Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/e_3l8cwtAM7CRBL4xJtoxzVaCUc.roa
File: e_3l8cwtAM7CRBL4xJtoxzVaCUc.roa (raw, json)
Hash identifier: ORiDjLAkPkb5qB4lSFQ6fgRJZTUzaRF22BD9db4ks6w=
Subject key identifier: 7B:FD:E5:F1:CC:2D:00:CE:C2:44:12:F8:C4:9B:68:C7:35:5A:09:47
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018EA113605AD10C353AE452D226EF76749F
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/e_3l8cwtAM7CRBL4xJtoxzVaCUc.roa
Signing time: Tue 02 Apr 2024 23:09:45 +0000
ROA not before: Tue 02 Apr 2024 23:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 18:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a1:13:60:5a:d1:0c:35:3a:e4:52:d2:26:ef:76:74:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 2 23:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bfde5f1cc2d00cec24412f8c49b68c7355a0947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:60:85:1d:eb:d7:04:0c:d2:a4:bb:b3:d8:83:
60:1b:f2:3b:5e:9c:8b:11:52:9d:91:4f:45:0c:61:
3b:97:ef:28:62:c6:8b:d9:3f:6c:18:0b:82:bd:f9:
66:57:b1:55:4a:3a:29:e7:2f:1a:eb:a3:3f:ec:91:
09:d9:c6:8e:6a:61:9f:de:81:2f:84:8e:e1:88:6e:
1c:79:e2:f1:6c:ff:7d:5f:09:ca:9c:16:66:1f:28:
51:5b:7e:b9:08:76:76:77:0f:8f:03:0a:f0:78:cc:
06:53:05:b3:a4:cd:42:2b:c6:3b:41:12:62:d8:f0:
4b:59:eb:0c:46:e0:fb:e7:80:a2:5f:cf:40:a0:d5:
0c:77:67:45:3e:c2:7d:cb:df:d7:64:82:6f:55:6f:
52:61:4c:55:0e:b8:41:76:ff:c3:98:d1:7e:05:fa:
d3:c7:b4:f5:a4:ec:14:2a:a2:8a:4c:74:e3:bb:ce:
ec:43:8d:a1:6c:af:56:f2:dd:fa:bd:35:72:a8:93:
01:fe:fb:68:61:79:eb:bb:f0:d5:d8:ee:61:24:3b:
1f:e4:12:7d:82:96:fc:cb:1b:e5:43:63:81:ab:55:
b2:9a:fe:8b:bc:51:6e:83:1b:ae:fb:a2:90:02:8b:
f6:81:f4:38:50:86:8f:f5:27:98:b0:1a:33:2a:23:
c0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:FD:E5:F1:CC:2D:00:CE:C2:44:12:F8:C4:9B:68:C7:35:5A:09:47
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/e_3l8cwtAM7CRBL4xJtoxzVaCUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
79.98.246.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
185.250.27.0/24
Signature Algorithm: sha256WithRSAEncryption
06:92:51:64:4e:ad:2c:c2:16:f8:46:20:a1:0b:d3:61:91:b4:
ba:58:d0:14:37:47:6c:41:fe:c5:41:ae:f1:20:b0:8d:59:5c:
70:0f:30:0e:d2:bd:4f:dd:c9:0d:ad:8e:37:5f:b9:dc:2b:52:
4e:de:06:4e:6d:84:fb:06:80:81:55:47:70:4c:ab:65:61:4e:
6c:6e:07:ff:00:5c:22:ec:ec:cd:cf:aa:db:ec:0b:84:32:5f:
76:94:11:70:d8:89:e7:80:3d:ed:ce:a0:65:a4:fa:f0:17:22:
a1:5b:58:1f:7a:37:97:23:49:ee:52:eb:c2:c1:75:13:82:f4:
2c:43:b8:b3:ae:c0:ef:70:e5:da:a0:88:52:0c:b4:3f:dd:93:
af:2a:b9:64:20:f1:06:5f:2e:34:8c:fc:b5:3d:8c:34:5d:b8:
26:16:0b:70:80:ae:ab:65:8a:79:5e:fb:17:7e:9c:39:05:57:
51:d1:61:d2:c5:78:7a:9d:a7:2d:74:f2:ec:49:ae:28:76:ea:
67:98:13:c5:82:82:9b:96:5c:17:92:47:30:02:c9:75:d8:48:
9c:45:3e:ae:c5:89:fd:c6:e4:69:e1:2e:75:98:07:fc:ca:70:
ac:86:63:46:f7:8c:60:81:20:7c:3b:2b:cf:38:78:2b:de:65:
67:fa:f0:ca
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY6hE2Ba0Qw1OuRS0ibvdnSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNDAyMjMwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmZkZTVmMWNjMmQwMGNlYzI0NDEyZjhjNDliNjhjNzM1NWEwOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WCFHevXBAzSpLuz2INgG/I7XpyL
EVKdkU9FDGE7l+8oYsaL2T9sGAuCvflmV7FVSjop5y8a66M/7JEJ2caOamGf3oEv
hI7hiG4ceeLxbP99XwnKnBZmHyhRW365CHZ2dw+PAwrweMwGUwWzpM1CK8Y7QRJi
2PBLWesMRuD754CiX89AoNUMd2dFPsJ9y9/XZIJvVW9SYUxVDrhBdv/DmNF+BfrT
x7T1pOwUKqKKTHTju87sQ42hbK9W8t36vTVyqJMB/vtoYXnru/DV2O5hJDsf5BJ9
gpb8yxvlQ2OBq1Wymv6LvFFugxuu+6KQAov2gfQ4UIaP9SeYsBozKiPAtwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHv95fHMLQDOwkQS+MSbaMc1WglHMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvZV8zbDhjd3RBTTdDUkJMNHhKdG94elZhQ1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZv8AwQA
LZv/AwQAT2L2AwQAsH37AwQAuceXAwQAucfVAwQAueK1AwQAufobMA0GCSqGSIb3
DQEBCwUAA4IBAQAGklFkTq0swhb4RiChC9NhkbS6WNAUN0dsQf7FQa7xILCNWVxw
DzAO0r1P3ckNrY43X7ncK1JO3gZObYT7BoCBVUdwTKtlYU5sbgf/AFwi7OzNz6rb
7AuEMl92lBFw2InngD3tzqBlpPrwFyKhW1gfejeXI0nuUuvCwXUTgvQsQ7izrsDv
cOXaoIhSDLQ/3ZOvKrlkIPEGXy40jPy1PYw0XbgmFgtwgK6rZYp5XvsXfpw5BVdR
0WHSxXh6nactdPLsSa4odupnmBPFgoKbllwXkkcwAsl12EicRT6uxYn9xuRp4S51
mAf8ynCshmNG94xggSB8OyvPOHgr3mVn+vDK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org