Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hcjWMNb-pf3u00oHZ9X-cQhvTxA.roa
File: hcjWMNb-pf3u00oHZ9X-cQhvTxA.roa (raw, json)
Hash identifier: bjDK9c9ZmZYFKdXgQwDXpVy13Gh4EjGZkV/vt9H7SZs=
Subject key identifier: 85:C8:D6:30:D6:FE:A5:FD:EE:D3:4A:07:67:D5:FE:71:08:6F:4F:10
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CC8DF142EB222B430314063E189AD7F88
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hcjWMNb-pf3u00oHZ9X-cQhvTxA.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 45.157.211.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 07:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:14:2e:b2:22:b4:30:31:40:63:e1:89:ad:7f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85c8d630d6fea5fdeed34a0767d5fe71086f4f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:21:1d:cd:3c:13:e7:ab:b3:51:b6:b2:d6:12:
cd:ea:14:a7:46:9f:a8:3d:ee:5a:5f:94:60:0d:49:
90:cb:6f:c8:87:ac:08:f0:4e:af:b2:b5:70:ab:d2:
cf:87:c9:0c:ad:eb:a6:2e:b1:a1:fe:74:a5:bb:ea:
c7:fd:b9:5a:46:44:68:fb:02:c8:ac:0f:ae:39:8d:
cc:5b:67:fd:80:77:43:4f:eb:8c:dc:12:5c:61:10:
00:ce:7d:48:53:f8:67:fe:bc:ae:d1:3b:95:66:c4:
d5:4f:47:aa:bf:be:cd:80:1a:09:2c:42:e8:4b:8d:
10:30:77:f6:9d:14:9f:37:40:3a:dd:33:77:dd:78:
d9:e6:16:d5:0a:0c:fb:17:96:35:52:ec:51:72:f9:
c6:04:b4:7b:17:7b:6c:26:18:2e:04:d3:f8:4d:5e:
57:6f:a7:be:76:d4:c6:b3:04:57:e3:9a:39:ef:6c:
03:c8:4e:e2:52:90:20:37:b5:76:df:78:52:fb:35:
a1:c1:7c:0a:b3:76:d5:c7:fc:eb:23:f0:df:6d:fc:
b3:f8:53:77:05:9a:c3:72:d9:89:f8:ce:f5:36:96:
ba:22:96:d9:8d:b3:4d:40:f7:6f:13:8d:cd:68:28:
61:98:4f:80:1b:51:a7:22:3e:7e:37:ee:f8:9f:16:
14:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C8:D6:30:D6:FE:A5:FD:EE:D3:4A:07:67:D5:FE:71:08:6F:4F:10
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hcjWMNb-pf3u00oHZ9X-cQhvTxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.211.0/24
79.98.246.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:d5:93:00:59:9c:c2:72:17:ab:05:44:40:cc:cb:f4:8f:3b:
b1:e4:60:ff:60:8f:7d:3d:47:6b:31:83:13:7e:9f:61:fe:2c:
95:67:cd:df:37:e6:88:a1:e9:8c:3b:8b:99:47:36:7d:dc:e9:
c3:8c:46:f4:30:29:77:5a:de:6f:2b:cd:e6:06:30:c6:56:9b:
bc:84:1b:ab:86:db:4e:e2:7c:77:83:02:fa:0d:1b:1c:a3:7a:
54:82:96:21:85:d5:4b:66:7c:63:cd:72:b1:07:11:60:a0:43:
da:ef:64:9b:21:0f:c4:8c:92:33:15:e1:1e:e7:b5:25:2a:d2:
34:47:82:5a:2e:ce:cf:7d:0a:c5:d2:86:ca:f4:b5:8d:5a:39:
72:16:42:23:af:51:92:e3:17:94:fc:cf:0c:0c:5a:46:63:b5:
fc:11:06:15:13:01:fd:a7:5a:b0:a5:81:f4:1b:5b:44:98:da:
51:5c:b3:17:42:d7:2e:90:1a:8d:96:f7:03:18:ba:80:41:5a:
39:e6:58:34:f6:38:24:a6:22:2a:cb:d7:da:5b:b2:8d:af:1b:
be:9d:51:7f:4d:f3:09:55:0d:91:a3:af:05:29:37:77:c9:c0:
c5:04:87:7a:7a:f2:47:31:75:c4:60:6b:6e:fe:87:1d:be:73:
28:46:b2:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3xQusiK0MDFAY+GJrX+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWM4ZDYzMGQ2ZmVhNWZkZWVkMzRhMDc2N2Q1ZmU3MTA4NmY0ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyEdzTwT56uzUbay1hLN6hSnRp+o
Pe5aX5RgDUmQy2/Ih6wI8E6vsrVwq9LPh8kMreumLrGh/nSlu+rH/blaRkRo+wLI
rA+uOY3MW2f9gHdDT+uM3BJcYRAAzn1IU/hn/ryu0TuVZsTVT0eqv77NgBoJLELo
S40QMHf2nRSfN0A63TN33XjZ5hbVCgz7F5Y1UuxRcvnGBLR7F3tsJhguBNP4TV5X
b6e+dtTGswRX45o572wDyE7iUpAgN7V233hS+zWhwXwKs3bVx/zrI/Dfbfyz+FN3
BZrDctmJ+M71Npa6IpbZjbNNQPdvE43NaChhmE+AG1GnIj5+N+74nxYUBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIXI1jDW/qX97tNKB2fV/nEIb08QMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaGNqV01OYi1wZjN1MDBvSFo5WC1jUWh2VHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ3TAwQB
T2L2MA0GCSqGSIb3DQEBCwUAA4IBAQCP1ZMAWZzCcherBURAzMv0jzux5GD/YI99
PUdrMYMTfp9h/iyVZ83fN+aIoemMO4uZRzZ93OnDjEb0MCl3Wt5vK83mBjDGVpu8
hBurhttO4nx3gwL6DRsco3pUgpYhhdVLZnxjzXKxBxFgoEPa72SbIQ/EjJIzFeEe
57UlKtI0R4JaLs7PfQrF0obK9LWNWjlyFkIjr1GS4xeU/M8MDFpGY7X8EQYVEwH9
p1qwpYH0G1tEmNpRXLMXQtcukBqNlvcDGLqAQVo55lg09jgkpiIqy9faW7KNrxu+
nVF/TfMJVQ2Ro68FKTd3ycDFBId6evJHMXXEYGtu/ocdvnMoRrJn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org