Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/krmM4076JJCwvyvM2NtHUlGmOAk.roa
File: krmM4076JJCwvyvM2NtHUlGmOAk.roa (raw, json)
Hash identifier: nOeDhtT+Bqfl24DdPU8DbUpDoJyw9LlPzZ92ftVNwz0=
Subject key identifier: 92:B9:8C:E3:4E:FA:24:90:B0:BF:2B:CC:D8:DB:47:52:51:A6:38:09
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CC8DF13D6CF54D4ECB4C5F282B8A32F9F
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/krmM4076JJCwvyvM2NtHUlGmOAk.roa
Signing time: Tue 02 Jan 2024 06:31:51 +0000
ROA not before: Tue 02 Jan 2024 06:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 45.155.254.0/24 maxlen: 24
45.155.253.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 05:41:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:13:d6:cf:54:d4:ec:b4:c5:f2:82:b8:a3:2f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 06:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92b98ce34efa2490b0bf2bccd8db475251a63809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f2:4f:71:c2:88:b7:c3:54:0a:f8:8e:c0:35:
40:e5:f5:d7:30:3a:d7:05:55:bc:3e:c8:5b:96:5f:
bd:ec:24:3b:48:59:50:09:a6:9f:a1:0e:2c:b1:7d:
88:c6:e8:e1:76:d9:6c:a3:52:82:64:31:ba:2e:13:
39:f5:99:07:c5:c1:4a:a2:8a:3e:a1:81:27:52:b6:
01:71:37:7b:50:23:78:29:15:76:d6:3a:8f:6a:8f:
52:5d:f8:93:28:a1:dc:4d:85:9f:c8:3a:49:f5:0b:
ba:3f:75:7f:cd:a6:cd:18:53:5a:08:2f:4c:11:a0:
5d:fe:cd:4c:70:cf:44:66:fa:cb:ee:b1:84:83:c8:
f9:d1:c8:21:fe:4a:32:a1:48:02:22:8b:17:89:dc:
39:21:93:72:09:15:d0:ac:dd:90:a7:d0:57:c5:ff:
5b:94:6b:7e:3b:29:de:8b:86:87:fb:3a:f0:fd:d7:
c2:83:85:50:e1:ab:da:52:a5:28:ce:72:9f:a6:10:
4a:d2:3c:b6:d8:40:f9:ef:aa:61:96:a7:2f:4c:3f:
62:9f:1d:1f:d6:58:54:49:b8:4a:cb:ea:4f:5b:af:
63:95:dd:47:61:60:25:ad:73:92:9a:49:d1:63:42:
d6:56:81:d9:89:43:54:4e:13:fa:7d:d3:6e:16:37:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B9:8C:E3:4E:FA:24:90:B0:BF:2B:CC:D8:DB:47:52:51:A6:38:09
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/krmM4076JJCwvyvM2NtHUlGmOAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.253.0-45.155.254.255
185.226.180.0/24
Signature Algorithm: sha256WithRSAEncryption
17:38:6c:36:22:9f:66:50:3e:cd:d3:72:31:12:f6:79:f4:9b:
b9:98:c1:f6:6a:c3:d0:4f:f7:b1:b3:9c:9b:4a:2b:66:3f:9f:
78:a5:7b:c9:44:da:da:1b:25:4b:59:43:64:6d:e4:a5:94:51:
9d:17:fa:47:3b:d2:8e:5f:cc:15:3a:21:d1:1b:bc:a8:b9:dc:
3c:8b:87:c6:62:70:ff:61:3c:04:d2:82:60:f1:89:d0:a3:ea:
ff:7f:d4:3d:cc:11:47:b7:f1:dc:57:53:7e:e1:d7:0b:5f:93:
8d:f8:c8:cb:5d:e5:14:aa:8c:7e:93:7d:64:8d:e6:77:48:5f:
99:a8:9e:74:0a:b7:f5:9f:45:d4:13:39:12:54:bf:cb:40:1d:
2d:9e:42:5b:41:7b:b5:5f:06:32:7d:e1:2d:66:34:da:b7:90:
d2:55:98:88:be:c7:c8:c2:5c:da:ed:86:f3:41:d4:a9:bc:bb:
80:fa:3e:cd:6b:52:d0:c9:43:96:75:a5:df:57:2e:68:67:b8:
4b:7c:87:9a:72:38:39:d7:43:18:ed:1b:02:1e:fe:74:c8:5a:
e9:8a:6f:16:14:32:c4:ac:f4:39:98:74:d4:74:7b:db:86:89:
35:72:a1:70:c7:57:57:1b:79:d9:3f:cf:02:68:d6:a8:f3:4b:
0a:66:62:e1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3xPWz1TU7LTF8oK4oy+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTAyMDYzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI5OGNlMzRlZmEyNDkwYjBiZjJiY2NkOGRiNDc1MjUxYTYzODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/JPccKIt8NUCviOwDVA5fXXMDrX
BVW8Pshbll+97CQ7SFlQCaafoQ4ssX2Ixujhdtlso1KCZDG6LhM59ZkHxcFKooo+
oYEnUrYBcTd7UCN4KRV21jqPao9SXfiTKKHcTYWfyDpJ9Qu6P3V/zabNGFNaCC9M
EaBd/s1McM9EZvrL7rGEg8j50cgh/koyoUgCIosXidw5IZNyCRXQrN2Qp9BXxf9b
lGt+Oynei4aH+zrw/dfCg4VQ4avaUqUoznKfphBK0jy22ED576phlqcvTD9inx0f
1lhUSbhKy+pPW69jld1HYWAlrXOSmknRY0LWVoHZiUNUThP6fdNuFjfzEwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJK5jONO+iSQsL8rzNjbR1JRpjgJMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEva3JtTTQwNzZKSkN3dnl2TTJOdEhVbEdtT0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtm/0D
BAAtm/4DBAC54rQwDQYJKoZIhvcNAQELBQADggEBABc4bDYin2ZQPs3TcjES9nn0
m7mYwfZqw9BP97GznJtKK2Y/n3ile8lE2tobJUtZQ2Rt5KWUUZ0X+kc70o5fzBU6
IdEbvKi53DyLh8ZicP9hPATSgmDxidCj6v9/1D3MEUe38dxXU37h1wtfk434yMtd
5RSqjH6TfWSN5ndIX5monnQKt/WfRdQTORJUv8tAHS2eQltBe7VfBjJ94S1mNNq3
kNJVmIi+x8jCXNrthvNB1Km8u4D6Ps1rUtDJQ5Z1pd9XLmhnuEt8h5pyODnXQxjt
GwIe/nTIWumKbxYUMsSs9DmYdNR0e9uGiTVyoXDHV1cbedk/zwJo1qjzSwpmYuE=
-----END CERTIFICATE-----
Generated at Tue Aug 13 09:17:57 2024 by rpki-client on console-ams.rpki-client.org