Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hwgqBn6aOzDO0mLRhjluzCKxDfQ.roa
File: hwgqBn6aOzDO0mLRhjluzCKxDfQ.roa (raw, json)
Hash identifier: RtH2KWqxNr+wwlkpHeAgwxI6YHkZ/mBBQP1zxG9XdMc=
Subject key identifier: 87:08:2A:06:7E:9A:3B:30:CE:D2:62:D1:86:39:6E:CC:22:B1:0D:F4
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0190D99FFC346747F3C85BE30AEACF9C0BFC
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hwgqBn6aOzDO0mLRhjluzCKxDfQ.roa
Signing time: Mon 22 Jul 2024 08:47:38 +0000
ROA not before: Mon 22 Jul 2024 08:47:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.157.208.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 10:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:9f:fc:34:67:47:f3:c8:5b:e3:0a:ea:cf:9c:0b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 22 08:47:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87082a067e9a3b30ced262d186396ecc22b10df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:1e:29:d8:fe:2b:5a:65:5b:bb:98:d9:67:
9c:51:78:28:cb:c4:21:de:23:46:0c:8f:99:44:3a:
36:9c:ce:ab:e4:5f:9a:71:2a:a4:e7:b2:be:4b:58:
7d:c9:14:55:cf:0a:64:d4:62:09:0e:32:1a:a7:ea:
e3:28:85:e0:e9:39:1d:04:a1:8b:e1:1b:c4:cc:e8:
bd:c5:ea:7c:89:8b:85:23:11:74:ed:89:da:f5:06:
e6:f9:5f:69:64:2e:87:93:30:82:ef:4f:86:26:07:
c7:59:a1:70:e0:5e:e2:ba:df:52:58:dc:6e:82:e6:
31:eb:d2:2c:9c:8b:9c:2a:aa:d3:d5:ef:f6:5e:cc:
d2:20:8c:1e:6b:22:0b:ef:68:be:22:85:b2:59:3c:
b5:e7:e4:5a:cd:33:c7:3f:f1:68:92:74:91:64:36:
84:83:a4:12:a1:27:c7:42:47:f6:fa:70:69:31:af:
73:0f:87:d6:51:ad:e2:39:fd:bb:0d:08:2f:7c:8c:
84:f6:ee:98:f1:a2:24:b5:35:0a:bf:84:9f:af:6d:
9b:b4:07:39:a2:55:bc:cf:a9:a1:19:22:ac:e9:c3:
d1:3d:28:ec:ff:c8:32:34:9e:d5:37:1b:bd:df:e5:
48:af:6c:68:fe:5d:11:23:15:bf:e1:6f:f1:ea:a2:
ee:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:08:2A:06:7E:9A:3B:30:CE:D2:62:D1:86:39:6E:CC:22:B1:0D:F4
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hwgqBn6aOzDO0mLRhjluzCKxDfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.208.0/24
176.125.251.0/24
185.199.213.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
52:07:26:8d:f8:34:fa:c2:14:92:ed:09:83:85:1d:18:a7:4a:
72:53:e3:1d:c6:5f:c1:b3:aa:98:7b:dc:c5:07:a2:63:b0:25:
8a:bc:55:52:fa:f2:67:9f:14:b2:87:d8:22:c9:4d:17:fc:02:
3c:cc:ce:31:ec:5b:dd:75:0c:8e:60:f1:fa:e3:a0:1c:9d:3a:
cf:ac:c0:00:d9:b1:ba:8e:b2:fb:37:e0:ab:0e:04:c4:50:17:
87:c7:cd:90:53:cb:53:b5:e6:ab:7c:02:6d:6e:47:8e:8b:c5:
c1:4a:6b:41:05:a4:d4:8e:17:dd:92:18:bc:30:ef:c6:e6:48:
a5:81:f0:b1:b3:55:da:78:69:e5:80:46:d8:c0:41:5d:27:05:
8d:b8:08:37:8a:bf:5f:e6:05:e3:bc:73:6e:17:59:13:e9:a3:
8b:ae:6c:0e:79:e6:4f:c5:b5:8f:d3:04:ce:d6:86:60:24:f4:
68:02:52:69:2f:ca:bb:1f:47:85:ef:ca:1a:e2:c7:c2:35:f9:
2e:80:52:ff:70:2c:f1:28:e7:74:43:e2:7c:6c:90:3c:3b:09:
c4:e4:1e:08:71:25:54:1a:77:bb:cb:43:83:dd:cb:27:42:84:
3a:41:4f:4c:81:3f:25:49:b8:07:26:30:92:e0:a4:ee:53:9c:
8d:f0:ee:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDZn/w0Z0fzyFvjCurPnAv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNzIyMDg0NzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA4MmEwNjdlOWEzYjMwY2VkMjYyZDE4NjM5NmVjYzIyYjEwZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUIeKdj+K1plW7uY2WecUXgoy8Qh
3iNGDI+ZRDo2nM6r5F+acSqk57K+S1h9yRRVzwpk1GIJDjIap+rjKIXg6TkdBKGL
4RvEzOi9xep8iYuFIxF07Yna9Qbm+V9pZC6HkzCC70+GJgfHWaFw4F7iut9SWNxu
guYx69IsnIucKqrT1e/2XszSIIweayIL72i+IoWyWTy15+RazTPHP/FoknSRZDaE
g6QSoSfHQkf2+nBpMa9zD4fWUa3iOf27DQgvfIyE9u6Y8aIktTUKv4Sfr22btAc5
olW8z6mhGSKs6cPRPSjs/8gyNJ7VNxu93+VIr2xo/l0RIxW/4W/x6qLumQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIcIKgZ+mjswztJi0YY5bswisQ30MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaHdncUJuNmFPekRPMG1MUmhqbHV6Q0t4RGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ3QAwQA
sH37AwQAucfVAwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQBSByaN+DT6whSS7QmD
hR0Yp0pyU+Mdxl/Bs6qYe9zFB6JjsCWKvFVS+vJnnxSyh9giyU0X/AI8zM4x7Fvd
dQyOYPH646AcnTrPrMAA2bG6jrL7N+CrDgTEUBeHx82QU8tTtearfAJtbkeOi8XB
SmtBBaTUjhfdkhi8MO/G5kilgfCxs1XaeGnlgEbYwEFdJwWNuAg3ir9f5gXjvHNu
F1kT6aOLrmwOeeZPxbWP0wTO1oZgJPRoAlJpL8q7H0eF78oa4sfCNfkugFL/cCzx
KOd0Q+J8bJA8OwnE5B4IcSVUGne7y0OD3csnQoQ6QU9MgT8lSbgHJjCS4KTuU5yN
8O5a
-----END CERTIFICATE-----
Generated at Thu Jul 25 12:39:08 2024 by rpki-client on console-fra.rpki-client.org