Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cILR1YSiGPELyFWj8Hu4YluNsxk.roa
File: cILR1YSiGPELyFWj8Hu4YluNsxk.roa (raw, json)
Hash identifier: lMVGINcwbZ0EySZQTAv6rZpM0f8Jh4Z0MU6Xhrn4aBQ=
Subject key identifier: 70:82:D1:D5:84:A2:18:F1:0B:C8:55:A3:F0:7B:B8:62:5B:8D:B3:19
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0188169872CAEAE0E4A6C5CBFEC18D21419A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cILR1YSiGPELyFWj8Hu4YluNsxk.roa
Signing time: Sat 13 May 2023 19:31:09 +0000
ROA not before: Sat 13 May 2023 19:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 08:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:16:98:72:ca:ea:e0:e4:a6:c5:cb:fe:c1:8d:21:41:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 13 19:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7082d1d584a218f10bc855a3f07bb8625b8db319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:15:ad:f8:39:a5:b4:54:32:24:e9:f4:a6:60:
44:47:9a:8f:97:5d:eb:13:e0:84:fd:b4:cc:1f:c1:
3a:77:27:f1:b2:d6:73:e0:af:3b:20:d6:0e:08:c2:
b1:ca:33:28:37:24:ab:a1:e0:0c:7e:8a:af:cd:50:
41:07:ba:10:a3:68:6c:57:8b:2b:71:c2:72:f4:10:
2d:c8:d7:e3:9d:14:fe:a8:41:a9:72:57:db:11:f3:
85:80:2e:00:ee:aa:5e:35:9c:27:2e:7d:1b:ce:f4:
f0:a2:eb:d8:f8:e9:64:e4:f6:34:c1:8d:c9:96:9a:
77:58:35:0d:8b:14:73:bd:a4:c3:36:fc:82:7a:8c:
57:4f:f0:5b:e6:da:f5:3a:6d:46:76:a6:5d:cf:cb:
d9:6e:f7:f3:f1:72:bb:9a:6a:fc:9c:4a:97:8e:c8:
8d:6c:e9:9e:00:93:e6:4b:53:0e:2a:83:84:68:f8:
b5:2e:cd:77:79:51:06:8b:96:55:c8:bf:10:d4:9e:
d2:11:07:78:ea:11:42:aa:9f:1d:41:68:f0:f6:53:
25:ce:42:3e:c2:32:6f:dc:5c:7a:cf:82:e4:50:60:
01:65:76:8b:3a:66:4e:2c:25:50:e1:39:03:e9:db:
3f:ab:a7:ad:c4:29:2f:69:33:16:3a:4b:cb:9e:60:
04:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:82:D1:D5:84:A2:18:F1:0B:C8:55:A3:F0:7B:B8:62:5B:8D:B3:19
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cILR1YSiGPELyFWj8Hu4YluNsxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.157.209.0-45.157.210.255
79.98.246.0/24
185.199.148.0/23
185.199.213.0/24
185.225.170.0/23
185.250.25.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:52:39:0e:8f:ee:ec:cb:d9:eb:de:78:1a:0d:83:14:6b:5d:
b1:33:52:02:f5:cc:4f:05:12:0c:51:8d:a2:89:1c:3f:67:44:
b3:2b:d8:50:8e:a2:21:50:f7:32:d4:a1:bd:ca:95:73:26:b1:
7e:95:a4:0b:e3:26:70:89:9c:04:f4:87:b4:f6:99:ca:4e:fa:
ae:42:8e:a8:42:97:ae:60:1a:02:34:d0:2d:1e:02:de:81:0b:
8e:19:0b:4a:8e:e2:19:88:31:01:56:d3:26:30:b0:f2:36:65:
ca:7e:b3:db:85:55:9d:88:86:83:52:59:89:2b:5c:3d:fa:68:
fb:05:ad:7a:c0:70:0b:7d:99:67:15:3c:d4:2b:6e:b5:80:39:
c8:0f:7c:03:3b:e9:1d:f1:f3:80:3f:13:b4:ed:50:20:a2:b6:
ed:e8:66:c7:d0:48:a3:8f:39:ed:f7:27:d5:5d:2b:72:e4:d0:
bf:b7:69:d1:ab:1e:ae:db:29:c8:0a:96:72:b2:66:a1:a5:54:
8a:2a:d0:e6:0e:fb:8c:eb:e3:4b:7c:4a:90:29:e1:e7:3e:b2:
89:b3:3c:2f:b0:5b:27:96:5b:99:1e:9f:c9:f3:86:ce:5a:3b:
9b:70:e2:4e:1f:c0:5a:31:92:68:2b:2e:92:fc:3c:3a:71:c1:
dd:62:f8:8d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYgWmHLK6uDkpsXL/sGNIUGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTEzMTkzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgyZDFkNTg0YTIxOGYxMGJjODU1YTNmMDdiYjg2MjViOGRiMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxWt+DmltFQyJOn0pmBER5qPl13r
E+CE/bTMH8E6dyfxstZz4K87INYOCMKxyjMoNySroeAMfoqvzVBBB7oQo2hsV4sr
ccJy9BAtyNfjnRT+qEGpclfbEfOFgC4A7qpeNZwnLn0bzvTwouvY+Olk5PY0wY3J
lpp3WDUNixRzvaTDNvyCeoxXT/Bb5tr1Om1GdqZdz8vZbvfz8XK7mmr8nEqXjsiN
bOmeAJPmS1MOKoOEaPi1Ls13eVEGi5ZVyL8Q1J7SEQd46hFCqp8dQWjw9lMlzkI+
wjJv3Fx6z4LkUGABZXaLOmZOLCVQ4TkD6ds/q6etxCkvaTMWOkvLnmAEKQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHCC0dWEohjxC8hVo/B7uGJbjbMZMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvY0lMUjFZU2lHUEVMeUZXajhIdTRZbHVOc3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALZv8MAwD
BAAtndEDBAAtndIDBABPYvYDBAG5x5QDBAC5x9UDBAG54aoDBAC5+hkwDQYJKoZI
hvcNAQELBQADggEBALBSOQ6P7uzL2eveeBoNgxRrXbEzUgL1zE8FEgxRjaKJHD9n
RLMr2FCOoiFQ9zLUob3KlXMmsX6VpAvjJnCJnAT0h7T2mcpO+q5CjqhCl65gGgI0
0C0eAt6BC44ZC0qO4hmIMQFW0yYwsPI2Zcp+s9uFVZ2IhoNSWYkrXD36aPsFrXrA
cAt9mWcVPNQrbrWAOcgPfAM76R3x84A/E7TtUCCitu3oZsfQSKOPOe33J9VdK3Lk
0L+3adGrHq7bKcgKlnKyZqGlVIoq0OYO+4zr40t8SpAp4ec+somzPC+wWyeWW5ke
n8nzhs5aO5tw4k4fwFoxkmgrLpL8PDpxwd1i+I0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org