Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/aG-XKdXI5jwtaBOXOu8cufqA_ao.roa
File: aG-XKdXI5jwtaBOXOu8cufqA_ao.roa (raw, json)
Hash identifier: juO37xo6RFlowmp9j5aI9n7STKZl5ZH7u/bOa2rjUmA=
Subject key identifier: 68:6F:97:29:D5:C8:E6:3C:2D:68:13:97:3A:EF:1C:B9:FA:80:FD:AA
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0189B29FAEE7BE7A63475031B689186B4DB6
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/aG-XKdXI5jwtaBOXOu8cufqA_ao.roa
Signing time: Tue 01 Aug 2023 19:42:36 +0000
ROA not before: Tue 01 Aug 2023 19:42:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Aug 2023 10:55:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b2:9f:ae:e7:be:7a:63:47:50:31:b6:89:18:6b:4d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 1 19:42:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=686f9729d5c8e63c2d6813973aef1cb9fa80fdaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3b:9e:6f:37:4a:35:c0:71:c3:be:a9:78:4c:
1a:d9:8d:bc:0e:f1:26:67:f2:f5:1a:85:b6:3d:a2:
bc:95:45:fa:fd:49:bb:84:55:ba:e3:73:3a:b0:3f:
c3:86:6c:84:b2:78:79:da:20:3f:2e:d1:b8:fa:ca:
39:5f:92:96:36:4a:60:60:2b:70:58:d5:ce:b3:c6:
a6:1c:6c:a3:45:d3:71:16:f0:16:66:ac:8a:d3:9a:
27:8c:f0:9f:c6:26:ea:83:c3:6e:db:f0:41:81:44:
ab:46:4d:ea:bd:5a:67:81:af:78:ae:a6:8e:0a:cb:
cd:ed:61:e5:95:1e:e2:fc:67:fe:22:b1:ad:16:68:
36:50:63:d6:a4:47:b1:81:e4:19:13:5c:63:63:84:
8a:fa:9f:d8:dc:27:86:23:77:59:6e:c1:1a:66:91:
d1:9b:71:d6:6c:05:66:86:92:63:23:06:13:d0:0d:
5f:97:ac:4c:ca:05:87:c1:2e:7c:ee:ca:6e:59:dd:
0d:81:ad:c6:b9:05:1c:bf:46:8c:64:3f:e9:56:7c:
1b:03:61:7f:f5:96:1c:62:14:63:a5:d6:f1:ba:00:
b7:ae:c3:e0:ef:49:ba:a5:91:f8:bc:73:8f:84:fa:
b9:23:cc:2f:72:36:9a:81:b0:86:a8:1f:3f:d2:e5:
57:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6F:97:29:D5:C8:E6:3C:2D:68:13:97:3A:EF:1C:B9:FA:80:FD:AA
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/aG-XKdXI5jwtaBOXOu8cufqA_ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.247.0/24
176.125.250.0/24
185.199.151.0/24
185.199.212.0/23
185.225.168.0/22
185.250.25.0-185.250.26.255
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:20:81:db:93:49:02:a2:90:17:90:c5:e3:e6:cf:b4:d6:da:
8d:71:c2:42:b6:c0:19:87:c9:91:19:29:71:46:90:5e:4d:d1:
3b:37:fe:88:99:fc:0d:71:8d:f6:62:bc:f0:4a:6d:a9:5d:3d:
96:e9:2b:89:8e:d4:c6:c3:92:7a:b1:98:ae:c9:88:81:f3:8a:
bb:42:04:5b:ac:d9:e0:0a:01:31:dd:d5:ca:27:be:b4:26:d0:
60:30:7f:80:d1:89:2b:42:17:c7:c5:00:65:f2:c3:98:9f:4a:
d5:f2:1b:1a:65:0c:1c:8a:ed:67:6e:54:3b:37:40:e6:3e:39:
6b:3f:37:79:a9:41:8b:84:e4:71:c8:3a:70:07:85:3f:f6:1e:
a7:64:d2:0c:88:c0:1f:6d:3a:27:c3:e1:ad:0d:a9:bc:16:f6:
14:55:82:fc:3c:9f:98:aa:fe:36:a2:77:3e:4b:78:f3:7a:67:
c3:21:c8:3a:2d:f7:f5:f3:a6:ec:11:a8:3d:18:ff:1c:1a:f9:
72:27:e6:02:83:63:e9:9d:98:03:c8:19:89:ed:f0:09:4f:a8:
92:53:93:0f:14:c3:41:4d:4d:e1:26:db:26:d7:07:54:5f:97:
9f:1d:57:c4:a6:2f:31:34:01:62:4f:7a:de:77:d0:8d:96:ff:
f3:39:4d:b4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYmyn67nvnpjR1AxtokYa022MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODAxMTk0MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZmOTcyOWQ1YzhlNjNjMmQ2ODEzOTczYWVmMWNiOWZhODBmZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TuebzdKNcBxw76peEwa2Y28DvEm
Z/L1GoW2PaK8lUX6/Um7hFW643M6sD/DhmyEsnh52iA/LtG4+so5X5KWNkpgYCtw
WNXOs8amHGyjRdNxFvAWZqyK05onjPCfxibqg8Nu2/BBgUSrRk3qvVpnga94rqaO
CsvN7WHllR7i/Gf+IrGtFmg2UGPWpEexgeQZE1xjY4SK+p/Y3CeGI3dZbsEaZpHR
m3HWbAVmhpJjIwYT0A1fl6xMygWHwS587spuWd0Nga3GuQUcv0aMZD/pVnwbA2F/
9ZYcYhRjpdbxugC3rsPg70m6pZH4vHOPhPq5I8wvcjaagbCGqB8/0uVXGwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGhvlynVyOY8LWgTlzrvHLn6gP2qMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvYUctWEtkWEk1and0YUJPWE91OGN1ZnFBX2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALZv8AwQA
LZv/AwQALZ3RAwQAT2L3AwQAsH36AwQAuceXAwQBucfUAwQCueGoMAwDBAC5+hkD
BAC5+hoDBAHCklwwDQYJKoZIhvcNAQELBQADggEBAMMggduTSQKikBeQxePmz7TW
2o1xwkK2wBmHyZEZKXFGkF5N0Ts3/oiZ/A1xjfZivPBKbaldPZbpK4mO1MbDknqx
mK7JiIHzirtCBFus2eAKATHd1convrQm0GAwf4DRiStCF8fFAGXyw5ifStXyGxpl
DByK7WduVDs3QOY+OWs/N3mpQYuE5HHIOnAHhT/2Hqdk0gyIwB9tOifD4a0NqbwW
9hRVgvw8n5iq/jaidz5LePN6Z8MhyDot9/XzpuwRqD0Y/xwa+XIn5gKDY+mdmAPI
GYnt8AlPqJJTkw8Uw0FNTeEm2ybXB1Rfl58dV8SmLzE0AWJPet530I2W//M5TbQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org