Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/RQsLm4ZXOw_Dlo7ZkBF0ICCpK_A.roa
File: RQsLm4ZXOw_Dlo7ZkBF0ICCpK_A.roa (raw, json)
Hash identifier: j41D+MSNdnZKawu2vn3ESzdvd0UEXp3IqRChq3X5Jm8=
Subject key identifier: 45:0B:0B:9B:86:57:3B:0F:C3:96:8E:D9:90:11:74:20:20:A9:2B:F0
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01880D0EBBEDBD7363FC16A2CB76C22B9DFD
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/RQsLm4ZXOw_Dlo7ZkBF0ICCpK_A.roa
Signing time: Thu 11 May 2023 23:04:09 +0000
ROA not before: Thu 11 May 2023 23:04:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
45.155.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 06:15:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0d:0e:bb:ed:bd:73:63:fc:16:a2:cb:76:c2:2b:9d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 11 23:04:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=450b0b9b86573b0fc3968ed99011742020a92bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:17:7c:80:27:3f:15:17:f2:85:26:2c:e0:98:
77:7a:47:0c:e1:67:24:8b:4a:e1:4f:b2:75:0c:e2:
35:e0:6b:01:2e:84:02:25:c0:6e:21:97:d2:91:e9:
13:09:db:60:8f:a0:6f:fc:f2:69:4b:e8:c6:d7:ba:
64:91:97:44:be:6e:b1:f1:88:f8:c8:ee:38:80:be:
1c:18:a8:d9:11:f2:e7:af:d1:39:40:e8:2a:17:75:
9f:0a:7e:b1:e5:cc:3c:08:c5:e6:23:0c:b5:cd:00:
39:b6:0e:8b:73:a9:6c:66:57:65:d0:61:77:3c:0e:
06:11:ea:2d:31:b9:86:dd:78:88:b4:f6:9d:16:6c:
53:18:1c:56:90:73:39:c7:cf:8f:cd:b5:9e:4c:7a:
c6:cf:cd:4c:3e:b6:2f:9d:0d:d4:da:d5:51:77:0f:
46:f2:88:d6:ae:af:fc:13:a8:ca:35:74:10:f0:fc:
77:74:79:74:db:87:34:de:e3:d8:76:8d:39:39:b6:
5e:64:ee:cc:63:50:ad:64:7f:77:e0:f4:34:15:05:
c7:13:0c:45:59:b6:94:03:fe:4a:86:6d:cb:3f:98:
4c:b3:1a:58:46:1a:02:d0:8b:24:23:c9:44:d1:5e:
e0:e3:74:1e:9c:0c:34:11:9d:69:91:92:22:9c:b5:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:0B:0B:9B:86:57:3B:0F:C3:96:8E:D9:90:11:74:20:20:A9:2B:F0
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/RQsLm4ZXOw_Dlo7ZkBF0ICCpK_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0-45.155.254.255
45.157.209.0-45.157.210.255
79.98.246.0/24
185.199.148.0/23
185.199.213.0/24
185.225.170.0/23
185.226.180.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e4:a9:70:4f:9e:d0:a5:8f:95:a0:4e:f8:35:08:b6:ff:5d:
80:e6:35:de:32:a0:21:3b:90:f8:cb:b8:10:4b:3e:a8:06:e8:
a2:4e:ca:6a:4c:f0:6d:9e:fb:90:58:a9:82:42:e3:5d:6b:25:
d3:82:05:c6:7c:7b:14:54:ef:94:94:52:77:1a:81:f9:d3:4f:
c1:fb:37:31:27:06:6e:11:88:e1:45:c8:69:08:38:8e:bb:8d:
30:6e:10:76:6b:57:9f:7e:92:33:e8:c1:c5:db:e3:0b:ae:49:
a3:78:14:ad:0a:8c:76:2a:86:7b:3d:44:e7:05:67:02:44:b9:
cb:44:75:3b:26:66:b0:bc:3f:e2:09:31:77:84:5f:91:00:9d:
c6:23:b1:3f:7f:34:55:68:9b:96:dc:98:52:73:99:fb:87:9e:
b8:f6:db:76:f2:09:61:1d:89:c2:b0:94:e4:6c:1c:1f:2e:b8:
d9:c4:72:a1:07:7d:02:5e:7f:2d:ae:80:4c:f4:8f:ba:f4:c8:
b7:71:81:ee:11:62:ca:5a:54:24:7f:74:7a:95:fb:cf:93:40:
88:b2:51:ca:fa:15:32:44:0a:f0:f1:8b:bd:c6:be:2d:32:68:
5e:74:69:4b:12:da:84:07:c7:c5:32:47:ff:90:cf:dc:f3:12:
57:3a:0f:97
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYgNDrvtvXNj/Baiy3bCK539MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTExMjMwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTBiMGI5Yjg2NTczYjBmYzM5NjhlZDk5MDExNzQyMDIwYTkyYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhd8gCc/FRfyhSYs4Jh3ekcM4Wck
i0rhT7J1DOI14GsBLoQCJcBuIZfSkekTCdtgj6Bv/PJpS+jG17pkkZdEvm6x8Yj4
yO44gL4cGKjZEfLnr9E5QOgqF3WfCn6x5cw8CMXmIwy1zQA5tg6Lc6lsZldl0GF3
PA4GEeotMbmG3XiItPadFmxTGBxWkHM5x8+PzbWeTHrGz81MPrYvnQ3U2tVRdw9G
8ojWrq/8E6jKNXQQ8Px3dHl024c03uPYdo05ObZeZO7MY1CtZH934PQ0FQXHEwxF
WbaUA/5Khm3LP5hMsxpYRhoC0IskI8lE0V7g43QenAw0EZ1pkZIinLVHmwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFEULC5uGVzsPw5aO2ZARdCAgqSvwMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUlFzTG00WlhPd19EbG83WmtCRjBJQ0NwS19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAItm/wD
BAAtm/4wDAMEAC2d0QMEAC2d0gMEAE9i9gMEAbnHlAMEALnH1QMEAbnhqgMEALni
tDANBgkqhkiG9w0BAQsFAAOCAQEAguSpcE+e0KWPlaBO+DUItv9dgOY13jKgITuQ
+Mu4EEs+qAbook7KakzwbZ77kFipgkLjXWsl04IFxnx7FFTvlJRSdxqB+dNPwfs3
MScGbhGI4UXIaQg4jruNMG4QdmtXn36SM+jBxdvjC65Jo3gUrQqMdiqGez1E5wVn
AkS5y0R1OyZmsLw/4gkxd4RfkQCdxiOxP380VWibltyYUnOZ+4eeuPbbdvIJYR2J
wrCU5GwcHy642cRyoQd9Al5/La6ATPSPuvTIt3GB7hFiylpUJH90epX7z5NAiLJR
yvoVMkQK8PGLvca+LTJoXnRpSxLahAfHxTJH/5DP3PMSVzoPlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org