Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/evhcHk0nO-p8-NdwemYFOnd48fs.roa
File: evhcHk0nO-p8-NdwemYFOnd48fs.roa (raw, json)
Hash identifier: wFzCGrVDtNFmgAu/ffNhVltYtvoIwnVWAbrXnomqYrI=
Subject key identifier: 7A:F8:5C:1E:4D:27:3B:EA:7C:F8:D7:70:7A:66:05:3A:77:78:F1:FB
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018D199EDF65F87BB1DF9E6B220CA1217BA4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/evhcHk0nO-p8-NdwemYFOnd48fs.roa
Signing time: Wed 17 Jan 2024 22:50:58 +0000
ROA not before: Wed 17 Jan 2024 22:50:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 12:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:19:9e:df:65:f8:7b:b1:df:9e:6b:22:0c:a1:21:7b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 17 22:50:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7af85c1e4d273bea7cf8d7707a66053a7778f1fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a3:53:63:81:2d:a1:96:f4:69:97:56:d9:72:
69:34:65:8a:01:30:30:6d:bc:36:af:7f:97:9b:ef:
4f:4f:00:12:be:86:b9:cd:26:1e:a9:bb:82:38:d5:
25:05:5a:2e:67:9e:67:24:fa:b4:03:40:72:67:13:
58:21:56:f5:e6:e2:0d:18:7b:51:c7:0f:e0:2c:7e:
76:54:e6:64:aa:01:4f:62:a1:32:2f:0e:fe:70:3b:
1e:3e:75:e0:53:ca:13:2c:95:8a:fe:c6:e9:4c:fa:
91:a6:da:23:1f:eb:a0:b5:43:5f:44:98:0e:6a:8b:
87:e8:9c:06:b1:52:c2:a6:9b:87:4f:19:61:f1:3a:
dd:32:d9:f7:8c:8e:bd:1d:96:49:bd:01:6b:29:f3:
17:e6:ec:a3:66:bd:7f:90:4c:a0:0d:00:e4:09:8d:
40:05:4b:73:e4:ef:16:26:e8:30:93:07:ac:dc:e4:
54:bb:5c:c1:ef:a4:aa:a8:82:9f:30:8f:ca:36:0b:
3d:0b:f2:9f:ab:f3:0a:f3:c5:83:4a:04:01:18:b7:
08:bf:d8:c9:ef:90:51:f6:84:2c:14:ed:24:af:00:
db:c1:fc:8f:9e:59:79:f3:de:e8:7d:ac:b2:10:6b:
22:f6:ad:a0:03:e4:6c:ac:77:f0:35:ec:ea:08:46:
89:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F8:5C:1E:4D:27:3B:EA:7C:F8:D7:70:7A:66:05:3A:77:78:F1:FB
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/evhcHk0nO-p8-NdwemYFOnd48fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
47:93:95:b9:8e:ce:d0:83:8d:ca:06:d8:aa:e8:32:17:8b:d7:
b6:27:11:4b:b2:77:78:65:a7:44:bb:50:6c:0b:3e:54:17:be:
6d:65:f7:bd:f8:fb:06:4b:e0:27:7c:32:d4:18:18:36:27:1d:
57:c3:c7:f4:4e:74:ed:7a:97:76:12:bc:53:53:c7:d4:b9:35:
52:12:b1:35:0f:da:fc:b3:82:06:7f:6e:5f:15:23:dd:d0:a8:
36:29:8b:37:60:d5:17:dd:38:97:4e:5b:f6:a8:78:c8:9e:63:
1f:99:92:72:d2:98:70:05:85:7d:50:4d:d7:11:b7:d7:6b:91:
18:50:ea:e8:8e:62:79:27:30:f7:24:46:ef:4e:22:b7:31:0c:
5c:71:6a:d8:e0:cf:95:95:4c:bf:cd:ee:c2:be:0c:2e:0e:fc:
45:1d:56:79:75:59:61:cd:43:61:e1:8a:23:3d:da:73:27:2f:
4e:4e:be:b5:bf:e9:47:70:fd:38:b7:6d:3a:9b:92:22:05:f6:
19:8b:c2:99:f8:8f:65:aa:37:d6:97:e1:0b:1a:5e:a2:2c:3c:
ea:c4:c3:6c:20:5d:17:50:26:bc:ea:41:ad:5c:ea:80:7a:ba:
c6:30:47:f7:8d:ca:f3:ab:43:7a:ba:47:bb:e2:a8:31:4d:b1:
b3:f0:18:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0Znt9l+Hux355rIgyhIXukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTE3MjI1MDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWY4NWMxZTRkMjczYmVhN2NmOGQ3NzA3YTY2MDUzYTc3NzhmMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aNTY4EtoZb0aZdW2XJpNGWKATAw
bbw2r3+Xm+9PTwASvoa5zSYeqbuCONUlBVouZ55nJPq0A0ByZxNYIVb15uINGHtR
xw/gLH52VOZkqgFPYqEyLw7+cDsePnXgU8oTLJWK/sbpTPqRptojH+ugtUNfRJgO
aouH6JwGsVLCppuHTxlh8TrdMtn3jI69HZZJvQFrKfMX5uyjZr1/kEygDQDkCY1A
BUtz5O8WJugwkwes3ORUu1zB76SqqIKfMI/KNgs9C/Kfq/MK88WDSgQBGLcIv9jJ
75BR9oQsFO0krwDbwfyPnll5897ofayyEGsi9q2gA+RsrHfwNezqCEaJtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHr4XB5NJzvqfPjXcHpmBTp3ePH7MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvZXZoY0hrMG5PLXA4LU5kd2VtWUZPbmQ0OGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZv8AwQA
LZv/AwQALZ3RAwQAuceXAwQAucfVAwQAueK1MA0GCSqGSIb3DQEBCwUAA4IBAQBH
k5W5js7Qg43KBtiq6DIXi9e2JxFLsnd4ZadEu1BsCz5UF75tZfe9+PsGS+AnfDLU
GBg2Jx1Xw8f0TnTtepd2ErxTU8fUuTVSErE1D9r8s4IGf25fFSPd0Kg2KYs3YNUX
3TiXTlv2qHjInmMfmZJy0phwBYV9UE3XEbfXa5EYUOrojmJ5JzD3JEbvTiK3MQxc
cWrY4M+VlUy/ze7CvgwuDvxFHVZ5dVlhzUNh4YojPdpzJy9OTr61v+lHcP04t206
m5IiBfYZi8KZ+I9lqjfWl+ELGl6iLDzqxMNsIF0XUCa86kGtXOqAerrGMEf3jcrz
q0N6uke74qgxTbGz8Bgq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org