Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/YJ5sQzHP-bFEKwBJR0gBJntEkkE.roa
File: YJ5sQzHP-bFEKwBJR0gBJntEkkE.roa (raw, json)
Hash identifier: h8JkUN2puV2Nl5zgd56GXWr+R8vjjsHY18bI+qHZon0=
Subject key identifier: 60:9E:6C:43:31:CF:F9:B1:44:2B:00:49:47:48:01:26:7B:44:92:41
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018EDBD05419D282B2A7978D46507F728031
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/YJ5sQzHP-bFEKwBJR0gBJntEkkE.roa
Signing time: Sun 14 Apr 2024 08:54:07 +0000
ROA not before: Sun 14 Apr 2024 08:54:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.27.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 18:53:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:d0:54:19:d2:82:b2:a7:97:8d:46:50:7f:72:80:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 14 08:54:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=609e6c4331cff9b1442b0049474801267b449241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:07:5b:c5:00:52:32:93:0d:c9:5c:de:2a:72:
b9:7c:65:55:2e:eb:a2:5d:23:2a:6e:bc:34:de:cc:
f9:d1:d3:74:7c:c1:64:02:c2:cb:fd:9f:78:3f:15:
c7:7a:a1:7d:20:4d:0f:7f:6b:c8:bf:87:68:b8:df:
c6:ad:64:50:44:9d:bc:f7:cf:ec:66:13:d8:42:0a:
1d:69:e7:66:9e:72:26:16:1d:74:3c:52:41:91:2d:
ac:70:d0:4d:b9:d7:3a:ed:c2:90:e0:8b:7d:2e:72:
4e:69:16:cd:a7:01:9e:1c:b2:45:80:ce:27:72:47:
76:7f:f6:de:11:23:da:ad:2e:ba:44:21:0a:54:c6:
a9:00:49:fa:23:1d:31:d4:05:1c:95:97:a1:75:94:
3b:bd:97:94:27:30:c1:af:32:36:f1:f0:9a:85:0c:
22:6e:4c:1c:17:e6:9f:38:82:17:e8:9a:ee:ea:02:
8c:f5:1b:2d:ad:07:42:8e:d4:ac:6f:ae:72:fd:94:
9a:f4:8f:d7:2c:3b:86:7e:bb:51:28:3c:05:70:4d:
23:3c:87:72:9c:3b:b7:5a:c2:4b:7c:7d:21:80:44:
4f:87:c4:34:9e:1d:c6:33:6d:fa:59:bc:ca:8a:f8:
1c:09:2a:1b:dd:ba:dc:00:ba:55:f1:34:60:ea:bf:
8f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9E:6C:43:31:CF:F9:B1:44:2B:00:49:47:48:01:26:7B:44:92:41
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/YJ5sQzHP-bFEKwBJR0gBJntEkkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
185.250.27.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
21:fc:a2:c5:3e:d3:ce:4d:5e:70:48:80:fb:15:f2:e6:ca:cb:
65:d1:42:7d:e9:3b:1b:b9:e7:f4:f6:10:b8:ca:8e:41:91:02:
a0:cc:07:74:19:c7:70:94:c4:ba:ef:a8:75:e4:42:7b:62:e7:
c8:a2:f7:5b:76:7d:b4:52:6b:fc:d6:7b:47:f4:e2:7c:15:4a:
21:50:31:91:3d:3d:74:e1:b7:19:b0:52:98:b5:24:1d:c7:82:
57:4c:bd:31:4b:ad:88:dd:c2:97:b3:6e:4b:f7:4b:ba:d4:23:
05:df:8f:84:25:78:24:e7:50:4a:5c:f7:46:0b:60:76:37:25:
26:af:cb:e4:bb:fb:71:b5:8e:45:f0:f5:b3:81:68:2a:25:6c:
2a:06:18:73:2a:a9:88:39:75:4d:43:16:68:73:8f:19:70:63:
89:66:ea:9b:4d:33:22:c4:0f:e7:08:58:45:78:a7:ee:90:2c:
e3:67:25:7f:dc:e7:18:ea:6c:cb:17:a6:1a:0d:26:b2:44:24:
36:40:94:86:fc:4e:19:e9:a3:05:9b:36:44:b1:ca:ef:8a:95:
3e:b3:3e:75:d2:27:3f:78:55:3e:3c:5a:a6:87:37:1e:3f:0c:
00:1c:90:ad:34:9b:44:95:12:08:e8:61:1f:03:6f:0d:53:d3:
a8:f5:10:ef
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY7b0FQZ0oKyp5eNRlB/coAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNDE0MDg1NDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDllNmM0MzMxY2ZmOWIxNDQyYjAwNDk0NzQ4MDEyNjdiNDQ5MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwdbxQBSMpMNyVzeKnK5fGVVLuui
XSMqbrw03sz50dN0fMFkAsLL/Z94PxXHeqF9IE0Pf2vIv4douN/GrWRQRJ2898/s
ZhPYQgodaedmnnImFh10PFJBkS2scNBNudc67cKQ4It9LnJOaRbNpwGeHLJFgM4n
ckd2f/beESParS66RCEKVMapAEn6Ix0x1AUclZehdZQ7vZeUJzDBrzI28fCahQwi
bkwcF+afOIIX6Jru6gKM9RstrQdCjtSsb65y/ZSa9I/XLDuGfrtRKDwFcE0jPIdy
nDu3WsJLfH0hgERPh8Q0nh3GM236WbzKivgcCSob3brcALpV8TRg6r+P9wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGCebEMxz/mxRCsASUdIASZ7RJJBMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWUo1c1F6SFAtYkZFS3dCSlIwZ0JKbnRFa2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZv8AwQA
LZv/AwQAsH37AwQAuceXAwQAucfVAwQAueK1AwQAufobAwQAwpJcMA0GCSqGSIb3
DQEBCwUAA4IBAQAh/KLFPtPOTV5wSID7FfLmystl0UJ96Tsbuef09hC4yo5BkQKg
zAd0GcdwlMS676h15EJ7YufIovdbdn20Umv81ntH9OJ8FUohUDGRPT104bcZsFKY
tSQdx4JXTL0xS62I3cKXs25L90u61CMF34+EJXgk51BKXPdGC2B2NyUmr8vku/tx
tY5F8PWzgWgqJWwqBhhzKqmIOXVNQxZoc48ZcGOJZuqbTTMixA/nCFhFeKfukCzj
ZyV/3OcY6mzLF6YaDSayRCQ2QJSG/E4Z6aMFmzZEscrvipU+sz510ic/eFU+PFqm
hzcePwwAHJCtNJtElRII6GEfA28NU9Oo9RDv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org