Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oBNQ31flEE0PTXpN-oubgLhxOtc.roa
File: oBNQ31flEE0PTXpN-oubgLhxOtc.roa (raw, json)
Hash identifier: H8KZTtsMb6SGbSnY7bcD5mFKPAzL8ecMwHdG2p/+SDA=
Subject key identifier: A0:13:50:DF:57:E5:10:4D:0F:4D:7A:4D:FA:8B:9B:80:B8:71:3A:D7
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0190CB47CF4770CDDABA387A3F1E6B048222
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oBNQ31flEE0PTXpN-oubgLhxOtc.roa
Signing time: Fri 19 Jul 2024 13:56:39 +0000
ROA not before: Fri 19 Jul 2024 13:56:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.157.208.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 08:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:47:cf:47:70:cd:da:ba:38:7a:3f:1e:6b:04:82:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 19 13:56:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a01350df57e5104d0f4d7a4dfa8b9b80b8713ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e9:ab:d6:27:7b:07:68:a1:18:4d:4b:21:fb:
0c:05:64:74:ca:c0:70:ac:a6:a3:3a:0b:31:c6:e7:
c7:f8:3a:d4:e2:5c:3d:82:b4:ca:04:58:51:ae:d8:
39:04:49:f7:df:d6:a7:b7:84:e6:46:59:aa:98:86:
aa:5e:07:3f:55:f2:30:1e:1f:c8:53:36:f5:73:63:
d7:53:fe:48:17:56:f1:2f:16:4b:c5:c0:56:05:0c:
1f:4d:15:db:5c:0f:25:69:69:fd:d7:2d:7c:1b:6e:
ba:1b:61:c1:13:79:a1:3b:1e:ef:23:f3:da:74:8a:
14:6c:60:8d:bf:49:d1:1f:f2:bb:a2:eb:4e:20:dd:
ab:be:20:58:ff:4c:f3:81:f9:42:ab:a6:40:33:14:
0d:99:fc:a1:f9:ca:4c:d9:ae:21:d8:bc:97:d4:04:
09:0e:59:54:32:e9:c9:80:95:09:70:44:b8:05:58:
f0:dc:34:fd:b6:18:ba:c8:9c:50:03:46:dc:6c:cd:
a0:24:db:bd:88:81:10:d5:04:3e:ca:71:06:86:7e:
82:77:98:ca:13:e8:1b:af:6b:c2:aa:22:d6:fb:b3:
b9:21:9f:d0:46:a6:8c:8c:e9:0f:f4:12:3b:76:ff:
9a:b5:ca:ce:0d:d1:55:f3:3e:cf:cd:8d:5c:a4:ed:
c3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:13:50:DF:57:E5:10:4D:0F:4D:7A:4D:FA:8B:9B:80:B8:71:3A:D7
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oBNQ31flEE0PTXpN-oubgLhxOtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.208.0/24
185.199.213.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:c2:3c:da:c1:9a:96:2d:8f:d3:7b:aa:7d:9a:08:c7:0a:5e:
f0:3c:2c:1a:11:c8:dd:71:c6:0e:b8:aa:0d:60:c3:ce:45:ab:
b8:67:fc:40:8d:c5:42:bf:7f:82:04:ab:45:0e:2c:f0:ca:e4:
df:12:13:3a:db:01:c9:ea:cb:ff:df:91:2b:40:af:c4:dc:cd:
2a:bf:a4:eb:ca:48:38:f3:0b:8c:8d:59:54:1e:57:95:e0:6f:
7c:59:e4:c0:04:56:ec:73:d5:8b:cb:be:27:dd:97:71:47:35:
99:d3:0a:86:0c:f0:de:b4:f3:59:cd:f5:82:e9:44:29:b2:01:
78:d9:42:14:1e:d7:e3:2a:ab:a2:f3:e7:a1:f4:cd:c4:7d:dc:
4d:0e:44:e3:b7:43:67:1e:3d:d1:ea:5c:46:76:10:74:20:b5:
74:bc:90:8b:2c:e8:17:2d:72:54:f4:dd:18:2f:e6:dd:75:11:
6b:63:e9:03:36:79:27:18:d6:e8:c5:11:a4:5c:56:a1:14:ab:
cc:df:15:10:f0:8a:1f:7f:39:4b:6f:39:5d:53:5e:e0:dd:4c:
f5:b4:27:53:6e:1e:76:c5:73:4b:c3:de:d2:96:1a:74:78:cd:
e1:3c:e8:40:03:f2:0a:ab:be:8a:4c:3f:4a:ed:82:92:e9:83:
e7:2e:b5:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDLR89HcM3aujh6Px5rBIIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNzE5MTM1NjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDEzNTBkZjU3ZTUxMDRkMGY0ZDdhNGRmYThiOWI4MGI4NzEzYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvumr1id7B2ihGE1LIfsMBWR0ysBw
rKajOgsxxufH+DrU4lw9grTKBFhRrtg5BEn339ant4TmRlmqmIaqXgc/VfIwHh/I
Uzb1c2PXU/5IF1bxLxZLxcBWBQwfTRXbXA8laWn91y18G266G2HBE3mhOx7vI/Pa
dIoUbGCNv0nRH/K7outOIN2rviBY/0zzgflCq6ZAMxQNmfyh+cpM2a4h2LyX1AQJ
DllUMunJgJUJcES4BVjw3DT9thi6yJxQA0bcbM2gJNu9iIEQ1QQ+ynEGhn6Cd5jK
E+gbr2vCqiLW+7O5IZ/QRqaMjOkP9BI7dv+atcrODdFV8z7PzY1cpO3DHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKATUN9X5RBND016TfqLm4C4cTrXMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvb0JOUTMxZmxFRTBQVFhwTi1vdWJnTGh4T3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZ3QAwQA
ucfVAwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQC0wjzawZqWLY/Te6p9mgjHCl7w
PCwaEcjdccYOuKoNYMPORau4Z/xAjcVCv3+CBKtFDizwyuTfEhM62wHJ6sv/35Er
QK/E3M0qv6Trykg48wuMjVlUHleV4G98WeTABFbsc9WLy74n3ZdxRzWZ0wqGDPDe
tPNZzfWC6UQpsgF42UIUHtfjKqui8+eh9M3EfdxNDkTjt0NnHj3R6lxGdhB0ILV0
vJCLLOgXLXJU9N0YL+bddRFrY+kDNnknGNboxRGkXFahFKvM3xUQ8IoffzlLbzld
U17g3Uz1tCdTbh52xXNLw97Slhp0eM3hPOhAA/IKq76KTD9K7YKS6YPnLrUS
-----END CERTIFICATE-----
Generated at Mon Jul 22 11:14:30 2024 by rpki-client on console-ams.rpki-client.org