Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/mhyw7xq5ulNmulit6KCDzBaprN0.roa
File: mhyw7xq5ulNmulit6KCDzBaprN0.roa (raw, json)
Hash identifier: PkUt5Ijq7ANp88aTg/SZ7RvCtnHOxucPkADLI67Q3Z4=
Subject key identifier: 9A:1C:B0:EF:1A:B9:BA:53:66:BA:58:AD:E8:A0:83:CC:16:A9:AC:DD
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CD37B63C8BC15DE320D5E6FE888CCACA5
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/mhyw7xq5ulNmulit6KCDzBaprN0.roa
Signing time: Thu 04 Jan 2024 07:58:48 +0000
ROA not before: Thu 04 Jan 2024 07:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jan 2024 11:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:7b:63:c8:bc:15:de:32:0d:5e:6f:e8:88:cc:ac:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 4 07:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a1cb0ef1ab9ba5366ba58ade8a083cc16a9acdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ef:6e:3b:7f:99:66:a1:87:eb:f1:9d:d3:9c:
64:23:57:03:bc:6a:02:42:f1:57:b8:47:5a:11:82:
1b:07:7e:99:76:be:e4:8f:60:5b:01:46:48:b6:d8:
a4:b1:85:3c:eb:44:d6:a1:b4:86:be:fc:57:8e:da:
0e:0b:f0:48:b9:6d:65:a1:55:be:34:ee:9e:00:96:
14:ba:ba:74:f0:80:97:84:5a:05:b2:8c:1a:7a:5e:
e2:1c:61:e8:96:fb:4c:ef:86:14:6d:af:a9:51:b1:
15:79:85:f6:27:c6:7e:2e:83:4b:32:c2:8a:97:53:
89:78:78:99:11:75:43:fe:c5:37:9f:1d:6b:20:1e:
38:bb:fc:05:f2:1d:76:18:66:52:75:8a:29:98:96:
e7:a3:3a:c6:ed:bb:34:58:34:34:6d:99:34:a2:86:
c7:09:a6:ee:c9:4e:2c:c9:76:09:60:40:a2:8e:96:
d9:d8:a6:6e:cd:7c:c5:60:e9:4c:b8:5a:75:ce:0e:
68:71:23:30:ce:86:65:06:56:c6:99:eb:db:b4:a8:
d9:1b:97:f8:f2:93:7c:5a:67:dc:0e:e0:70:72:48:
6f:52:7a:56:00:a0:19:44:fe:9b:33:e8:12:c1:8a:
08:da:c2:6c:6b:7c:ee:f3:aa:83:80:f5:09:9f:c6:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1C:B0:EF:1A:B9:BA:53:66:BA:58:AD:E8:A0:83:CC:16:A9:AC:DD
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/mhyw7xq5ulNmulit6KCDzBaprN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:56:e3:11:89:65:5e:56:3a:c3:a6:fc:c0:70:48:4f:85:3a:
91:ef:76:0b:92:dc:e9:75:4e:a3:fa:8c:47:ab:ad:ea:fb:e7:
b3:e5:2f:ea:24:54:58:b3:9f:7c:44:78:7b:77:5b:3e:8e:a8:
3e:db:23:70:0c:17:14:67:c3:91:33:0e:a8:d4:50:af:c1:95:
65:2c:b1:4e:7d:7e:50:08:d0:0b:ec:91:4e:9a:c0:31:69:42:
30:9a:69:4f:35:1e:c7:74:d5:48:52:9f:30:b2:c1:16:4b:3c:
2c:d3:32:fd:da:2e:5c:32:98:ff:f6:1e:4c:bf:60:70:e8:70:
e0:d0:e2:68:bc:6b:51:f6:99:ac:0a:e9:5f:4b:f6:ce:ba:da:
2a:32:85:0a:48:dc:91:d1:8b:30:3a:91:3e:6b:ba:5d:7d:80:
ed:b2:f5:f5:c3:37:aa:f7:80:69:89:e9:a7:3b:eb:e7:cd:a0:
9f:b5:10:d2:56:e0:06:43:b9:63:fc:30:f7:98:61:94:a3:9d:
18:38:a4:69:d0:97:51:49:9b:1b:db:79:a6:c0:f1:53:a7:82:
b5:3d:f3:9d:46:7d:0b:43:6c:d9:00:7a:d9:cc:d3:58:61:fe:
aa:1e:5a:ca:9b:80:f3:8e:08:d6:cb:61:2f:35:35:f7:0d:bf:
be:4a:e8:68
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzTe2PIvBXeMg1eb+iIzKylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTA0MDc1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFjYjBlZjFhYjliYTUzNjZiYTU4YWRlOGEwODNjYzE2YTlhY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO9uO3+ZZqGH6/Gd05xkI1cDvGoC
QvFXuEdaEYIbB36Zdr7kj2BbAUZIttiksYU860TWobSGvvxXjtoOC/BIuW1loVW+
NO6eAJYUurp08ICXhFoFsowael7iHGHolvtM74YUba+pUbEVeYX2J8Z+LoNLMsKK
l1OJeHiZEXVD/sU3nx1rIB44u/wF8h12GGZSdYopmJbnozrG7bs0WDQ0bZk0oobH
CabuyU4syXYJYECijpbZ2KZuzXzFYOlMuFp1zg5ocSMwzoZlBlbGmevbtKjZG5f4
8pN8WmfcDuBwckhvUnpWAKAZRP6bM+gSwYoI2sJsa3zu86qDgPUJn8aIeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJocsO8aubpTZrpYreigg8wWqazdMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvbWh5dzd4cTV1bE5tdWxpdDZLQ0R6QmFwck4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZv8AwQA
LZv/AwQAsH37AwQAuceXAwQAucfVAwQAwpJcMA0GCSqGSIb3DQEBCwUAA4IBAQAr
VuMRiWVeVjrDpvzAcEhPhTqR73YLktzpdU6j+oxHq63q++ez5S/qJFRYs598RHh7
d1s+jqg+2yNwDBcUZ8ORMw6o1FCvwZVlLLFOfX5QCNAL7JFOmsAxaUIwmmlPNR7H
dNVIUp8wssEWSzws0zL92i5cMpj/9h5Mv2Bw6HDg0OJovGtR9pmsCulfS/bOutoq
MoUKSNyR0YswOpE+a7pdfYDtsvX1wzeq94BpiemnO+vnzaCftRDSVuAGQ7lj/DD3
mGGUo50YOKRp0JdRSZsb23mmwPFTp4K1PfOdRn0LQ2zZAHrZzNNYYf6qHlrKm4Dz
jgjWy2EvNTX3Db++Suho
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org