Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oSchDwLc8fxvcKUJybtoo7hJx4Y.roa
File: oSchDwLc8fxvcKUJybtoo7hJx4Y.roa (raw, json)
Hash identifier: dGueGOCg6YahZXTCqVm8zdfJFYQsyFy3MlNFebGEBgw=
Subject key identifier: A1:27:21:0F:02:DC:F1:FC:6F:70:A5:09:C9:BB:68:A3:B8:49:C7:86
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CB198EC8EAD99642CF81C6CA69AC5D91F
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oSchDwLc8fxvcKUJybtoo7hJx4Y.roa
Signing time: Thu 28 Dec 2023 18:03:58 +0000
ROA not before: Thu 28 Dec 2023 18:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:98:ec:8e:ad:99:64:2c:f8:1c:6c:a6:9a:c5:d9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 28 18:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a127210f02dcf1fc6f70a509c9bb68a3b849c786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7b:7c:1d:d5:0d:c0:c2:0c:5a:52:22:3a:d5:
f8:90:0c:30:2f:52:22:49:2b:f4:99:81:96:92:c7:
29:8e:ed:db:18:cb:1f:80:72:7d:76:dc:55:2d:06:
83:fa:40:79:9a:6e:99:4c:33:5f:12:53:fc:71:41:
58:5f:be:a5:cf:f1:14:79:32:78:75:0a:95:e5:d6:
56:3f:7b:24:1d:23:3b:01:6d:7e:7b:d2:f9:2a:87:
31:d0:95:50:9e:df:68:3f:48:88:2e:e3:87:18:c7:
d9:ff:9c:60:00:56:a0:55:66:ab:75:81:b2:83:ac:
96:43:80:50:69:91:65:22:30:1c:e2:2e:d6:7d:c4:
52:86:75:ab:30:af:20:7b:8e:2f:be:4e:a1:cd:ee:
83:8d:d9:41:cb:c2:d0:f7:33:34:3c:89:30:31:4a:
0f:b0:a6:bb:4b:a5:69:af:c3:d8:42:cc:a5:bc:46:
95:93:66:fa:de:9e:bb:99:59:22:ad:b6:92:64:dc:
94:24:d7:fa:a7:b2:96:32:a7:7e:15:97:31:aa:eb:
f8:b2:15:53:bc:88:12:0d:dc:de:0c:3a:38:ed:79:
c7:64:66:fc:25:e0:21:ec:66:6a:3f:90:74:86:5b:
e7:84:fc:52:03:42:38:9d:17:01:93:ff:7a:08:05:
f6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:27:21:0F:02:DC:F1:FC:6F:70:A5:09:C9:BB:68:A3:B8:49:C7:86
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/oSchDwLc8fxvcKUJybtoo7hJx4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
176.125.251.0/24
185.199.149.0/24
185.199.151.0/24
185.199.212.0/23
185.250.26.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
41:59:86:71:92:c5:8f:b0:a4:16:16:ec:a1:0f:bf:2b:6d:88:
30:03:21:23:20:59:52:3c:e3:d3:0b:48:4b:6f:78:e5:d5:4d:
77:72:df:d4:52:9b:5d:65:d8:4f:e8:67:7d:c8:27:36:01:7b:
12:a2:58:e9:8f:dc:d3:38:3f:70:dc:8f:c2:a9:c2:32:78:4b:
74:05:43:d9:ef:df:6c:7c:ec:88:c0:4d:12:77:51:82:50:9f:
4d:36:46:5e:9f:60:78:46:94:42:9f:7a:90:34:30:f8:f2:37:
7f:43:f3:99:e1:ba:6c:28:f9:84:ef:5d:60:2e:fe:0f:6f:39:
02:12:6d:0e:ee:65:be:38:11:e4:f9:ea:18:14:2f:50:1a:7c:
9d:f7:db:06:5f:a7:3b:58:07:7c:78:6e:d6:8a:09:61:16:4a:
ba:fc:93:76:f1:20:c8:0a:a9:c5:84:13:8a:8d:1f:22:4d:49:
de:c8:d4:cc:c7:5b:98:27:95:d9:97:57:73:b0:44:d0:7b:1d:
03:93:93:03:8a:c1:88:41:19:34:44:2d:1c:ea:59:ec:b3:f4:
4d:a5:b8:bd:c6:79:7f:93:5e:0a:cd:c7:94:d8:d0:b4:ef:d5:
21:c8:3f:0a:11:2a:18:7d:37:60:80:b9:17:a1:8f:8f:a7:44:
4b:c5:41:f3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYyxmOyOrZlkLPgcbKaaxdkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjI4MTgwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTI3MjEwZjAyZGNmMWZjNmY3MGE1MDljOWJiNjhhM2I4NDljNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXt8HdUNwMIMWlIiOtX4kAwwL1Ii
SSv0mYGWkscpju3bGMsfgHJ9dtxVLQaD+kB5mm6ZTDNfElP8cUFYX76lz/EUeTJ4
dQqV5dZWP3skHSM7AW1+e9L5Kocx0JVQnt9oP0iILuOHGMfZ/5xgAFagVWardYGy
g6yWQ4BQaZFlIjAc4i7WfcRShnWrMK8ge44vvk6hze6DjdlBy8LQ9zM0PIkwMUoP
sKa7S6Vpr8PYQsylvEaVk2b63p67mVkirbaSZNyUJNf6p7KWMqd+FZcxquv4shVT
vIgSDdzeDDo47XnHZGb8JeAh7GZqP5B0hlvnhPxSA0I4nRcBk/96CAX2qQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKEnIQ8C3PH8b3ClCcm7aKO4SceGMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvb1NjaER3TGM4Znh2Y0tVSnlidG9vN2hKeDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZv8AwQA
LZv/AwQAsH37AwQAuceVAwQAuceXAwQBucfUAwQAufoaAwQAwpJcMA0GCSqGSIb3
DQEBCwUAA4IBAQBBWYZxksWPsKQWFuyhD78rbYgwAyEjIFlSPOPTC0hLb3jl1U13
ct/UUptdZdhP6Gd9yCc2AXsSoljpj9zTOD9w3I/CqcIyeEt0BUPZ799sfOyIwE0S
d1GCUJ9NNkZen2B4RpRCn3qQNDD48jd/Q/OZ4bpsKPmE711gLv4PbzkCEm0O7mW+
OBHk+eoYFC9QGnyd99sGX6c7WAd8eG7WiglhFkq6/JN28SDICqnFhBOKjR8iTUne
yNTMx1uYJ5XZl1dzsETQex0Dk5MDisGIQRk0RC0c6lnss/RNpbi9xnl/k14KzceU
2NC079UhyD8KESoYfTdggLkXoY+Pp0RLxUHz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org