Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/gINcnJIc119Dbpm3APiz44znZD4.roa
File: gINcnJIc119Dbpm3APiz44znZD4.roa (raw, json)
Hash identifier: PMi8H7iFxBhGTmQJHDY0EFzbHgYfxgOk1Igjc+PPIF8=
Subject key identifier: 80:83:5C:9C:92:1C:D7:5F:43:6E:99:B7:00:F8:B3:E3:8C:E7:64:3E
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018E037E8C079A2142A61234A809535365DE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/gINcnJIc119Dbpm3APiz44znZD4.roa
Signing time: Sun 03 Mar 2024 08:46:48 +0000
ROA not before: Sun 03 Mar 2024 08:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.252.0/24 maxlen: 24
45.155.255.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
45.157.210.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 17:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:03:7e:8c:07:9a:21:42:a6:12:34:a8:09:53:53:65:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 3 08:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80835c9c921cd75f436e99b700f8b3e38ce7643e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:29:dd:a2:0a:01:2c:69:3e:a1:4a:44:5c:31:
bf:ab:2f:a1:9d:0b:bc:7e:22:f3:d9:da:60:20:4b:
64:59:0a:9b:78:62:c6:a3:71:89:4b:eb:96:d2:6e:
06:ff:a0:29:a5:a6:0c:e6:01:16:ea:f8:52:2a:03:
79:5d:64:37:a4:6f:d4:9a:ef:33:18:b1:f2:81:af:
66:18:d3:bb:27:29:fa:b3:09:21:3b:89:b9:4b:d1:
66:d7:37:c6:13:87:20:ff:99:10:e9:a8:3c:1d:54:
58:8a:6b:7c:6e:07:84:45:94:a9:6c:e4:e3:de:8b:
af:aa:23:06:e7:2c:27:64:a2:68:66:67:b1:18:d5:
ee:13:cc:d1:e2:4b:f6:7c:8e:eb:eb:c8:87:20:c4:
a1:e8:3c:83:76:f7:50:58:da:81:07:13:fe:b1:78:
b6:75:6c:f4:af:41:8e:bc:75:83:65:df:38:53:60:
00:bb:c9:a3:56:34:22:93:0e:d4:a7:7c:b8:18:84:
d6:6d:f2:8c:91:eb:6f:b8:fc:7a:6d:79:89:90:e1:
9e:07:03:27:88:f9:37:1f:2e:8f:d1:08:09:17:16:
40:0e:c3:2f:93:14:a0:f2:6d:d1:54:f1:18:5f:ca:
c4:b0:7f:16:da:60:2b:36:a3:e3:80:00:e3:6f:67:
7a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:83:5C:9C:92:1C:D7:5F:43:6E:99:B7:00:F8:B3:E3:8C:E7:64:3E
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/gINcnJIc119Dbpm3APiz44znZD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0-45.157.210.255
79.98.246.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.226.181.0/24
Signature Algorithm: sha256WithRSAEncryption
07:26:e5:05:7c:41:6d:e6:dd:f5:8c:b3:fb:b3:12:c3:b9:1e:
a5:e2:c1:f5:7e:f7:27:6a:fa:60:f4:c3:a4:6a:b0:d3:db:d6:
3a:5f:98:a6:24:dd:77:3f:da:9c:44:a7:72:13:27:f7:cd:e8:
30:3f:d0:41:4c:16:6a:0e:f3:18:7e:9b:23:09:04:01:7d:aa:
75:7c:90:b6:f6:d1:e1:ea:3d:4f:74:c2:43:18:16:af:2f:22:
a1:40:12:34:3e:6b:06:b9:28:16:87:92:f9:43:1a:00:cf:f2:
fb:35:b7:ec:69:54:97:01:09:12:80:e8:96:95:2d:9f:e8:41:
e6:c9:cf:84:dd:3a:a6:56:b7:46:79:0f:1d:27:43:55:ec:f2:
f8:be:78:12:bd:4d:d3:13:80:f6:8a:cf:59:bd:15:0c:a7:d1:
69:d6:b1:6d:52:64:79:17:77:7a:95:b3:4e:c5:e1:db:74:00:
e1:a6:dc:21:c4:d6:1b:0c:fa:64:1a:c0:a5:ed:50:43:39:3f:
cd:b3:02:c8:df:63:ce:54:96:09:99:53:fa:72:e4:65:d8:bc:
d5:23:57:b6:79:f8:46:9e:a4:60:be:a4:65:73:98:b1:c4:33:
39:6b:6f:24:1f:0d:f4:30:1d:f5:9d:2e:5b:fc:ea:d3:b5:a7:
81:b4:0e:61
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY4DfowHmiFCphI0qAlTU2XeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMzAzMDg0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDgzNWM5YzkyMWNkNzVmNDM2ZTk5YjcwMGY4YjNlMzhjZTc2NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyndogoBLGk+oUpEXDG/qy+hnQu8
fiLz2dpgIEtkWQqbeGLGo3GJS+uW0m4G/6AppaYM5gEW6vhSKgN5XWQ3pG/Umu8z
GLHyga9mGNO7Jyn6swkhO4m5S9Fm1zfGE4cg/5kQ6ag8HVRYimt8bgeERZSpbOTj
3ouvqiMG5ywnZKJoZmexGNXuE8zR4kv2fI7r68iHIMSh6DyDdvdQWNqBBxP+sXi2
dWz0r0GOvHWDZd84U2AAu8mjVjQikw7Up3y4GITWbfKMketvuPx6bXmJkOGeBwMn
iPk3Hy6P0QgJFxZADsMvkxSg8m3RVPEYX8rEsH8W2mArNqPjgADjb2d6DQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFICDXJySHNdfQ26ZtwD4s+OM52Q+MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvZ0lOY25KSWMxMTlEYnBtM0FQaXo0NHpuWkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALZv8AwQA
LZv/MAwDBAAtndEDBAAtndIDBABPYvYDBACwffsDBAC5x5cDBAC5x9UDBAC54rUw
DQYJKoZIhvcNAQELBQADggEBAAcm5QV8QW3m3fWMs/uzEsO5HqXiwfV+9ydq+mD0
w6RqsNPb1jpfmKYk3Xc/2pxEp3ITJ/fN6DA/0EFMFmoO8xh+myMJBAF9qnV8kLb2
0eHqPU90wkMYFq8vIqFAEjQ+awa5KBaHkvlDGgDP8vs1t+xpVJcBCRKA6JaVLZ/o
QebJz4TdOqZWt0Z5Dx0nQ1Xs8vi+eBK9TdMTgPaKz1m9FQyn0WnWsW1SZHkXd3qV
s07F4dt0AOGm3CHE1hsM+mQawKXtUEM5P82zAsjfY85UlgmZU/py5GXYvNUjV7Z5
+EaepGC+pGVzmLHEMzlrbyQfDfQwHfWdLlv86tO1p4G0DmE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org