Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/lIQlADbEVLbYp-JVop04rzmoDpU.roa
File: lIQlADbEVLbYp-JVop04rzmoDpU.roa (raw, json)
Hash identifier: yKTbGMRaBvFheGFkbZ9hW++wjpIggkCOYMoD4yz1gik=
Subject key identifier: 94:84:25:00:36:C4:54:B6:D8:A7:E2:55:A2:9D:38:AF:39:A8:0E:95
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018B329C253D7C3C54BA8276E5328C1E8C08
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/lIQlADbEVLbYp-JVop04rzmoDpU.roa
Signing time: Sun 15 Oct 2023 09:12:55 +0000
ROA not before: Sun 15 Oct 2023 09:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
185.199.213.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/23 maxlen: 24
185.225.171.0/24 maxlen: 24
185.225.168.0/23 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
185.221.24.0/23 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:32:9c:25:3d:7c:3c:54:ba:82:76:e5:32:8c:1e:8c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 15 09:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9484250036c454b6d8a7e255a29d38af39a80e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:da:4b:20:b3:9f:b4:2a:d4:5d:03:f8:e4:3e:
4a:b9:d0:37:cb:b7:d8:e1:20:62:76:ec:3a:d3:0b:
d7:47:96:10:52:9e:80:0a:55:fa:0c:81:14:1a:a0:
47:22:31:dc:96:25:da:af:b9:49:8e:69:c1:9c:a9:
78:ab:b8:6f:7c:1d:23:ed:b9:ef:af:9c:3b:03:18:
5c:ef:cf:8c:37:ce:a3:02:df:db:ef:ba:a4:62:e6:
27:b9:7b:0b:8f:fd:bf:b3:0f:72:fc:92:fa:df:5b:
02:48:e8:60:ed:20:be:28:dc:04:12:a2:5b:22:a9:
2e:ab:bc:7e:5d:18:ab:ee:ef:f2:38:1e:b6:82:12:
fa:d4:39:75:3c:ef:ed:1a:e2:be:a2:45:af:ea:a8:
5c:f5:db:a4:9d:13:91:fe:c0:f7:59:2a:42:95:83:
85:7a:51:8f:27:08:f4:11:44:d1:27:dc:84:35:e3:
8b:50:47:28:3e:81:5b:d0:9d:3c:a2:db:52:11:13:
2b:13:39:cd:c5:54:7d:8f:ce:3e:cb:1e:d5:59:1b:
65:f2:6d:be:a8:05:a5:a6:51:ee:bb:ec:14:9c:20:
b4:5f:c9:64:9e:f9:4b:10:0f:ae:30:79:59:f4:7c:
b8:7a:57:27:37:2f:14:77:43:66:1f:6c:ce:92:65:
9c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:84:25:00:36:C4:54:B6:D8:A7:E2:55:A2:9D:38:AF:39:A8:0E:95
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/lIQlADbEVLbYp-JVop04rzmoDpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
45.157.211.0/24
79.98.245.0-79.98.247.255
176.125.250.0/23
185.199.151.0/24
185.199.212.0/23
185.221.24.0/23
185.225.168.0/22
185.226.181.0/24
185.250.25.0-185.250.26.255
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
80:20:ba:c5:35:c2:7e:b0:53:54:d6:8d:25:39:bb:af:29:89:
fa:e4:15:f9:05:e0:b9:a7:8d:83:c8:67:02:88:19:92:79:dd:
25:5b:8e:cd:f4:65:db:07:2a:bd:b0:45:f2:49:d9:32:03:cb:
33:62:77:41:c8:2f:54:d9:65:1c:3e:9c:39:c0:df:dc:62:9a:
c8:28:4c:6d:06:09:f9:a9:3e:17:f4:a2:de:7e:ad:57:31:38:
1a:a7:4f:4a:8f:76:02:a9:70:ff:15:37:21:03:50:de:4a:8c:
65:f1:ae:f6:68:b6:3d:79:b9:28:2e:1c:5c:18:60:0f:d6:80:
39:91:0e:2c:fb:85:fb:5a:83:6d:6e:43:a7:e6:67:97:d6:34:
70:8f:d8:4a:80:71:8c:3a:68:a6:f7:55:9c:a5:f1:08:63:70:
e1:4b:bd:ad:c7:74:60:2e:33:e4:3d:73:33:af:c1:0e:ca:5d:
40:a9:ec:2b:ef:7e:83:4b:af:1b:37:82:61:3f:28:56:e9:e5:
97:d1:68:e0:3f:f2:d4:0a:e0:5c:fd:a8:3d:4b:3b:ef:12:a2:
32:13:cf:43:99:33:86:4a:d4:eb:09:7f:f0:9b:58:fc:58:eb:
f0:cb:a9:bc:54:ae:41:39:23:92:f3:12:88:87:47:f5:7f:8d:
df:43:54:07
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYsynCU9fDxUuoJ25TKMHowIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMDE1MDkxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDg0MjUwMDM2YzQ1NGI2ZDhhN2UyNTVhMjlkMzhhZjM5YTgwZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNpLILOftCrUXQP45D5KudA3y7fY
4SBiduw60wvXR5YQUp6AClX6DIEUGqBHIjHcliXar7lJjmnBnKl4q7hvfB0j7bnv
r5w7Axhc78+MN86jAt/b77qkYuYnuXsLj/2/sw9y/JL631sCSOhg7SC+KNwEEqJb
Iqkuq7x+XRir7u/yOB62ghL61Dl1PO/tGuK+okWv6qhc9duknROR/sD3WSpClYOF
elGPJwj0EUTRJ9yENeOLUEcoPoFb0J08ottSERMrEznNxVR9j84+yx7VWRtl8m2+
qAWlplHuu+wUnCC0X8lknvlLEA+uMHlZ9Hy4elcnNy8Ud0NmH2zOkmWc3wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFJSEJQA2xFS22KfiVaKdOK85qA6VMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvbElRbEFEYkVWTGJZcC1KVm9wMDRyem1vRHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQALZv8AwQA
LZv/AwQALZ3RAwQALZ3TMAwDBABPYvUDBANPYvADBAGwffoDBAC5x5cDBAG5x9QD
BAG53RgDBAK54agDBAC54rUwDAMEALn6GQMEALn6GgMEAcKSXDANBgkqhkiG9w0B
AQsFAAOCAQEAgCC6xTXCfrBTVNaNJTm7rymJ+uQV+QXguaeNg8hnAogZknndJVuO
zfRl2wcqvbBF8knZMgPLM2J3QcgvVNllHD6cOcDf3GKayChMbQYJ+ak+F/Si3n6t
VzE4GqdPSo92Aqlw/xU3IQNQ3kqMZfGu9mi2PXm5KC4cXBhgD9aAOZEOLPuF+1qD
bW5Dp+Znl9Y0cI/YSoBxjDpopvdVnKXxCGNw4Uu9rcd0YC4z5D1zM6/BDspdQKns
K+9+g0uvGzeCYT8oVunll9Fo4D/y1ArgXP2oPUs77xKiMhPPQ5kzhkrU6wl/8JtY
/Fjr8MupvFSuQTkjkvMSiIdH9X+N30NUBw==
-----END CERTIFICATE-----
Generated at Tue Oct 24 06:29:39 2023 by rpki-client on console-fra.rpki-client.org