Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/O0NSy74rNtffrfom9xO7w2jJjoU.roa
File: O0NSy74rNtffrfom9xO7w2jJjoU.roa (raw, json)
Hash identifier: x7YFE7tTzxxBITQtmxJcYuxgPcQPNEdNulY6vPFyL/s=
Subject key identifier: 3B:43:52:CB:BE:2B:36:D7:DF:AD:FA:26:F7:13:BB:C3:68:C9:8E:85
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018C4EA5D75BA1C090F8E152BBADBE327A53
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/O0NSy74rNtffrfom9xO7w2jJjoU.roa
Signing time: Sat 09 Dec 2023 12:55:40 +0000
ROA not before: Sat 09 Dec 2023 12:55:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
185.199.149.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Dec 2023 19:22:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4e:a5:d7:5b:a1:c0:90:f8:e1:52:bb:ad:be:32:7a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 9 12:55:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b4352cbbe2b36d7dfadfa26f713bbc368c98e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:1d:15:e2:d9:08:52:ff:39:38:3b:2c:9f:
c5:66:b9:c0:a1:5a:8c:d6:13:bc:d1:d0:63:33:6f:
d1:ee:c5:08:62:2d:5a:35:bc:38:63:0a:b2:95:cb:
5e:a8:0b:20:4b:6e:70:84:a4:6f:13:47:c1:4f:63:
fc:4d:63:1c:b0:e2:01:69:da:98:f4:ed:28:c3:f1:
cf:7d:1f:3c:bc:dd:37:81:e8:61:9e:bd:4d:29:28:
e7:ee:e6:d0:16:c1:49:ad:58:f1:59:bd:83:4a:87:
f6:61:e2:ea:d4:4e:0e:49:d4:c7:ec:6a:72:14:db:
12:93:48:3d:87:8f:7d:59:39:46:9a:a8:7a:06:38:
07:de:03:fd:4b:2e:d1:e3:9b:ac:b8:c5:49:51:05:
4a:a3:df:24:82:e3:e6:0b:b6:5a:55:5d:fc:7a:36:
b0:a1:2f:9a:b4:d3:6a:90:b3:e9:8c:89:86:b5:de:
43:15:2e:79:78:c9:f7:04:f1:75:15:51:60:3b:00:
2f:50:1d:03:c6:bc:92:fa:08:82:dc:fd:28:09:99:
2a:e3:96:99:79:86:f8:3a:78:d2:4a:3f:d4:e3:9d:
b9:df:46:ba:20:02:19:38:55:eb:b6:d5:9e:3a:e5:
bb:13:b5:fa:ee:91:88:ef:65:41:22:b3:bc:4d:ef:
6a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:43:52:CB:BE:2B:36:D7:DF:AD:FA:26:F7:13:BB:C3:68:C9:8E:85
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/O0NSy74rNtffrfom9xO7w2jJjoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
45.157.211.0/24
79.98.246.0/23
176.125.251.0/24
185.199.149.0/24
185.199.151.0/24
185.199.212.0/23
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:c0:4e:09:56:fd:68:8e:1d:4f:20:7a:13:82:5e:96:0b:90:
e2:f2:08:06:06:da:70:10:1e:53:7d:60:49:3b:ed:98:02:a5:
a9:b1:61:30:14:c4:47:4e:50:8d:1f:1e:11:04:57:36:eb:6f:
84:27:76:2b:35:cc:f7:fb:89:45:08:68:f8:8e:cc:1b:c5:bb:
d9:3f:dc:dd:8d:10:ca:3d:80:1b:6f:02:e0:d3:97:bb:d4:61:
4b:a5:0b:2e:01:ff:4f:48:bb:7a:6e:53:10:f6:48:56:b0:b4:
a1:2d:3f:cb:c6:b4:79:45:25:99:77:2e:68:18:a0:c6:a5:3b:
3c:5b:82:d8:7c:37:4b:ac:08:3a:12:cb:e3:5c:e4:b1:b7:22:
94:71:fa:4f:5e:56:64:ad:bd:e8:e3:d9:1a:ea:92:48:d6:1c:
87:ee:7c:70:77:d7:31:d3:d1:12:87:01:cf:bf:b4:62:a8:2f:
79:35:2e:dc:7d:12:4b:5d:81:fb:90:5a:3e:72:56:3d:46:f3:
c6:f1:b7:2b:ec:53:57:49:36:92:dc:9a:8d:28:8f:43:66:b3:
85:26:c8:66:65:5a:16:4b:d3:d0:84:37:42:cd:0d:b6:71:5d:
6b:05:ec:6c:ef:5d:b2:b7:84:9b:8c:6e:05:7f:7e:02:c8:a3:
c5:4c:ae:40
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYxOpddbocCQ+OFSu62+MnpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjA5MTI1NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQzNTJjYmJlMmIzNmQ3ZGZhZGZhMjZmNzEzYmJjMzY4Yzk4ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPYdFeLZCFL/OTg7LJ/FZrnAoVqM
1hO80dBjM2/R7sUIYi1aNbw4YwqylcteqAsgS25whKRvE0fBT2P8TWMcsOIBadqY
9O0ow/HPfR88vN03gehhnr1NKSjn7ubQFsFJrVjxWb2DSof2YeLq1E4OSdTH7Gpy
FNsSk0g9h499WTlGmqh6BjgH3gP9Sy7R45usuMVJUQVKo98kguPmC7ZaVV38ejaw
oS+atNNqkLPpjImGtd5DFS55eMn3BPF1FVFgOwAvUB0DxryS+giC3P0oCZkq45aZ
eYb4OnjSSj/U452530a6IAIZOFXrttWeOuW7E7X67pGI72VBIrO8Te9q9QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDtDUsu+KzbX3636JvcTu8NoyY6FMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvTzBOU3k3NHJOdGZmcmZvbTl4Tzd3MmpKam9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALZv8AwQA
LZv/AwQALZ3RAwQALZ3TAwQBT2L2AwQAsH37AwQAuceVAwQAuceXAwQBucfUAwQA
ufoaAwQBwpJcMA0GCSqGSIb3DQEBCwUAA4IBAQA8wE4JVv1ojh1PIHoTgl6WC5Di
8ggGBtpwEB5TfWBJO+2YAqWpsWEwFMRHTlCNHx4RBFc262+EJ3YrNcz3+4lFCGj4
jswbxbvZP9zdjRDKPYAbbwLg05e71GFLpQsuAf9PSLt6blMQ9khWsLShLT/LxrR5
RSWZdy5oGKDGpTs8W4LYfDdLrAg6EsvjXOSxtyKUcfpPXlZkrb3o49ka6pJI1hyH
7nxwd9cx09EShwHPv7RiqC95NS7cfRJLXYH7kFo+clY9RvPG8bcr7FNXSTaS3JqN
KI9DZrOFJshmZVoWS9PQhDdCzQ22cV1rBexs712yt4SbjG4Ff34CyKPFTK5A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org