Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hqu76eQDGv3lzCgrwKlvwMl6kik.roa
File: hqu76eQDGv3lzCgrwKlvwMl6kik.roa (raw, json)
Hash identifier: mtOtZLtPsFAj1Tf6z5mM16deolaHMMliEUbn/KwKJ94=
Subject key identifier: 86:AB:BB:E9:E4:03:1A:FD:E5:CC:28:2B:C0:A9:6F:C0:C9:7A:92:29
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 019256B4E61C5DC17A49E2E307BE537183D1
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hqu76eQDGv3lzCgrwKlvwMl6kik.roa
Signing time: Fri 04 Oct 2024 08:45:48 +0000
ROA not before: Fri 04 Oct 2024 08:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 19:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:b4:e6:1c:5d:c1:7a:49:e2:e3:07:be:53:71:83:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 4 08:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86abbbe9e4031afde5cc282bc0a96fc0c97a9229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:51:0d:c7:22:63:29:59:a0:b8:ca:6d:d5:
32:d7:72:2f:b9:8e:67:f0:a2:da:eb:f3:9a:a6:09:
70:0f:3b:fe:8d:05:2b:77:7f:b3:a2:72:1d:18:70:
3d:9c:c2:72:5f:b2:38:dd:9c:c1:ec:08:af:62:39:
71:21:4d:7f:1f:e8:a6:fb:ba:09:d7:ce:15:cf:d4:
d5:b8:00:07:e1:96:41:4f:e3:e2:cf:13:b4:7b:23:
f2:96:10:92:b3:f2:f0:59:46:c3:54:c3:5f:72:00:
6a:61:21:56:2e:2e:8a:1f:3d:99:5d:5f:e9:2a:77:
19:f1:07:20:31:d0:27:b9:7e:58:15:71:10:3d:e0:
28:9e:40:31:af:71:a0:df:75:92:0b:f1:e4:4b:9a:
f2:03:c1:e4:49:8a:bd:ba:e2:b3:9f:fa:1d:7e:d2:
86:fb:75:c0:dd:24:eb:80:bd:86:9f:09:fe:47:c5:
43:aa:95:56:05:f8:47:ed:32:fa:c1:27:40:aa:e6:
e7:d9:71:e1:71:40:b1:a7:33:8c:04:99:80:47:84:
d7:73:06:fa:ef:e2:24:a1:8d:73:9b:9f:b0:45:3f:
72:31:24:b1:2b:2a:80:c9:81:c1:ef:7a:d0:15:b7:
fd:a2:6f:cf:dd:bf:5b:47:1f:dd:1f:99:7a:32:37:
57:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AB:BB:E9:E4:03:1A:FD:E5:CC:28:2B:C0:A9:6F:C0:C9:7A:92:29
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hqu76eQDGv3lzCgrwKlvwMl6kik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.255.0/24
185.199.213.0/24
185.221.26.0/24
Signature Algorithm: sha256WithRSAEncryption
62:bf:9b:25:6c:dd:48:ff:8a:35:bc:f8:df:a0:04:e4:27:d6:
7a:76:de:00:b9:06:1d:b4:48:22:40:53:f7:7e:41:39:5e:a0:
a6:0c:28:be:af:4e:70:3e:ae:51:9c:df:22:43:01:68:e2:97:
52:ce:14:f2:56:48:86:30:85:df:6b:ab:e4:03:17:16:a3:fd:
0c:7e:09:99:0c:0e:cd:f9:e5:2c:60:56:01:ac:b8:e5:68:60:
02:06:a6:44:bf:d7:17:41:d7:d2:71:b9:5b:73:70:20:de:7a:
af:ba:c2:44:08:19:4f:bd:f0:b6:21:a4:32:a6:9a:42:12:fc:
24:3d:30:93:88:a0:0c:93:d1:81:a8:47:fc:9f:23:7a:12:25:
76:63:cc:8c:c7:58:ca:52:73:08:5b:da:98:73:39:52:90:c6:
c2:da:a9:a0:37:50:25:51:a4:e2:6b:90:45:b7:33:ac:79:a1:
25:7c:67:49:85:a8:0b:66:e8:48:8d:b1:d0:dd:3a:55:da:d2:
90:75:ec:5a:54:ee:f9:4f:92:d7:41:4b:33:8b:31:75:e9:41:
0b:82:11:53:bf:f3:46:02:9e:80:03:e1:b0:ab:e8:80:4e:50:
ca:bc:39:3a:4e:d4:34:d5:56:95:1a:0e:48:c7:4c:89:c2:9c:
3e:08:6d:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJWtOYcXcF6SeLjB75TcYPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMDA0MDg0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmFiYmJlOWU0MDMxYWZkZTVjYzI4MmJjMGE5NmZjMGM5N2E5MjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMlRDcciYylZoLjKbdUy13IvuY5n
8KLa6/OapglwDzv+jQUrd3+zonIdGHA9nMJyX7I43ZzB7AivYjlxIU1/H+im+7oJ
184Vz9TVuAAH4ZZBT+PizxO0eyPylhCSs/LwWUbDVMNfcgBqYSFWLi6KHz2ZXV/p
KncZ8QcgMdAnuX5YFXEQPeAonkAxr3Gg33WSC/HkS5ryA8HkSYq9uuKzn/odftKG
+3XA3STrgL2Gnwn+R8VDqpVWBfhH7TL6wSdAqubn2XHhcUCxpzOMBJmAR4TXcwb6
7+IkoY1zm5+wRT9yMSSxKyqAyYHB73rQFbf9om/P3b9bRx/dH5l6MjdXcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIaru+nkAxr95cwoK8Cpb8DJepIpMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaHF1NzZlUURHdjNsekNncndLbHZ3TWw2a2lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZv/AwQA
ucfVAwQAud0aMA0GCSqGSIb3DQEBCwUAA4IBAQBiv5slbN1I/4o1vPjfoATkJ9Z6
dt4AuQYdtEgiQFP3fkE5XqCmDCi+r05wPq5RnN8iQwFo4pdSzhTyVkiGMIXfa6vk
AxcWo/0MfgmZDA7N+eUsYFYBrLjlaGACBqZEv9cXQdfScblbc3Ag3nqvusJECBlP
vfC2IaQypppCEvwkPTCTiKAMk9GBqEf8nyN6EiV2Y8yMx1jKUnMIW9qYczlSkMbC
2qmgN1AlUaTia5BFtzOseaElfGdJhagLZuhIjbHQ3TpV2tKQdexaVO75T5LXQUsz
izF16UELghFTv/NGAp6AA+Gwq+iATlDKvDk6TtQ01VaVGg5Ix0yJwpw+CG3v
-----END CERTIFICATE-----
Generated at Mon Oct 21 22:10:01 2024 by rpki-client on console-fra.rpki-client.org