Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Y1zF3-IBhM-zZ7IieiVMbJ2-5ZM.roa
File: Y1zF3-IBhM-zZ7IieiVMbJ2-5ZM.roa (raw, json)
Hash identifier: ApyyMN/AKkE/S3sJN68zR5meQ+0jDbpFjqnDrD3tb0w=
Subject key identifier: 63:5C:C5:DF:E2:01:84:CF:B3:67:B2:22:7A:25:4C:6C:9D:BE:E5:93
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018D26C91FE9DBADA63BD02C468E06016BCE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Y1zF3-IBhM-zZ7IieiVMbJ2-5ZM.roa
Signing time: Sat 20 Jan 2024 12:12:11 +0000
ROA not before: Sat 20 Jan 2024 12:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 23:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:26:c9:1f:e9:db:ad:a6:3b:d0:2c:46:8e:06:01:6b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 20 12:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=635cc5dfe20184cfb367b2227a254c6c9dbee593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:28:a7:f6:1d:73:cf:b9:93:7e:d9:e9:c6:80:
2b:f4:0a:f2:7e:e7:71:e8:5c:ca:75:2c:62:12:67:
d8:c9:4d:0e:ed:82:d7:5d:97:ed:1f:11:1a:12:7e:
4d:14:b3:da:2b:a4:e4:16:36:33:78:f1:08:f7:06:
3b:36:1f:44:30:06:e9:1e:f3:78:87:44:5e:9c:d1:
ba:81:81:5b:e4:2b:74:19:20:d3:86:7e:23:ea:f8:
2e:1f:90:55:96:ac:ce:18:2e:05:9d:82:af:33:32:
b0:20:fe:c6:23:07:5b:f5:bd:0b:e2:f2:2b:30:91:
d2:29:55:7d:e0:84:ba:d1:5d:53:0f:27:2a:eb:f9:
97:e1:9c:3e:5a:0d:2b:1d:fd:21:a9:89:37:34:bc:
a5:99:db:d3:a6:53:e9:98:5a:48:92:40:df:82:59:
6c:aa:81:84:6e:15:1b:32:8d:92:18:c2:30:31:54:
89:2d:78:91:3f:a3:24:21:8d:f0:6c:57:16:03:87:
3a:58:21:e5:9d:a0:54:16:e2:98:de:a7:46:da:d9:
1a:a5:ee:82:ae:6c:31:d3:c6:c3:40:18:4b:1d:73:
f6:2e:31:ea:46:0c:91:e8:27:5d:7e:d2:21:93:4d:
ee:7a:ba:0a:5d:0b:31:21:9e:c5:ee:2b:5b:74:10:
ea:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5C:C5:DF:E2:01:84:CF:B3:67:B2:22:7A:25:4C:6C:9D:BE:E5:93
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Y1zF3-IBhM-zZ7IieiVMbJ2-5ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.247.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f3:8e:c3:54:5d:9d:b9:28:65:f6:e2:a0:29:d5:a1:47:90:
48:76:5f:64:e4:7f:81:26:f4:ea:d9:1b:71:a4:7f:79:49:29:
09:d3:53:f1:fb:de:7d:de:44:d9:26:31:7d:94:12:05:7e:09:
c4:82:64:82:5f:ac:01:bc:f5:ce:ab:94:b3:a3:36:5f:7d:13:
4d:2f:b7:3c:45:2c:26:84:6a:c8:4c:15:de:20:b6:bc:cc:64:
5a:ea:77:4d:95:cc:2b:94:4c:1c:28:37:21:e1:e0:25:5d:eb:
9e:dd:63:ca:58:15:54:c0:6c:e6:69:d7:ef:fd:f2:d6:15:be:
88:6e:73:0c:79:f4:b2:90:b6:b8:15:05:19:7f:ff:e0:e3:c6:
6f:72:d0:5c:e9:90:e2:d3:5b:53:6a:08:16:49:05:35:f2:bc:
66:63:fe:ed:f5:16:d1:63:f5:6d:59:19:74:a2:cb:33:4b:c0:
74:e9:24:98:f5:60:6b:df:36:fd:50:7e:f7:da:39:ce:4d:a9:
c9:c8:9f:46:be:39:11:bd:9e:af:69:b4:aa:45:cd:f6:95:34:
80:42:85:8f:9d:da:cd:04:9b:9e:06:60:dd:cc:9d:a9:ff:a3:
52:cf:5a:74:28:ce:a0:ea:c9:69:c8:ed:5e:ab:fa:70:81:9d:
3a:57:07:21
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0myR/p262mO9AsRo4GAWvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTIwMTIxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzVjYzVkZmUyMDE4NGNmYjM2N2IyMjI3YTI1NGM2YzlkYmVlNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiin9h1zz7mTftnpxoAr9Aryfudx
6FzKdSxiEmfYyU0O7YLXXZftHxEaEn5NFLPaK6TkFjYzePEI9wY7Nh9EMAbpHvN4
h0RenNG6gYFb5Ct0GSDThn4j6vguH5BVlqzOGC4FnYKvMzKwIP7GIwdb9b0L4vIr
MJHSKVV94IS60V1TDycq6/mX4Zw+Wg0rHf0hqYk3NLylmdvTplPpmFpIkkDfglls
qoGEbhUbMo2SGMIwMVSJLXiRP6MkIY3wbFcWA4c6WCHlnaBUFuKY3qdG2tkape6C
rmwx08bDQBhLHXP2LjHqRgyR6CddftIhk03ueroKXQsxIZ7F7itbdBDq3QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGNcxd/iAYTPs2eyInolTGydvuWTMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWTF6RjMtSUJoTS16WjdJaWVpVk1iSjItNVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZv8AwQA
LZv/AwQALZ3RAwQAT2L3AwQAuceXAwQAucfVAwQAueK1MA0GCSqGSIb3DQEBCwUA
A4IBAQBn847DVF2duShl9uKgKdWhR5BIdl9k5H+BJvTq2RtxpH95SSkJ01Px+959
3kTZJjF9lBIFfgnEgmSCX6wBvPXOq5SzozZffRNNL7c8RSwmhGrITBXeILa8zGRa
6ndNlcwrlEwcKDch4eAlXeue3WPKWBVUwGzmadfv/fLWFb6IbnMMefSykLa4FQUZ
f//g48ZvctBc6ZDi01tTaggWSQU18rxmY/7t9RbRY/VtWRl0osszS8B06SSY9WBr
3zb9UH732jnOTanJyJ9GvjkRvZ6vabSqRc32lTSAQoWPndrNBJueBmDdzJ2p/6NS
z1p0KM6g6slpyO1eq/pwgZ06Vwch
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org