Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hNsj_HZK-b2G0psakoINl6g7m1I.roa
File: hNsj_HZK-b2G0psakoINl6g7m1I.roa (raw, json)
Hash identifier: FV2T6yJvlxthsnXl/mewI1ehi4Bn/eqGmtDl1JpoO7Y=
Subject key identifier: 84:DB:23:FC:76:4A:F9:BD:86:D2:9B:1A:92:82:0D:97:A8:3B:9B:52
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01891AC6D69FF98BF0D0CC4097359FDE2813
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hNsj_HZK-b2G0psakoINl6g7m1I.roa
Signing time: Mon 03 Jul 2023 08:03:05 +0000
ROA not before: Mon 03 Jul 2023 08:03:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jul 2023 10:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:c6:d6:9f:f9:8b:f0:d0:cc:40:97:35:9f:de:28:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 3 08:03:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84db23fc764af9bd86d29b1a92820d97a83b9b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:25:31:b6:54:2a:6b:74:a8:4c:f2:bb:69:56:
08:29:3a:35:83:51:cb:d4:56:03:8d:0d:a8:ba:7b:
7e:3c:1e:de:a6:d6:54:c2:c8:db:20:98:14:d5:49:
00:63:d6:c6:16:4d:29:e9:ec:51:8f:13:c6:77:1b:
6e:d6:ad:a3:f6:d9:98:e0:00:1d:d5:f8:58:90:f6:
24:81:0d:ba:a5:94:c6:68:2e:d6:34:ad:1f:a7:83:
ca:93:1b:95:c8:5c:03:cf:35:a2:a6:3b:cc:91:7d:
c1:04:57:23:34:5e:a7:01:c9:34:33:93:34:65:2a:
c3:35:bf:74:53:b4:d0:da:ea:77:df:03:b7:a8:23:
d0:8e:02:ee:fd:54:7b:d6:31:71:f5:c1:7a:73:8d:
58:4d:fc:f3:a5:03:4b:9e:41:e0:f4:d4:2a:e0:b0:
56:44:2c:e2:d9:b3:02:96:9f:05:e3:74:b3:ee:ac:
e7:2d:0b:c7:ad:85:38:b3:e9:8e:fd:9a:a8:80:04:
51:c5:e3:74:d9:7c:0f:29:eb:fb:dd:43:7d:cd:1f:
7e:74:03:1a:f5:de:0b:40:02:84:b8:14:86:b6:2d:
18:13:c3:3d:71:d3:82:46:67:28:40:67:80:12:5b:
60:35:5b:4a:74:08:47:22:64:3f:9b:61:55:3f:cc:
81:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DB:23:FC:76:4A:F9:BD:86:D2:9B:1A:92:82:0D:97:A8:3B:9B:52
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hNsj_HZK-b2G0psakoINl6g7m1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.246.0/23
185.225.170.0/24
185.226.181.0/24
185.250.26.0/24
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:19:4b:ac:ce:79:29:f6:68:cd:f0:5c:d1:3c:65:10:d5:38:
3f:0f:f3:fd:06:a0:f2:d0:ea:d7:3a:68:50:6f:d5:23:7d:7a:
31:23:99:91:ff:c3:da:c3:20:1a:c9:1f:ba:89:9d:e8:c0:8a:
eb:e9:5d:07:48:97:cb:4d:c1:ef:12:9a:2c:d2:61:70:64:fe:
3a:02:51:da:1a:29:a8:ab:ae:82:7a:1b:c1:b8:72:6c:88:3e:
4e:67:18:03:21:46:96:a3:44:4a:b0:d5:18:6f:5b:35:fd:5e:
41:d5:f7:63:aa:78:04:39:e6:e2:b7:32:0f:29:03:8f:cd:4c:
cc:d7:fa:a2:dd:8a:5e:6d:a4:c5:e9:5c:7f:ac:90:ae:f2:81:
24:66:6c:44:6c:d0:b6:a9:0e:29:a6:74:56:36:e1:39:00:14:
76:53:fa:a4:dd:fd:b5:a4:46:a8:c1:d7:22:ec:b2:37:79:a5:
e4:c2:bd:b2:72:16:3c:4f:dd:da:d2:ea:33:be:1e:83:48:27:
b4:af:c2:bd:7c:43:98:c4:41:db:48:1b:2c:4a:cf:8a:f3:55:
91:90:12:07:80:8e:9c:7d:3c:aa:2f:b0:58:c5:81:2f:3b:45:
5d:11:75:1c:b9:09:2c:d8:00:a9:92:de:80:f7:c8:2b:35:3e:
95:c3:d8:8c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYkaxtaf+Yvw0MxAlzWf3igTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNzAzMDgwMzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRiMjNmYzc2NGFmOWJkODZkMjliMWE5MjgyMGQ5N2E4M2I5YjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCUxtlQqa3SoTPK7aVYIKTo1g1HL
1FYDjQ2ount+PB7eptZUwsjbIJgU1UkAY9bGFk0p6exRjxPGdxtu1q2j9tmY4AAd
1fhYkPYkgQ26pZTGaC7WNK0fp4PKkxuVyFwDzzWipjvMkX3BBFcjNF6nAck0M5M0
ZSrDNb90U7TQ2up33wO3qCPQjgLu/VR71jFx9cF6c41YTfzzpQNLnkHg9NQq4LBW
RCzi2bMClp8F43Sz7qznLQvHrYU4s+mO/ZqogARRxeN02XwPKev73UN9zR9+dAMa
9d4LQAKEuBSGti0YE8M9cdOCRmcoQGeAEltgNVtKdAhHImQ/m2FVP8yBVQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFITbI/x2Svm9htKbGpKCDZeoO5tSMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaE5zal9IWkstYjJHMHBzYWtvSU5sNmc3bTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZv8AwQA
LZv/AwQALZ3RAwQBT2L2AwQAueGqAwQAueK1AwQAufoaAwQAwpJdMA0GCSqGSIb3
DQEBCwUAA4IBAQDCGUusznkp9mjN8FzRPGUQ1Tg/D/P9BqDy0OrXOmhQb9UjfXox
I5mR/8PawyAayR+6iZ3owIrr6V0HSJfLTcHvEpos0mFwZP46AlHaGimoq66CehvB
uHJsiD5OZxgDIUaWo0RKsNUYb1s1/V5B1fdjqngEOebitzIPKQOPzUzM1/qi3Ype
baTF6Vx/rJCu8oEkZmxEbNC2qQ4ppnRWNuE5ABR2U/qk3f21pEaowdci7LI3eaXk
wr2ychY8T93a0uozvh6DSCe0r8K9fEOYxEHbSBssSs+K81WRkBIHgI6cfTyqL7BY
xYEvO0VdEXUcuQks2ACpkt6A98grNT6Vw9iM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org