Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nl7undYcZACxDkfbqUgZVcrAldo.roa
File: Nl7undYcZACxDkfbqUgZVcrAldo.roa (raw, json)
Hash identifier: posQU5GdPbw3S7MDEr7+4xrIqViJIn2pe8Qx/YvAHxA=
Subject key identifier: 36:5E:EE:9D:D6:1C:64:00:B1:0E:47:DB:A9:48:19:55:CA:C0:95:DA
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01884486CB750C0B1D875D291649486B0C7F
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nl7undYcZACxDkfbqUgZVcrAldo.roa
Signing time: Mon 22 May 2023 17:34:24 +0000
ROA not before: Mon 22 May 2023 17:34:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 May 2023 09:39:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:44:86:cb:75:0c:0b:1d:87:5d:29:16:49:48:6b:0c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 22 17:34:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=365eee9dd61c6400b10e47dba9481955cac095da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:99:68:93:2f:b8:77:d8:4f:9b:55:f3:1f:0b:
23:90:3b:39:23:4a:1b:09:13:d0:f5:e6:d6:9f:a6:
a4:1d:04:0f:b1:2e:50:d3:e0:29:33:9a:5b:64:0c:
08:e8:3f:d9:5f:5d:c1:99:3c:5b:6b:63:d3:3a:f7:
9f:19:c5:f4:c4:37:98:82:11:91:c7:68:f9:61:71:
97:25:86:5c:a4:a8:47:86:d6:68:74:28:7c:40:82:
0c:ab:fb:bb:93:5c:8f:37:49:69:5f:45:8c:55:bd:
be:b4:63:09:46:fb:8b:54:51:50:8a:77:b2:09:4a:
d5:14:97:a0:93:c4:71:21:fb:bf:da:eb:4b:90:09:
12:95:fa:b8:ba:96:ac:12:f0:da:1e:9f:ef:a2:49:
4e:55:0a:42:05:db:39:33:5a:97:b4:6a:72:3d:6e:
9b:34:39:4a:e4:a4:fc:93:02:6d:ae:da:61:0f:86:
bd:9f:09:0c:fd:a4:b1:c7:24:58:a3:d5:57:a8:8d:
ad:ba:fb:8c:44:0b:e0:f8:80:e0:e2:a8:a9:5e:84:
48:f4:56:cc:6c:e1:37:cc:07:3c:57:e4:7e:fc:e6:
15:47:cf:ae:34:c1:73:f4:a0:a4:63:44:e2:77:26:
e0:cd:17:a0:3f:67:70:7e:36:31:df:1f:20:f5:9a:
3a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5E:EE:9D:D6:1C:64:00:B1:0E:47:DB:A9:48:19:55:CA:C0:95:DA
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nl7undYcZACxDkfbqUgZVcrAldo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
79.98.246.0/24
185.199.148.0/23
185.225.170.0/23
185.250.25.0-185.250.26.255
Signature Algorithm: sha256WithRSAEncryption
c2:6a:87:fc:7b:93:bb:8c:e3:88:26:33:ae:cf:97:31:4a:37:
27:1a:3f:18:fb:8e:ce:82:21:fa:01:a4:1a:d3:16:d6:a6:f2:
5f:57:30:b6:82:bc:ba:e6:af:64:5b:e7:d4:5d:e2:1a:af:81:
3f:e5:5d:db:f1:1e:91:57:79:a0:ad:95:d8:ef:4d:36:fc:c2:
c5:ab:df:5c:3e:93:85:5b:97:3f:0e:3f:c6:41:21:c2:41:89:
4e:10:82:af:88:a8:dc:90:22:38:36:f3:f3:bb:ed:e2:50:3e:
95:5f:da:05:46:dc:a2:c6:4c:f6:87:51:7e:1c:e5:81:26:b4:
3d:ab:42:d3:f0:09:04:16:af:37:42:a4:72:1b:34:9d:bf:cd:
12:c1:fd:8a:c8:e7:34:ac:47:b9:56:36:0e:29:d8:2a:38:e8:
d1:a0:71:33:5b:20:57:03:4d:d7:0e:a5:de:fa:d6:6f:36:8e:
4e:5c:fb:8f:25:39:e1:8d:ad:b2:09:95:e5:1d:1d:d6:4c:f9:
fa:43:0f:57:b9:49:23:6b:04:c4:73:87:8d:3b:be:a7:39:76:
7e:e0:d7:20:48:53:03:38:c8:e9:5b:4e:93:8e:ad:7c:7d:c4:
65:c3:29:a8:53:7c:2f:75:ac:8a:4b:14:0d:9a:2b:dd:f1:04:
7b:a0:9f:be
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYhEhst1DAsdh10pFklIawx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTIyMTczNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjVlZWU5ZGQ2MWM2NDAwYjEwZTQ3ZGJhOTQ4MTk1NWNhYzA5NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5loky+4d9hPm1XzHwsjkDs5I0ob
CRPQ9ebWn6akHQQPsS5Q0+ApM5pbZAwI6D/ZX13BmTxba2PTOvefGcX0xDeYghGR
x2j5YXGXJYZcpKhHhtZodCh8QIIMq/u7k1yPN0lpX0WMVb2+tGMJRvuLVFFQiney
CUrVFJegk8RxIfu/2utLkAkSlfq4upasEvDaHp/voklOVQpCBds5M1qXtGpyPW6b
NDlK5KT8kwJtrtphD4a9nwkM/aSxxyRYo9VXqI2tuvuMRAvg+IDg4qipXoRI9FbM
bOE3zAc8V+R+/OYVR8+uNMFz9KCkY0TidybgzRegP2dwfjYx3x8g9Zo6cwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDZe7p3WHGQAsQ5H26lIGVXKwJXaMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvTmw3dW5kWWNaQUN4RGtmYnFVZ1pWY3JBbGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZv8AwQA
T2L2AwQBuceUAwQBueGqMAwDBAC5+hkDBAC5+howDQYJKoZIhvcNAQELBQADggEB
AMJqh/x7k7uM44gmM67PlzFKNycaPxj7js6CIfoBpBrTFtam8l9XMLaCvLrmr2Rb
59Rd4hqvgT/lXdvxHpFXeaCtldjvTTb8wsWr31w+k4Vblz8OP8ZBIcJBiU4Qgq+I
qNyQIjg28/O77eJQPpVf2gVG3KLGTPaHUX4c5YEmtD2rQtPwCQQWrzdCpHIbNJ2/
zRLB/YrI5zSsR7lWNg4p2Co46NGgcTNbIFcDTdcOpd761m82jk5c+48lOeGNrbIJ
leUdHdZM+fpDD1e5SSNrBMRzh407vqc5dn7g1yBIUwM4yOlbTpOOrXx9xGXDKahT
fC91rIpLFA2aK93xBHugn74=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org