Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/TkHeWm8owEBpS8T1OgrRCQq9Gv8.roa
File: TkHeWm8owEBpS8T1OgrRCQq9Gv8.roa (raw, json)
Hash identifier: ktGKBElbM7Q0+GK5AbX925U48VrFo8smq6wI988Ep/o=
Subject key identifier: 4E:41:DE:5A:6F:28:C0:40:69:4B:C4:F5:3A:0A:D1:09:0A:BD:1A:FF
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0189D14E551224A855C7EDF265C5ADCE4BA6
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/TkHeWm8owEBpS8T1OgrRCQq9Gv8.roa
Signing time: Mon 07 Aug 2023 18:41:58 +0000
ROA not before: Mon 07 Aug 2023 18:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
185.221.24.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Aug 2023 11:24:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d1:4e:55:12:24:a8:55:c7:ed:f2:65:c5:ad:ce:4b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 7 18:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e41de5a6f28c040694bc4f53a0ad1090abd1aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:46:88:ee:e3:8a:d5:1a:cb:20:65:08:b2:c4:
70:41:68:7a:40:59:dd:82:80:0e:fa:53:e5:27:e2:
5a:29:75:05:97:44:2f:27:33:4b:b2:df:a3:ed:76:
a3:b1:b3:16:90:43:8a:e8:2d:1e:2f:25:ef:62:6b:
c7:2e:b7:77:89:e7:c9:d4:d0:ac:67:5c:15:63:86:
81:7b:ef:6a:7a:70:d5:43:7d:00:32:46:b4:92:55:
2c:98:23:0b:f8:ea:3f:b5:de:49:41:a9:c4:f9:54:
9e:c1:2c:51:ef:a3:d0:0b:7d:7d:90:4d:36:29:e3:
58:64:09:b3:5c:7b:32:2e:6e:ba:57:60:42:de:00:
5f:e4:b6:21:36:62:73:2b:96:ef:a6:4c:aa:a1:15:
f2:a0:d6:f7:ae:9d:f7:3d:18:ad:48:d4:c2:62:d6:
33:3e:ac:86:14:48:5c:1c:8b:96:55:35:e5:58:2b:
bc:e1:a4:d4:ad:d3:b2:0b:9d:29:2b:f2:ee:d6:07:
73:4e:f7:c9:8e:22:02:7d:be:19:08:06:cc:48:d3:
e7:a5:98:e8:93:61:c4:0e:e0:e5:0d:9e:06:11:b2:
d0:d6:fd:d2:c1:35:c2:7c:dc:76:05:e1:16:34:fc:
b9:54:bb:f1:db:89:05:79:13:ba:50:5b:5f:0e:7a:
85:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:41:DE:5A:6F:28:C0:40:69:4B:C4:F5:3A:0A:D1:09:0A:BD:1A:FF
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/TkHeWm8owEBpS8T1OgrRCQq9Gv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.247.0/24
176.125.250.0/24
185.199.151.0/24
185.199.212.0/23
185.221.24.0/23
185.225.168.0-185.225.170.255
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
10:35:16:a2:dc:de:4e:ae:9e:7d:fb:f6:14:a8:ad:99:5b:8b:
55:58:11:55:2a:65:28:59:5e:94:49:a3:58:05:b4:e7:31:1e:
a4:95:33:aa:20:08:e8:e5:e3:d9:5b:c5:a3:33:f5:6e:cd:be:
1f:06:b7:0b:00:5f:6f:26:68:86:2b:ff:e5:e0:d3:9f:40:59:
a6:87:ac:1b:b9:97:c0:8e:e2:e7:49:c0:ed:1c:ff:e0:72:23:
3a:22:48:77:ee:a1:81:87:81:e3:f6:93:18:e4:b3:12:6f:61:
20:5a:2d:39:bd:0e:9b:f8:b2:b9:4d:43:19:14:93:a5:e3:41:
e6:d4:b5:67:8a:ae:d1:77:4a:22:e5:bf:f7:a4:8b:ab:fb:a2:
bd:7a:0a:26:d3:96:65:c2:29:91:c0:a8:05:14:4b:5c:ac:ec:
6d:c3:38:76:66:f3:c3:25:eb:28:f3:9f:ad:62:63:d9:63:d0:
25:e2:94:26:5c:99:e1:b0:aa:3c:d8:98:60:b6:23:e9:f3:cc:
57:d1:27:48:e7:0c:f3:52:c3:b1:ba:32:b4:50:7c:c9:f4:14:
b8:7c:40:76:f1:de:ff:eb:84:18:79:83:19:53:7c:a8:e4:48:
a6:35:b8:73:03:33:69:6d:9d:32:5a:2f:88:d7:33:ab:fe:ad:
b1:19:3f:f1
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYnRTlUSJKhVx+3yZcWtzkumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODA3MTg0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQxZGU1YTZmMjhjMDQwNjk0YmM0ZjUzYTBhZDEwOTBhYmQxYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0aI7uOK1RrLIGUIssRwQWh6QFnd
goAO+lPlJ+JaKXUFl0QvJzNLst+j7XajsbMWkEOK6C0eLyXvYmvHLrd3iefJ1NCs
Z1wVY4aBe+9qenDVQ30AMka0klUsmCML+Oo/td5JQanE+VSewSxR76PQC319kE02
KeNYZAmzXHsyLm66V2BC3gBf5LYhNmJzK5bvpkyqoRXyoNb3rp33PRitSNTCYtYz
PqyGFEhcHIuWVTXlWCu84aTUrdOyC50pK/Lu1gdzTvfJjiICfb4ZCAbMSNPnpZjo
k2HEDuDlDZ4GEbLQ1v3SwTXCfNx2BeEWNPy5VLvx24kFeRO6UFtfDnqFowIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFE5B3lpvKMBAaUvE9ToK0QkKvRr/MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvVGtIZVdtOG93RUJwUzhUMU9nclJDUXE5R3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALZv8AwQA
LZv/AwQALZ3RAwQAT2L3AwQAsH36AwQAuceXAwQBucfUAwQBud0YMAwDBAO54agD
BAC54aoDBAC5+hoDBAHCklwwDQYJKoZIhvcNAQELBQADggEBABA1FqLc3k6unn37
9hSorZlbi1VYEVUqZShZXpRJo1gFtOcxHqSVM6ogCOjl49lbxaMz9W7Nvh8GtwsA
X28maIYr/+Xg059AWaaHrBu5l8CO4udJwO0c/+ByIzoiSHfuoYGHgeP2kxjksxJv
YSBaLTm9Dpv4srlNQxkUk6XjQebUtWeKrtF3SiLlv/eki6v7or16CibTlmXCKZHA
qAUUS1ys7G3DOHZm88Ml6yjzn61iY9lj0CXilCZcmeGwqjzYmGC2I+nzzFfRJ0jn
DPNSw7G6MrRQfMn0FLh8QHbx3v/rhBh5gxlTfKjkSKY1uHMDM2ltnTJaL4jXM6v+
rbEZP/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org