Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/XmNsAMQjZsRQYZIg90omJD6FUAE.roa
File: XmNsAMQjZsRQYZIg90omJD6FUAE.roa (raw, json)
Hash identifier: rtK9J9+lrNwjT7gazkDZlFAwFXJHTAwxhWusvjiBtkE=
Subject key identifier: 5E:63:6C:00:C4:23:66:C4:50:61:92:20:F7:4A:26:24:3E:85:50:01
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018DF08FBCFF571E6D4FBD2B0EFC07AB7883
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/XmNsAMQjZsRQYZIg90omJD6FUAE.roa
Signing time: Wed 28 Feb 2024 16:32:48 +0000
ROA not before: Wed 28 Feb 2024 16:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 18:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:8f:bc:ff:57:1e:6d:4f:bd:2b:0e:fc:07:ab:78:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Feb 28 16:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e636c00c42366c450619220f74a26243e855001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:20:ce:05:4e:16:04:85:f4:99:10:46:5e:f5:
c2:db:ca:21:28:b8:a6:98:b3:78:e8:41:39:5f:d7:
ef:5c:d6:fd:e8:5e:8f:fd:b0:a8:8f:3a:2d:ad:c6:
0c:4f:9d:95:e9:34:3f:52:7a:be:6b:27:53:02:0f:
42:bc:47:3f:b7:6e:f6:85:23:12:13:a8:e0:76:97:
1f:3e:d4:70:b5:0f:07:91:1f:46:cb:3a:12:48:af:
bd:2c:05:16:7c:08:94:87:56:70:86:1b:2f:20:c4:
33:2d:ac:e3:79:4f:57:5a:50:b1:40:37:a5:96:14:
ae:dd:b6:61:fc:57:d7:10:93:14:2a:97:c7:93:0d:
d7:cd:7d:31:e1:7a:12:97:c1:03:40:b8:7a:e8:7c:
2b:99:b7:de:d3:05:ca:28:64:b3:74:7e:d8:09:bf:
b5:ad:fd:8b:90:48:17:37:84:32:98:ec:01:4e:b5:
1a:2a:e9:e6:ee:6e:95:9c:c7:13:b4:f8:fe:d3:52:
8c:b9:8f:2a:72:5f:4d:85:ae:79:cc:88:9e:12:d1:
c9:69:dc:fd:38:8f:b5:c0:18:b7:85:f1:db:35:de:
13:b2:64:57:8c:7a:9d:51:7a:2e:28:22:14:b5:d9:
6f:60:50:af:07:1c:2a:49:91:f6:ad:1e:47:f8:5c:
39:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:63:6C:00:C4:23:66:C4:50:61:92:20:F7:4A:26:24:3E:85:50:01
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/XmNsAMQjZsRQYZIg90omJD6FUAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0-45.157.210.255
79.98.246.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:6e:e8:3f:94:cd:69:66:0f:84:94:ea:9a:da:1b:8a:fe:e1:
58:a6:c2:5e:eb:e7:83:9f:1c:fe:4f:1a:f8:04:8d:fe:19:4d:
f8:25:84:ca:73:33:cf:44:b9:7b:1d:b7:1e:b5:9a:82:ae:73:
d4:98:cb:16:a2:a4:7f:f8:ec:4e:35:01:2b:87:81:5f:39:1e:
ab:48:da:fa:74:9b:9a:37:ba:1e:7e:66:fd:c7:55:46:31:a0:
b1:44:59:31:ae:75:c9:6f:0b:45:81:00:7b:b1:ac:68:03:51:
9e:20:ab:35:2e:b1:06:24:b6:a8:44:be:10:27:87:5f:b4:32:
fd:5d:54:fc:9e:9e:ba:c0:d4:94:c2:f6:fb:36:e5:cb:b5:7e:
13:b3:43:70:df:5a:ce:ed:f9:e2:df:0e:e6:d1:d8:cf:f0:62:
37:4b:2e:6c:b8:06:ba:16:20:00:15:02:cb:fe:93:d1:38:23:
3b:9d:03:c3:a7:91:bc:9d:1a:59:57:fb:f6:22:cc:7f:db:4c:
b8:d2:bf:5a:d6:d8:a3:2d:03:24:d0:45:5e:0c:91:d2:dd:c2:
80:91:95:01:79:97:6b:11:0b:57:60:1e:fa:2a:47:a4:4a:33:
9e:1f:56:bf:3f:90:0a:c1:d1:c2:b2:9d:f5:c1:e5:1e:07:50:
83:75:6c:a8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY3wj7z/Vx5tT70rDvwHq3iDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMjI4MTYzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTYzNmMwMGM0MjM2NmM0NTA2MTkyMjBmNzRhMjYyNDNlODU1MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSDOBU4WBIX0mRBGXvXC28ohKLim
mLN46EE5X9fvXNb96F6P/bCojzotrcYMT52V6TQ/Unq+aydTAg9CvEc/t272hSMS
E6jgdpcfPtRwtQ8HkR9GyzoSSK+9LAUWfAiUh1ZwhhsvIMQzLazjeU9XWlCxQDel
lhSu3bZh/FfXEJMUKpfHkw3XzX0x4XoSl8EDQLh66Hwrmbfe0wXKKGSzdH7YCb+1
rf2LkEgXN4QymOwBTrUaKunm7m6VnMcTtPj+01KMuY8qcl9Nha55zIieEtHJadz9
OI+1wBi3hfHbNd4TsmRXjHqdUXouKCIUtdlvYFCvBxwqSZH2rR5H+Fw5NwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFF5jbADEI2bEUGGSIPdKJiQ+hVABMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWG1Oc0FNUWpac1JRWVpJZzkwb21KRDZGVUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALZv8AwQA
LZv/MAwDBAAtndEDBAAtndIDBABPYvYDBAC5x5cDBAC5x9UDBAC54rUDBAC5+how
DQYJKoZIhvcNAQELBQADggEBALpu6D+UzWlmD4SU6praG4r+4Vimwl7r54OfHP5P
GvgEjf4ZTfglhMpzM89EuXsdtx61moKuc9SYyxaipH/47E41ASuHgV85HqtI2vp0
m5o3uh5+Zv3HVUYxoLFEWTGudclvC0WBAHuxrGgDUZ4gqzUusQYktqhEvhAnh1+0
Mv1dVPyenrrA1JTC9vs25cu1fhOzQ3DfWs7t+eLfDubR2M/wYjdLLmy4BroWIAAV
Asv+k9E4IzudA8OnkbydGllX+/YizH/bTLjSv1rW2KMtAyTQRV4MkdLdwoCRlQF5
l2sRC1dgHvoqR6RKM54fVr8/kArB0cKynfXB5R4HUIN1bKg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org