Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S197pHfUIuLOLTiYZLs5mKueQNQ.roa
File: S197pHfUIuLOLTiYZLs5mKueQNQ.roa (raw, json)
Hash identifier: q5LD/RaPssleYZV3Wrzq3FOuiGgJXKB3sSJFk0AQG14=
Subject key identifier: 4B:5F:7B:A4:77:D4:22:E2:CE:2D:38:98:64:BB:39:98:AB:9E:40:D4
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018A6F68CEF9AE7571DB31AD6AABEA674F39
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S197pHfUIuLOLTiYZLs5mKueQNQ.roa
Signing time: Thu 07 Sep 2023 11:30:54 +0000
ROA not before: Thu 07 Sep 2023 11:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
79.98.244.0/23 maxlen: 24
185.221.24.0/24 maxlen: 24
185.221.26.0/23 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 23:10:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:68:ce:f9:ae:75:71:db:31:ad:6a:ab:ea:67:4f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 7 11:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b5f7ba477d422e2ce2d389864bb3998ab9e40d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bc:c5:7b:80:e2:41:4f:34:67:7f:a2:76:56:
96:18:80:ab:b4:34:41:c0:08:08:a4:01:e6:7e:58:
c2:b3:06:04:a5:da:0e:af:f0:a3:c5:3a:d9:73:cb:
1c:bb:b3:7a:e7:5f:77:dc:1c:8c:e2:29:e9:03:c5:
7c:91:cd:36:83:84:d6:b7:c0:e4:eb:64:9f:f3:a6:
41:4a:68:ef:ab:74:0d:0a:6f:56:a5:2e:10:da:56:
9d:11:e8:a7:fc:d7:8a:1b:be:7f:18:7e:91:17:17:
30:87:eb:ca:60:f2:3b:bf:b1:1f:b5:f5:05:5a:b3:
05:05:fa:f5:66:02:d8:61:57:a5:e1:31:52:c9:8c:
56:41:45:ae:d4:ef:d8:29:b6:84:92:93:e0:9b:0f:
e7:c6:19:b0:92:f6:7b:a0:83:05:82:21:4f:f3:b3:
9b:d3:f6:ca:a0:d0:23:ea:ac:42:d8:ce:d0:23:78:
d4:31:ed:6d:6e:5b:69:3f:46:d4:f4:d4:48:67:66:
ac:51:b2:7f:11:2a:9f:93:8b:7a:cb:6d:30:ff:c2:
0f:c7:c1:24:eb:cd:83:b2:d1:f8:87:96:66:e6:03:
b5:ae:d5:93:1e:a1:e9:69:6a:c0:b0:3f:d0:18:b0:
51:86:c3:7f:b0:db:93:be:86:87:72:06:43:ef:32:
b7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5F:7B:A4:77:D4:22:E2:CE:2D:38:98:64:BB:39:98:AB:9E:40:D4
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S197pHfUIuLOLTiYZLs5mKueQNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
79.98.244.0/22
176.125.250.0/23
185.199.151.0/24
185.199.212.0/23
185.221.24.0/22
185.225.168.0/22
185.250.25.0-185.250.26.255
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
17:ee:fe:e7:40:07:8f:e8:f6:ca:d2:ab:09:07:01:9a:dd:9e:
41:3f:86:af:05:24:03:ac:5f:f3:11:eb:5c:8d:6b:a6:89:55:
c2:6b:96:e2:8c:ec:75:7e:51:c4:4f:3f:4a:b5:8e:3c:38:62:
7b:35:82:97:6e:a5:58:21:ad:d1:30:d2:6f:8e:98:66:6a:60:
4f:36:35:5d:2c:91:a9:4d:83:49:dc:43:d9:e0:59:9d:12:cc:
e7:a8:d7:ff:87:03:be:b2:75:9c:5b:62:09:b9:c5:09:ff:d3:
a1:bd:e2:a2:20:a1:ce:7f:19:b8:0b:2e:da:78:0e:85:fc:10:
e9:94:9f:ca:15:38:9a:44:73:c6:26:45:3a:a9:37:c0:e1:40:
56:62:5b:f0:3b:75:c9:83:0c:3d:3f:7b:51:f4:43:72:2a:f7:
86:69:3b:8c:62:3a:25:12:02:2f:20:4d:ae:57:da:15:50:6d:
b6:42:f1:47:aa:5c:3f:b5:ec:df:b1:c1:71:00:5d:36:29:31:
9c:00:be:2a:67:4b:35:e8:4a:66:25:f6:67:7c:b4:af:6b:20:
cc:c8:d6:09:f0:92:57:5a:52:fc:67:50:25:51:03:11:c0:a4:
51:4a:8f:64:12:4e:bb:4b:f5:76:90:c3:e0:f0:55:f3:b1:71:
12:e1:28:da
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYpvaM75rnVx2zGtaqvqZ085MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwOTA3MTEzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVmN2JhNDc3ZDQyMmUyY2UyZDM4OTg2NGJiMzk5OGFiOWU0MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbzFe4DiQU80Z3+idlaWGICrtDRB
wAgIpAHmfljCswYEpdoOr/CjxTrZc8scu7N651933ByM4inpA8V8kc02g4TWt8Dk
62Sf86ZBSmjvq3QNCm9WpS4Q2ladEein/NeKG75/GH6RFxcwh+vKYPI7v7EftfUF
WrMFBfr1ZgLYYVel4TFSyYxWQUWu1O/YKbaEkpPgmw/nxhmwkvZ7oIMFgiFP87Ob
0/bKoNAj6qxC2M7QI3jUMe1tbltpP0bU9NRIZ2asUbJ/ESqfk4t6y20w/8IPx8Ek
682DstH4h5Zm5gO1rtWTHqHpaWrAsD/QGLBRhsN/sNuTvoaHcgZD7zK3MQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEtfe6R31CLizi04mGS7OZirnkDUMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUzE5N3BIZlVJdUxPTFRpWVpMczVtS3VlUU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALZv8AwQA
LZv/AwQCT2L0AwQBsH36AwQAuceXAwQBucfUAwQCud0YAwQCueGoMAwDBAC5+hkD
BAC5+hoDBAHCklwwDQYJKoZIhvcNAQELBQADggEBABfu/udAB4/o9srSqwkHAZrd
nkE/hq8FJAOsX/MR61yNa6aJVcJrluKM7HV+UcRPP0q1jjw4Yns1gpdupVghrdEw
0m+OmGZqYE82NV0skalNg0ncQ9ngWZ0SzOeo1/+HA76ydZxbYgm5xQn/06G94qIg
oc5/GbgLLtp4DoX8EOmUn8oVOJpEc8YmRTqpN8DhQFZiW/A7dcmDDD0/e1H0Q3Iq
94ZpO4xiOiUSAi8gTa5X2hVQbbZC8UeqXD+17N+xwXEAXTYpMZwAvipnSzXoSmYl
9md8tK9rIMzI1gnwkldaUvxnUCVRAxHApFFKj2QSTrtL9XaQw+DwVfOxcRLhKNo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org