Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S8aYi4C3Qr2GRrUs78F608u8SQ0.roa
File: S8aYi4C3Qr2GRrUs78F608u8SQ0.roa (raw, json)
Hash identifier: d+q0DjtdZXN+z/WXGnJDFdGUgT3SRBH82yxacRGd5Ls=
Subject key identifier: 4B:C6:98:8B:80:B7:42:BD:86:46:B5:2C:EF:C1:7A:D3:CB:BC:49:0D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018627376F90784639FB1D2B178D712BC174
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S8aYi4C3Qr2GRrUs78F608u8SQ0.roa
Signing time: Mon 06 Feb 2023 14:53:09 +0000
ROA not before: Mon 06 Feb 2023 14:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.155.255.0/24 maxlen: 24
45.155.254.0/24 maxlen: 24
45.155.253.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 13:37:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:27:37:6f:90:78:46:39:fb:1d:2b:17:8d:71:2b:c1:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Feb 6 14:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bc6988b80b742bd8646b52cefc17ad3cbbc490d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2b:5d:4c:49:31:d6:26:58:ec:8e:c8:aa:bb:
ec:13:77:0c:9e:4e:32:2b:b9:8d:24:68:8a:2c:1c:
52:78:14:07:56:86:e6:41:7b:c3:43:02:ef:06:e2:
d2:8b:99:a0:04:98:8e:71:a9:f9:f3:dd:7d:a1:d1:
2d:14:83:be:c4:fc:80:e2:17:09:aa:f2:91:01:51:
97:7d:3d:0f:e6:4a:31:cb:ef:5a:41:8b:51:a0:e2:
36:ad:71:36:29:2d:75:2b:5c:58:93:0f:b6:6f:d2:
d3:41:f7:09:f0:eb:fc:18:ab:7e:63:04:0a:70:f3:
87:ae:92:27:3d:73:0a:83:c4:91:a8:07:c5:1f:6e:
d7:c3:8e:e5:a5:c3:9c:fa:99:8a:d2:e5:1d:5f:23:
2b:37:dd:85:f5:e0:5b:4c:82:9b:63:63:39:d1:79:
25:c6:22:a3:4a:b7:c2:e1:7e:0c:0c:6b:02:0d:a2:
86:84:83:4f:61:00:18:fd:11:8d:ed:8d:5a:3c:62:
f8:41:d8:27:99:3c:0b:fb:ce:32:b2:0f:d3:e3:7b:
b8:aa:7f:d6:17:95:e5:95:94:df:1a:65:f7:f8:32:
68:e0:02:81:a0:1c:11:96:fd:b7:44:70:72:f3:1b:
e5:0e:73:e1:35:b3:8c:f0:f1:f9:da:ee:62:35:5e:
77:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C6:98:8B:80:B7:42:BD:86:46:B5:2C:EF:C1:7A:D3:CB:BC:49:0D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S8aYi4C3Qr2GRrUs78F608u8SQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/22
Signature Algorithm: sha256WithRSAEncryption
83:10:e3:24:18:11:63:7c:fd:c3:31:78:51:49:c3:94:1a:10:
b2:fa:12:00:60:8a:96:69:4d:32:66:96:fd:af:2c:98:e7:35:
4b:6f:04:f0:f7:88:7d:77:79:26:f5:82:13:bc:54:13:d0:3d:
c9:77:ee:98:8c:7b:a6:a4:47:77:4a:f6:79:bf:6e:b6:a7:9d:
f6:c7:8d:b7:02:9f:7d:a0:c8:14:d2:6e:8c:09:e9:fd:9f:a6:
93:3b:8d:17:e5:0b:47:43:7b:ae:5b:c4:f5:44:70:90:94:f5:
8d:ec:4b:36:31:dd:34:cd:59:66:05:08:51:05:0c:4f:99:e9:
1a:93:da:e4:54:c5:95:b3:2a:ac:16:a2:00:f4:df:1a:f7:66:
32:3f:43:22:8f:92:40:10:01:6b:fc:59:ac:ab:21:ca:5d:72:
8e:a9:e6:96:19:ae:80:6a:44:cb:c7:95:81:20:0b:ca:96:48:
ac:88:d1:d6:c0:9c:0e:c6:9e:b2:ac:d9:70:9f:cd:93:3d:d8:
4f:db:1c:92:8a:ee:0d:0e:88:ff:82:4a:a0:7e:aa:d1:a7:a9:
e4:c7:dc:0f:d1:f5:b7:5e:33:96:89:0e:4c:c3:23:e4:a7:a3:
27:9d:f8:25:bf:95:a4:cb:81:04:1a:d8:f8:fa:6c:d5:88:43:
40:d9:e7:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYnN2+QeEY5+x0rF41xK8F0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMjA2MTQ1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmM2OTg4YjgwYjc0MmJkODY0NmI1MmNlZmMxN2FkM2NiYmM0OTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvitdTEkx1iZY7I7IqrvsE3cMnk4y
K7mNJGiKLBxSeBQHVobmQXvDQwLvBuLSi5mgBJiOcan58919odEtFIO+xPyA4hcJ
qvKRAVGXfT0P5koxy+9aQYtRoOI2rXE2KS11K1xYkw+2b9LTQfcJ8Ov8GKt+YwQK
cPOHrpInPXMKg8SRqAfFH27Xw47lpcOc+pmK0uUdXyMrN92F9eBbTIKbY2M50Xkl
xiKjSrfC4X4MDGsCDaKGhINPYQAY/RGN7Y1aPGL4QdgnmTwL+84ysg/T43u4qn/W
F5XllZTfGmX3+DJo4AKBoBwRlv23RHBy8xvlDnPhNbOM8PH52u5iNV53zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvGmIuAt0K9hka1LO/BetPLvEkNMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUzhhWWk0QzNRcjJHUnJVczc4RjYwOHU4U1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZv8MA0G
CSqGSIb3DQEBCwUAA4IBAQCDEOMkGBFjfP3DMXhRScOUGhCy+hIAYIqWaU0yZpb9
ryyY5zVLbwTw94h9d3km9YITvFQT0D3Jd+6YjHumpEd3SvZ5v262p532x423Ap99
oMgU0m6MCen9n6aTO40X5QtHQ3uuW8T1RHCQlPWN7Es2Md00zVlmBQhRBQxPmeka
k9rkVMWVsyqsFqIA9N8a92YyP0Mij5JAEAFr/FmsqyHKXXKOqeaWGa6AakTLx5WB
IAvKlkisiNHWwJwOxp6yrNlwn82TPdhP2xySiu4NDoj/gkqgfqrRp6nkx9wP0fW3
XjOWiQ5MwyPkp6Mnnfglv5Wky4EEGtj4+mzViENA2efX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org