Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Q4zYscQpy6T76fBRPvls0HdLgGY.roa
File: Q4zYscQpy6T76fBRPvls0HdLgGY.roa (raw, json)
Hash identifier: lTPIqYCMrIciVclybQyrtOGfN9yNtq8dtZBWAkve7so=
Subject key identifier: 43:8C:D8:B1:C4:29:CB:A4:FB:E9:F0:51:3E:F9:6C:D0:77:4B:80:66
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CEDAE6DE1EC9AF110BB29C850DA95C8AB
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Q4zYscQpy6T76fBRPvls0HdLgGY.roa
Signing time: Tue 09 Jan 2024 10:04:40 +0000
ROA not before: Tue 09 Jan 2024 10:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 12:43:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:ae:6d:e1:ec:9a:f1:10:bb:29:c8:50:da:95:c8:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 9 10:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=438cd8b1c429cba4fbe9f0513ef96cd0774b8066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f9:38:ba:d8:2f:de:0f:24:f6:09:3a:cd:51:
85:14:1b:9c:0d:cd:ed:e8:3f:5d:ac:f3:7a:f4:90:
b1:53:a0:d1:ca:76:89:8e:ea:a8:41:88:cf:2f:44:
74:cb:5e:6b:50:cb:15:44:58:1d:87:b6:65:95:1f:
d0:bf:b0:ed:d2:a3:66:2f:13:42:ea:29:db:10:6b:
22:60:7c:21:d8:12:a3:31:b0:6f:02:21:ba:af:d2:
8b:46:9c:aa:56:73:8c:70:63:b7:a5:df:91:62:e3:
06:e8:d8:36:22:f4:29:a8:8c:21:00:65:68:ba:b1:
4a:5c:c0:a1:9e:52:5c:dd:a1:36:ed:e0:4e:98:72:
6f:75:4a:1c:a4:70:ae:83:67:5b:40:a2:af:bc:ba:
f4:ff:40:a0:4a:0b:31:ce:67:92:f7:7f:ca:f7:9e:
6e:65:14:47:d9:5d:f2:4f:89:db:7b:66:98:cd:ba:
e1:ab:a9:35:3c:6b:ce:12:2c:88:ec:9a:78:8b:49:
c5:1d:cd:18:89:26:cb:21:c8:36:84:17:aa:74:63:
38:7b:83:c1:f9:49:8c:f4:fa:b3:df:b0:5d:3c:84:
2c:eb:bc:15:57:e2:84:4f:b3:ea:cc:02:5f:b9:25:
0b:cf:0f:a9:a3:36:0b:43:25:e3:78:cd:5c:5c:18:
3d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8C:D8:B1:C4:29:CB:A4:FB:E9:F0:51:3E:F9:6C:D0:77:4B:80:66
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Q4zYscQpy6T76fBRPvls0HdLgGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:46:6e:1d:9d:f3:df:97:ad:00:08:f2:41:89:de:f9:58:3a:
ff:e4:6c:49:08:8d:f3:e1:97:be:68:e1:29:4f:2f:d8:de:26:
d0:d2:c4:fb:da:70:77:19:96:e2:9c:73:bf:cf:54:b8:b8:24:
b7:e3:3a:81:6c:af:2b:3a:a1:62:bf:f1:60:1a:41:06:d9:6f:
12:cb:5b:69:38:6f:62:81:63:8c:f9:a5:3a:cc:5d:14:9f:d6:
ee:92:34:a7:29:f3:5c:4e:04:78:40:0d:2e:06:51:79:54:3c:
cf:d2:3d:90:bc:6b:39:e8:9c:1c:39:51:9f:8b:1b:e2:b2:5c:
e0:95:f2:83:a7:f1:a7:9f:dc:bb:28:d0:b2:99:6c:1d:37:5b:
39:b6:c9:f6:15:80:3f:9a:a9:81:4b:ec:69:f8:13:8e:2e:9c:
95:d7:9e:b2:98:b2:3d:38:6c:81:6c:d9:6f:69:08:17:cf:09:
0e:f2:1d:04:67:bb:4b:e4:15:ae:6f:51:4a:3e:8e:07:19:b1:
71:f5:45:3c:07:62:8b:6c:49:96:4a:44:ae:71:c9:0c:c1:6c:
7a:2d:48:95:6f:89:08:e7:08:89:c1:46:e3:2a:fe:bf:9a:c3:
14:a0:bf:88:36:16:dc:c8:f8:9d:80:22:cd:e4:2c:56:06:f4:
35:af:7a:0a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYztrm3h7JrxELspyFDalcirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTA5MTAwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhjZDhiMWM0MjljYmE0ZmJlOWYwNTEzZWY5NmNkMDc3NGI4MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPk4utgv3g8k9gk6zVGFFBucDc3t
6D9drPN69JCxU6DRynaJjuqoQYjPL0R0y15rUMsVRFgdh7ZllR/Qv7Dt0qNmLxNC
6inbEGsiYHwh2BKjMbBvAiG6r9KLRpyqVnOMcGO3pd+RYuMG6Ng2IvQpqIwhAGVo
urFKXMChnlJc3aE27eBOmHJvdUocpHCug2dbQKKvvLr0/0CgSgsxzmeS93/K955u
ZRRH2V3yT4nbe2aYzbrhq6k1PGvOEiyI7Jp4i0nFHc0YiSbLIcg2hBeqdGM4e4PB
+UmM9Pqz37BdPIQs67wVV+KET7PqzAJfuSULzw+pozYLQyXjeM1cXBg9GQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEOM2LHEKcuk++nwUT75bNB3S4BmMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUTR6WXNjUXB5NlQ3NmZCUlB2bHMwSGRMZ0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZv8AwQA
LZv/AwQALZ3RAwQAuceXAwQAucfVAwQAueK1AwQAwpJcMA0GCSqGSIb3DQEBCwUA
A4IBAQCrRm4dnfPfl60ACPJBid75WDr/5GxJCI3z4Ze+aOEpTy/Y3ibQ0sT72nB3
GZbinHO/z1S4uCS34zqBbK8rOqFiv/FgGkEG2W8Sy1tpOG9igWOM+aU6zF0Un9bu
kjSnKfNcTgR4QA0uBlF5VDzP0j2QvGs56JwcOVGfixvislzglfKDp/Gnn9y7KNCy
mWwdN1s5tsn2FYA/mqmBS+xp+BOOLpyV156ymLI9OGyBbNlvaQgXzwkO8h0EZ7tL
5BWub1FKPo4HGbFx9UU8B2KLbEmWSkSucckMwWx6LUiVb4kI5wiJwUbjKv6/msMU
oL+INhbcyPidgCLN5CxWBvQ1r3oK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org