Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bDMZncwPvh7iNtjRoMdMFK3rgwM.roa
File: bDMZncwPvh7iNtjRoMdMFK3rgwM.roa (raw, json)
Hash identifier: mYjm70wiDWrHYTSrbaFBaxVQjA6eA1qLNtEvxcW/0pA=
Subject key identifier: 6C:33:19:9D:CC:0F:BE:1E:E2:36:D8:D1:A0:C7:4C:14:AD:EB:83:03
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018A2F26FF7D967EBB325AFA859DB4609B41
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bDMZncwPvh7iNtjRoMdMFK3rgwM.roa
Signing time: Sat 26 Aug 2023 00:03:19 +0000
ROA not before: Sat 26 Aug 2023 00:03:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
185.221.24.0/24 maxlen: 24
185.221.26.0/23 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 16:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2f:26:ff:7d:96:7e:bb:32:5a:fa:85:9d:b4:60:9b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 26 00:03:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c33199dcc0fbe1ee236d8d1a0c74c14adeb8303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:94:c5:5e:a5:2b:ab:01:76:a2:2e:1e:a5:
b1:66:9d:10:9d:6a:62:53:df:db:e5:82:f7:e4:18:
ee:c5:6d:d6:ca:ea:a5:25:ab:71:ba:0a:51:93:d0:
cc:53:21:d1:c7:1f:bf:59:f1:d6:01:e0:a2:0e:17:
f3:39:d3:60:77:4b:66:52:7c:c0:44:05:27:96:2e:
62:96:83:72:d0:38:1c:07:f1:24:86:30:53:0e:0d:
c8:00:9c:27:0c:47:7c:72:0f:d5:bf:c6:9e:93:a8:
a7:73:3c:ed:29:5d:c9:82:2b:48:36:46:0e:87:98:
b9:38:17:93:82:56:a4:8e:e8:91:93:5a:06:d3:1a:
a5:94:b5:7a:8a:24:b6:a9:ad:8e:8b:42:0c:12:7b:
b7:9b:12:6f:58:92:b2:0d:a2:ea:ba:10:e2:ce:5a:
45:72:bf:0c:fc:99:44:9d:37:3a:4b:73:d9:f7:3c:
b0:df:71:a9:72:e1:ba:ca:1e:dd:25:7e:36:23:b5:
90:9c:0d:c6:b4:d5:a4:15:66:a2:ba:e9:9f:d5:68:
da:0e:c8:22:4f:0e:9e:50:55:7e:c6:5b:5f:52:e3:
e3:5d:a1:8b:e8:c8:5e:97:58:1a:9f:02:ce:68:9c:
ed:00:de:7a:77:47:3f:df:6c:be:37:14:74:90:89:
fb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:33:19:9D:CC:0F:BE:1E:E2:36:D8:D1:A0:C7:4C:14:AD:EB:83:03
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bDMZncwPvh7iNtjRoMdMFK3rgwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.246.0/23
176.125.250.0/24
185.199.151.0/24
185.199.212.0/23
185.221.24.0/22
185.225.168.0-185.225.170.255
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
00:e6:81:20:14:e0:85:75:ed:c3:5c:27:f3:cf:98:dd:5f:6c:
a6:6a:ac:e4:be:9a:54:6d:7e:39:e1:69:2b:81:2b:62:4d:27:
09:86:03:4c:4b:d7:6e:f8:97:b8:cb:2b:f6:e8:a8:dd:9b:c2:
76:91:c8:64:2e:15:b1:a8:6d:0c:44:a7:ee:03:d2:49:59:3d:
b7:77:b6:f2:47:f2:52:76:66:ed:c7:fb:4b:8e:2b:20:4e:64:
24:40:29:80:8c:29:27:79:cd:14:41:f4:30:49:77:67:0a:96:
98:4a:e9:46:a8:ec:c0:c4:4f:58:64:e6:78:6e:d1:f2:9f:5d:
ef:2b:fe:28:d6:3e:92:d0:d8:fd:f3:6e:f4:a4:dd:85:0b:8a:
e5:d3:20:0f:78:09:00:33:41:9e:02:8c:fd:ef:ff:37:cd:d2:
00:48:ff:bd:d4:13:a7:79:02:26:99:da:ba:e2:67:2c:f8:3a:
96:2f:e3:5a:d9:81:bf:16:47:ed:3a:1e:91:c1:4c:cc:e8:c3:
f8:0b:9c:ba:7c:fa:8f:ec:db:60:12:5f:cd:25:e6:02:19:80:
f2:bc:98:df:d8:3a:35:51:e5:9c:38:ca:b5:71:f9:bb:a5:0e:
f7:a8:00:1e:a5:63:a2:c2:c4:21:a5:62:55:40:c3:ca:ad:ee:
02:2d:97:a0
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYovJv99ln67Mlr6hZ20YJtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODI2MDAwMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMzMTk5ZGNjMGZiZTFlZTIzNmQ4ZDFhMGM3NGMxNGFkZWI4MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpOUxV6lK6sBdqIuHqWxZp0QnWpi
U9/b5YL35BjuxW3WyuqlJatxugpRk9DMUyHRxx+/WfHWAeCiDhfzOdNgd0tmUnzA
RAUnli5iloNy0DgcB/EkhjBTDg3IAJwnDEd8cg/Vv8aek6inczztKV3JgitINkYO
h5i5OBeTglakjuiRk1oG0xqllLV6iiS2qa2Oi0IMEnu3mxJvWJKyDaLquhDizlpF
cr8M/JlEnTc6S3PZ9zyw33GpcuG6yh7dJX42I7WQnA3GtNWkFWaiuumf1WjaDsgi
Tw6eUFV+xltfUuPjXaGL6Mhel1ganwLOaJztAN56d0c/32y+NxR0kIn75wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFGwzGZ3MD74e4jbY0aDHTBSt64MDMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvYkRNWm5jd1B2aDdpTnRqUm9NZE1GSzNyZ3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALZv8AwQA
LZv/AwQALZ3RAwQBT2L2AwQAsH36AwQAuceXAwQBucfUAwQCud0YMAwDBAO54agD
BAC54aoDBAC5+hoDBAHCklwwDQYJKoZIhvcNAQELBQADggEBAADmgSAU4IV17cNc
J/PPmN1fbKZqrOS+mlRtfjnhaSuBK2JNJwmGA0xL1274l7jLK/boqN2bwnaRyGQu
FbGobQxEp+4D0klZPbd3tvJH8lJ2Zu3H+0uOKyBOZCRAKYCMKSd5zRRB9DBJd2cK
lphK6Uao7MDET1hk5nhu0fKfXe8r/ijWPpLQ2P3zbvSk3YULiuXTIA94CQAzQZ4C
jP3v/zfN0gBI/73UE6d5AiaZ2rriZyz4OpYv41rZgb8WR+06HpHBTMzow/gLnLp8
+o/s22ASX80l5gIZgPK8mN/YOjVR5Zw4yrVx+bulDveoAB6lY6LCxCGlYlVAw8qt
7gItl6A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org