Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/fdz3goJty30He6vHxXVcVKSyJFw.roa
File: fdz3goJty30He6vHxXVcVKSyJFw.roa (raw, json)
Hash identifier: t6pS0ELm7PZB/WaogFLGEX8Hl+YsUMpSG8xVvryjXMg=
Subject key identifier: 7D:DC:F7:82:82:6D:CB:7D:07:7B:AB:C7:C5:75:5C:54:A4:B2:24:5C
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01915B102A37A29ABC18BBED3F30EB774675
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/fdz3goJty30He6vHxXVcVKSyJFw.roa
Signing time: Fri 16 Aug 2024 12:01:11 +0000
ROA not before: Fri 16 Aug 2024 12:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Aug 2024 09:22:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:10:2a:37:a2:9a:bc:18:bb:ed:3f:30:eb:77:46:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 16 12:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ddcf782826dcb7d077babc7c5755c54a4b2245c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8c:0c:5e:83:e6:b9:a7:78:99:7b:08:54:4c:
c1:cc:3d:65:a8:6b:27:64:02:06:e4:2a:d9:85:79:
78:b2:66:46:68:10:2e:05:db:30:14:37:06:7d:74:
97:ef:7b:03:7f:e7:37:9b:53:38:90:33:94:31:f2:
30:b4:84:14:4a:10:e4:b8:3c:99:e5:38:fb:ce:71:
27:ae:81:50:07:87:d8:89:36:d1:f2:9a:3a:84:35:
c0:81:3a:9b:47:ab:8b:b3:4d:bf:ab:95:71:cd:5d:
53:fb:26:f9:ad:44:61:2b:df:dd:12:37:a3:05:71:
65:05:41:c2:3d:f6:37:ad:85:f9:ff:88:80:58:a2:
fb:b8:16:a3:67:fc:cb:0d:87:ea:21:ea:86:77:63:
2b:27:81:0a:e2:88:22:e8:51:d1:16:a6:5f:6e:b6:
4a:5a:01:1a:f6:7d:84:ff:d6:d4:d7:9d:82:8d:9b:
21:b2:7a:ce:d1:55:79:e7:15:26:7c:62:93:a0:67:
5e:3e:db:e1:b3:78:0c:9a:76:cd:b5:f8:38:f4:63:
b4:36:b3:0a:db:e3:50:0b:91:ab:6f:35:e7:b6:8c:
92:11:11:36:0a:3d:53:03:68:2f:99:b0:17:c5:96:
d2:c2:67:5c:69:6f:94:29:8f:49:9a:f1:bc:7f:fd:
7a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DC:F7:82:82:6D:CB:7D:07:7B:AB:C7:C5:75:5C:54:A4:B2:24:5C
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/fdz3goJty30He6vHxXVcVKSyJFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.254.0/24
79.98.246.0/24
185.199.213.0/24
185.221.26.0/24
185.226.180.0/23
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
97:f2:5b:7e:1c:73:9f:66:3b:e3:ed:75:8c:76:1b:71:52:57:
f8:c8:c2:58:e6:3e:2f:ba:90:48:5a:e9:3d:2b:46:48:ff:c7:
4f:67:25:c7:b4:a5:27:b0:04:1e:c5:36:c9:f7:2b:a7:dc:ff:
d9:32:f6:0e:ab:fc:f2:34:91:21:96:f5:e5:92:48:52:8e:b8:
5e:67:ec:db:44:aa:d4:ea:85:cb:bf:62:71:ae:09:9a:d4:8d:
51:42:eb:95:38:3d:a5:12:1c:2a:cd:bf:f0:6e:ef:5e:8e:8d:
e6:98:1b:3c:5b:37:bd:58:35:1a:8a:2c:a4:f1:0d:4a:00:4b:
df:51:05:c9:2d:94:88:d9:cb:60:ed:56:26:2d:14:c3:00:4f:
6d:95:e9:9d:92:8e:48:e4:d6:f2:7c:7b:9a:46:ec:f3:53:27:
1a:a6:6e:61:d8:d2:16:e3:ff:72:b0:27:fd:87:12:e8:b6:b0:
fc:8d:3c:13:1d:35:29:67:a4:22:42:17:d2:e9:0b:9a:1e:3e:
62:1a:46:52:0f:73:e9:fd:08:22:c7:08:f3:0b:9b:49:4a:f5:
a7:de:27:59:8c:6f:03:7f:01:87:e4:13:eb:47:ef:00:7b:df:
5f:a2:df:0b:8c:3d:e6:4d:55:73:c5:cd:96:d6:e2:6a:34:60:
1e:dc:29:0d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZFbECo3opq8GLvtPzDrd0Z1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwODE2MTIwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRjZjc4MjgyNmRjYjdkMDc3YmFiYzdjNTc1NWM1NGE0YjIyNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzowMXoPmuad4mXsIVEzBzD1lqGsn
ZAIG5CrZhXl4smZGaBAuBdswFDcGfXSX73sDf+c3m1M4kDOUMfIwtIQUShDkuDyZ
5Tj7znEnroFQB4fYiTbR8po6hDXAgTqbR6uLs02/q5VxzV1T+yb5rURhK9/dEjej
BXFlBUHCPfY3rYX5/4iAWKL7uBajZ/zLDYfqIeqGd2MrJ4EK4ogi6FHRFqZfbrZK
WgEa9n2E/9bU152CjZshsnrO0VV55xUmfGKToGdePtvhs3gMmnbNtfg49GO0NrMK
2+NQC5GrbzXntoySERE2Cj1TA2gvmbAXxZbSwmdcaW+UKY9JmvG8f/16jQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH3c94KCbct9B3urx8V1XFSksiRcMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvZmR6M2dvSnR5MzBIZTZ2SHhYVmNWS1N5SkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZv+AwQA
T2L2AwQAucfVAwQAud0aAwQBueK0AwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQCX
8lt+HHOfZjvj7XWMdhtxUlf4yMJY5j4vupBIWuk9K0ZI/8dPZyXHtKUnsAQexTbJ
9yun3P/ZMvYOq/zyNJEhlvXlkkhSjrheZ+zbRKrU6oXLv2Jxrgma1I1RQuuVOD2l
Ehwqzb/wbu9ejo3mmBs8Wze9WDUaiiyk8Q1KAEvfUQXJLZSI2ctg7VYmLRTDAE9t
lemdko5I5NbyfHuaRuzzUycapm5h2NIW4/9ysCf9hxLotrD8jTwTHTUpZ6QiQhfS
6QuaHj5iGkZSD3Pp/QgixwjzC5tJSvWn3idZjG8DfwGH5BPrR+8Ae99fot8LjD3m
TVVzxc2W1uJqNGAe3CkN
-----END CERTIFICATE-----
Generated at Sun Aug 18 12:32:00 2024 by rpki-client on console-ams.rpki-client.org