Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/UVqJMBwXWKpgvl-glxgVVP_sxXM.roa
File: UVqJMBwXWKpgvl-glxgVVP_sxXM.roa (raw, json)
Hash identifier: ol0Ld6O2bMC95OlHmFsfEQF8GDJzFpQ8+5fqYZEkDB0=
Subject key identifier: 51:5A:89:30:1C:17:58:AA:60:BE:5F:A0:97:18:15:54:FF:EC:C5:73
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01880E995412894E8BEF47107D46252D9901
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/UVqJMBwXWKpgvl-glxgVVP_sxXM.roa
Signing time: Fri 12 May 2023 06:15:09 +0000
ROA not before: Fri 12 May 2023 06:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
45.155.253.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 May 2023 19:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0e:99:54:12:89:4e:8b:ef:47:10:7d:46:25:2d:99:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 12 06:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=515a89301c1758aa60be5fa097181554ffecc573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:99:ae:e2:39:e6:3c:7b:05:71:4d:25:b8:da:
e6:76:54:41:25:f0:7e:5d:a5:aa:83:e8:6a:1b:82:
54:4b:b8:7a:8d:b0:2f:2c:29:b0:6b:9c:95:1e:15:
f4:68:f2:73:77:06:02:d5:56:98:78:d0:50:1b:8b:
88:e2:bf:7d:04:77:9c:ab:08:52:ce:62:68:4f:3d:
16:aa:08:b4:34:63:6c:1b:67:7f:33:3d:e0:31:9a:
ae:12:30:51:a0:65:fe:09:74:e9:a6:cd:d5:bd:e3:
32:17:dd:60:f4:96:09:c2:c9:67:d3:a9:fc:04:81:
9b:48:7d:87:3d:38:f8:ca:17:e5:b5:1e:24:15:33:
a0:98:7c:2d:77:f4:88:0b:be:7a:b1:ac:cf:4a:6f:
89:6c:67:09:4c:01:34:22:81:ff:83:fa:19:f0:be:
43:73:7b:88:3b:0a:0e:7f:23:d4:ee:75:2c:04:12:
28:2c:5a:27:aa:d7:55:67:b6:d7:a8:e4:1f:df:20:
75:dc:cc:38:f4:87:3e:15:c2:93:6d:da:52:96:64:
7c:dc:f9:ea:2a:2a:c1:b7:24:6e:bd:aa:8c:20:1a:
46:39:0a:fb:bf:32:63:62:b0:62:21:24:07:c7:ef:
bf:75:6e:92:37:71:98:97:53:70:53:67:8c:01:2c:
58:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:5A:89:30:1C:17:58:AA:60:BE:5F:A0:97:18:15:54:FF:EC:C5:73
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/UVqJMBwXWKpgvl-glxgVVP_sxXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0-45.155.254.255
45.157.209.0-45.157.210.255
79.98.246.0/24
185.199.148.0/23
185.199.213.0/24
185.225.170.0/23
185.226.180.0/24
185.250.25.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:51:1a:3f:f7:ae:8f:1c:eb:ce:aa:44:18:c7:d4:9e:04:f6:
22:6d:91:44:2f:97:dc:43:de:60:f6:56:2f:bc:f1:b4:80:af:
3a:1e:62:74:63:07:77:89:9c:c4:c2:90:e5:84:3f:1d:b7:0a:
0f:3a:63:46:b5:5e:8d:44:93:3f:4d:1f:3b:51:16:6d:7b:75:
3e:ee:b1:92:22:e0:e2:1b:5d:6d:78:41:7e:2c:1c:c7:52:bf:
e7:2f:58:15:56:5f:43:b6:2e:3e:42:22:94:66:7e:b5:13:b2:
66:ea:c7:44:29:58:71:fe:d3:70:0f:b9:f1:67:64:dd:64:58:
c5:52:e7:00:54:f4:ca:cb:a8:b3:f4:d2:2c:32:5c:2c:8b:8e:
0f:3c:53:a1:d9:d1:7e:bd:09:ab:44:2b:bd:36:20:47:9a:61:
bf:da:f2:3c:66:99:e1:01:ad:09:61:c7:53:29:8f:f4:bb:e0:
20:38:6b:db:1e:36:c2:bd:80:ce:13:78:c0:71:26:20:6f:18:
47:75:c2:6f:04:84:68:52:cc:9d:69:0b:06:fa:11:a1:ba:c6:
5b:55:bf:7a:32:7d:cf:40:55:78:96:f9:96:52:9e:c7:57:1d:
79:6e:a3:e7:f7:89:d1:21:45:be:79:cb:46:e8:10:18:d8:ab:
73:77:09:ce
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYgOmVQSiU6L70cQfUYlLZkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTEyMDYxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTVhODkzMDFjMTc1OGFhNjBiZTVmYTA5NzE4MTU1NGZmZWNjNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppmu4jnmPHsFcU0luNrmdlRBJfB+
XaWqg+hqG4JUS7h6jbAvLCmwa5yVHhX0aPJzdwYC1VaYeNBQG4uI4r99BHecqwhS
zmJoTz0Wqgi0NGNsG2d/Mz3gMZquEjBRoGX+CXTpps3VveMyF91g9JYJwsln06n8
BIGbSH2HPTj4yhfltR4kFTOgmHwtd/SIC756sazPSm+JbGcJTAE0IoH/g/oZ8L5D
c3uIOwoOfyPU7nUsBBIoLFonqtdVZ7bXqOQf3yB13Mw49Ic+FcKTbdpSlmR83Pnq
KirBtyRuvaqMIBpGOQr7vzJjYrBiISQHx++/dW6SN3GYl1NwU2eMASxYYwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFFFaiTAcF1iqYL5foJcYFVT/7MVzMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvVVZxSk1Cd1hXS3BndmwtZ2x4Z1ZWUF9zeFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAItm/wD
BAAtm/4wDAMEAC2d0QMEAC2d0gMEAE9i9gMEAbnHlAMEALnH1QMEAbnhqgMEALni
tAMEALn6GTANBgkqhkiG9w0BAQsFAAOCAQEAs1EaP/eujxzrzqpEGMfUngT2Im2R
RC+X3EPeYPZWL7zxtICvOh5idGMHd4mcxMKQ5YQ/HbcKDzpjRrVejUSTP00fO1EW
bXt1Pu6xkiLg4htdbXhBfiwcx1K/5y9YFVZfQ7YuPkIilGZ+tROyZurHRClYcf7T
cA+58Wdk3WRYxVLnAFT0ysuos/TSLDJcLIuODzxTodnRfr0Jq0QrvTYgR5phv9ry
PGaZ4QGtCWHHUymP9LvgIDhr2x42wr2AzhN4wHEmIG8YR3XCbwSEaFLMnWkLBvoR
obrGW1W/ejJ9z0BVeJb5llKex1cdeW6j5/eJ0SFFvnnLRugQGNirc3cJzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org