Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_RD5G4YuYIP3hVI5znWPw3flSdc.roa
File: _RD5G4YuYIP3hVI5znWPw3flSdc.roa (raw, json)
Hash identifier: PHflRV4qNyFE9Zv9WWKHcwX7VpWTqf32oqOzff7Y+0E=
Subject key identifier: FD:10:F9:1B:86:2E:60:83:F7:85:52:39:CE:75:8F:C3:77:E5:49:D7
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0188D3688C3E2773F5B80108A2F56864C5D7
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_RD5G4YuYIP3hVI5znWPw3flSdc.roa
Signing time: Mon 19 Jun 2023 11:27:04 +0000
ROA not before: Mon 19 Jun 2023 11:27:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 12:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:68:8c:3e:27:73:f5:b8:01:08:a2:f5:68:64:c5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 19 11:27:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd10f91b862e6083f7855239ce758fc377e549d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9c:19:d5:05:78:94:e1:ea:c4:95:cd:40:38:
21:7f:f1:b0:36:24:df:3e:19:49:a8:22:04:f8:7f:
38:f1:04:03:4e:9e:52:1b:fe:d6:26:5c:c2:d8:00:
66:0b:97:b0:62:f2:31:8d:bc:1c:68:f9:37:96:45:
2b:e2:45:07:96:70:1f:af:7d:3b:dd:10:6f:2e:26:
51:05:10:08:9e:1d:5e:c7:c6:48:63:e0:0e:ee:a7:
b8:bb:c0:16:1e:2e:c3:af:e3:74:97:45:46:12:86:
e3:0b:0e:0d:8f:46:3b:85:9a:72:e4:6e:c9:0a:11:
80:b1:40:9d:cc:30:d4:5a:18:5d:7b:69:01:81:0f:
d3:74:2b:4f:5c:11:05:98:41:3c:97:fe:13:33:3c:
90:d8:21:45:77:8c:08:fa:b6:8b:9a:ae:04:db:e0:
cc:f1:b5:2b:b5:da:96:4a:5a:79:59:9a:ab:6d:da:
2a:a9:7d:5a:1b:79:d9:2d:00:06:86:92:3b:23:7f:
50:f7:be:c0:83:83:c9:e0:02:d9:b6:09:25:bf:1d:
76:12:12:a0:83:22:19:2f:b0:ac:71:7c:bd:e5:07:
09:56:4c:4b:59:94:4a:0e:b5:2c:54:2e:61:69:d8:
b8:07:23:09:a5:2b:b7:a1:a4:6b:68:83:6a:6f:4e:
d7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:10:F9:1B:86:2E:60:83:F7:85:52:39:CE:75:8F:C3:77:E5:49:D7
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_RD5G4YuYIP3hVI5znWPw3flSdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.247.0/24
176.125.251.0/24
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
03:d0:eb:3e:e4:47:17:48:b1:7c:e6:99:2b:6a:43:07:aa:ee:
9c:a8:a1:ea:f8:12:5d:4a:9a:a0:6e:9f:db:df:65:57:9a:2c:
7a:25:97:37:13:82:ce:a7:c5:e7:84:e1:fb:ba:12:46:9b:54:
4e:35:94:3b:60:41:6e:b7:69:25:db:8e:6b:eb:94:cf:7b:ec:
2e:60:b5:60:45:80:aa:45:ab:fd:30:d3:94:53:bb:3b:92:ac:
23:c3:16:a6:b5:58:cf:d0:ea:3e:56:6b:c4:69:ef:58:2c:6f:
c4:6f:4d:10:e9:07:dc:ce:c0:88:f5:b1:76:9d:ee:2d:15:c3:
ef:d5:c1:27:eb:68:d0:10:f8:de:e5:f8:aa:f9:2e:c9:b9:51:
31:50:e3:04:4a:31:d2:49:f9:c4:6f:e8:3e:5a:2a:90:45:9a:
7e:c4:dc:f5:21:4b:87:c6:1d:41:ff:48:d0:64:79:48:f7:d5:
cd:9a:23:c6:76:51:2e:8d:27:04:13:25:0e:fa:94:d8:2e:a4:
59:b6:2a:7d:9a:86:34:08:ae:79:b3:d0:aa:7f:3d:61:0a:8c:
4b:40:d2:c5:0d:ea:3a:30:a0:d6:90:66:d9:85:a6:a5:34:86:
54:52:9e:00:aa:ea:bc:18:fd:46:25:b5:42:e4:f3:c4:4d:4f:
2b:31:2a:dc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjTaIw+J3P1uAEIovVoZMXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjE5MTEyNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDEwZjkxYjg2MmU2MDgzZjc4NTUyMzljZTc1OGZjMzc3ZTU0OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspwZ1QV4lOHqxJXNQDghf/GwNiTf
PhlJqCIE+H848QQDTp5SG/7WJlzC2ABmC5ewYvIxjbwcaPk3lkUr4kUHlnAfr307
3RBvLiZRBRAInh1ex8ZIY+AO7qe4u8AWHi7Dr+N0l0VGEobjCw4Nj0Y7hZpy5G7J
ChGAsUCdzDDUWhhde2kBgQ/TdCtPXBEFmEE8l/4TMzyQ2CFFd4wI+raLmq4E2+DM
8bUrtdqWSlp5WZqrbdoqqX1aG3nZLQAGhpI7I39Q977Ag4PJ4ALZtgklvx12EhKg
gyIZL7CscXy95QcJVkxLWZRKDrUsVC5hadi4ByMJpSu3oaRraINqb07XewIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP0Q+RuGLmCD94VSOc51j8N35UnXMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvX1JENUc0WXVZSVAzaFZJNXpuV1B3M2ZsU2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZv8AwQA
LZv/AwQALZ3RAwQAT2L3AwQAsH37AwQAwpJdMA0GCSqGSIb3DQEBCwUAA4IBAQAD
0Os+5EcXSLF85pkrakMHqu6cqKHq+BJdSpqgbp/b32VXmix6JZc3E4LOp8XnhOH7
uhJGm1RONZQ7YEFut2kl245r65TPe+wuYLVgRYCqRav9MNOUU7s7kqwjwxamtVjP
0Oo+VmvEae9YLG/Eb00Q6QfczsCI9bF2ne4tFcPv1cEn62jQEPje5fiq+S7JuVEx
UOMESjHSSfnEb+g+WiqQRZp+xNz1IUuHxh1B/0jQZHlI99XNmiPGdlEujScEEyUO
+pTYLqRZtip9moY0CK55s9Cqfz1hCoxLQNLFDeo6MKDWkGbZhaalNIZUUp4Aquq8
GP1GJbVC5PPETU8rMSrc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org