe:e0:42:33:89:
ac:05:98:87:8e:f9:2c:8a:7d:f4:a2:bb:d8:9f:22:
d1:a6:dd:c7:b0:e5:59:12:e9:0d:f8:b4:69:f8:2a:
9c:34:5e:72:4a:aa:27:e5:c1:a1:94:13:96:76:2c:
44:b5:61:e3:d9:db:f1:08:2b:e1:83:ff:31:ba:30:
bd:0f:24:53:13:46:e6:32:fb:45:fe:34:a8:f1:08:
3e:6d:55:9c:45:f4:09:f6:01:c8:d2:c4:35:1d:65:
fd:a1:00:7c:fa:cd:88:31:51:a4:a1:ea:c3:3e:17:
94:06:62:38:f0:95:00:34:6e:03:c1:c0:98:d4:da:
41:9f:63:b0:35:f2:86:8c:18:74:bf:47:ec:d8:1c:
d6:18:33:e6:80:0f:28:c4:ef:f8:78:ba:fa:dd:46:
dd:6d:99:6f:04:17:65:b9:91:7b:4b:04:d3:b0:e2:
f0:d1:b9:85:53:89:c8:77:f6:a4:d7:c1:bf:74:8e:
c2:9b:2f:40:67:7a:90:9c:b7:3f:60:9e:b7:a9:2a:
e2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:14:62:2C:08:76:68:20:C0:6F:E3:B6:E0:15:03:E2:FD:21:EB:80
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/LBRiLAh2aCDAb-O24BUD4v0h64A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0-45.157.210.255
79.98.246.0/24
185.199.151.0/24
185.199.213.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
37:69:6b:b4:fd:81:d9:78:08:3f:72:6a:45:11:ff:9a:bd:de:
61:0d:bf:b4:59:a5:62:e5:fc:3d:c2:c3:33:26:ae:8e:ac:a4:
ed:57:65:d6:0d:c1:5d:b5:2b:41:a3:47:8b:c4:9f:7d:84:4a:
c0:32:ac:ad:e4:ef:71:75:48:19:81:52:6d:64:09:c6:94:77:
91:06:ff:18:c9:12:d8:c5:2f:76:60:b4:5c:c6:b7:c8:e8:dc:
8a:3f:0c:f9:d1:69:e1:42:33:0d:18:22:6d:a2:fe:d2:a3:ed:
ca:81:9e:0b:47:32:7a:77:c4:1b:6f:a9:fe:f6:89:c4:e9:f2:
17:32:b6:c6:e7:f3:5f:88:b1:52:58:17:34:67:cc:4f:50:f2:
44:83:49:3b:01:d9:b3:2f:54:ca:68:b0:be:5f:ca:e0:08:48:
71:7e:9a:3e:12:64:cc:48:db:78:8b:4a:89:f5:c9:d2:d9:11:
08:0c:ab:2b:8e:89:a6:a1:29:4d:dc:22:85:12:55:5b:fa:57:
b2:d4:97:e2:62:3d:3a:c0:71:c1:8c:d0:b6:aa:0d:bc:54:c5:
bc:f0:94:d6:84:6d:c6:28:60:08:20:9b:27:b6:fd:21:f6:da:
71:03:ae:68:95:36:8f:a5:e3:98:16:9c:a3:76:63:12:4f:50:
f6:a0:9f:c5
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY3n3wI3QFOYh6f2Iy6RcYkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMjI3MDAwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzE0NjIyYzA4NzY2ODIwYzA2ZmUzYjZlMDE1MDNlMmZkMjFlYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcGGcqSfSlI8/tXaExh6/en5GhNi
3jL4TXLnH13MjJGlateqEvjxDK9uKomHEuNffRjsyzjD/uBCM4msBZiHjvksin30
orvYnyLRpt3HsOVZEukN+LRp+CqcNF5ySqon5cGhlBOWdixEtWHj2dvxCCvhg/8x
ujC9DyRTE0bmMvtF/jSo8Qg+bVWcRfQJ9gHI0sQ1HWX9oQB8+s2IMVGkoerDPheU
BmI48JUANG4DwcCY1NpBn2OwNfKGjBh0v0fs2BzWGDPmgA8oxO/4eLr63UbdbZlv
BBdluZF7SwTTsOLw0bmFU4nId/ak18G/dI7Cmy9AZ3qQnLc/YJ63qSrixwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCwUYiwIdmggwG/jtuAVA+L9IeuAMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvTEJSaUxBaDJhQ0RBYi1PMjRCVUQ0djBoNjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALZv8AwQA
LZv/MAwDBAAtndEDBAAtndIDBABPYvYDBAC5x5cDBAC5x9UDBAC5+howDQYJKoZI
hvcNAQELBQADggEBADdpa7T9gdl4CD9yakUR/5q93mENv7RZpWLl/D3CwzMmro6s
pO1XZdYNwV21K0GjR4vEn32ESsAyrK3k73F1SBmBUm1kCcaUd5EG/xjJEtjFL3Zg
tFzGt8jo3Io/DPnRaeFCMw0YIm2i/tKj7cqBngtHMnp3xBtvqf72icTp8hcytsbn
81+IsVJYFzRnzE9Q8kSDSTsB2bMvVMposL5fyuAISHF+mj4SZMxI23iLSon1ydLZ
EQgMqyuOiaahKU3cIoUSVVv6V7LUl+JiPTrAccGM0LaqDbxUxbzwlNaEbcYoYAgg
mye2/SH22nEDrmiVNo+l45gWnKN2YxJPUPagn8U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org