Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/r2l0abK-WGBxy6gzeFhWHYebQSA.roa
File: r2l0abK-WGBxy6gzeFhWHYebQSA.roa (raw, json)
Hash identifier: r9uZcxbPElpfHBcBf2Zn/GIFHs1nl2lAgM4SxV3SMUk=
Subject key identifier: AF:69:74:69:B2:BE:58:60:71:CB:A8:33:78:58:56:1D:87:9B:41:20
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018B7C7AAB8FE42A38F813FB7C90F1D2DF51
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/r2l0abK-WGBxy6gzeFhWHYebQSA.roa
Signing time: Sun 29 Oct 2023 17:28:15 +0000
ROA not before: Sun 29 Oct 2023 17:28:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
45.157.211.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/23 maxlen: 24
185.225.171.0/24 maxlen: 24
185.225.168.0/23 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
185.221.24.0/23 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:7a:ab:8f:e4:2a:38:f8:13:fb:7c:90:f1:d2:df:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 29 17:28:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af697469b2be586071cba8337858561d879b4120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:40:ba:1d:b3:d9:d5:22:89:9e:71:d8:9d:42:
fd:dd:e0:db:66:82:80:73:0d:f5:76:42:c9:ae:85:
3d:7a:0a:66:08:b1:01:92:49:98:ef:b6:56:9c:86:
4c:a3:75:5b:19:8e:cf:bb:9b:4d:f1:bf:79:5d:ed:
d8:08:97:32:59:2f:f1:f0:37:78:3c:90:6c:f7:62:
0c:c5:82:25:77:dc:f5:c6:97:0e:c0:78:fe:ef:1c:
be:31:80:d0:6b:d0:03:ae:08:e6:51:b5:81:04:1f:
c5:21:eb:cc:fa:04:c4:8f:2f:34:fd:8e:d7:c0:e7:
5e:2c:97:36:d9:b8:d8:ea:78:2f:98:63:fc:f5:61:
31:1d:6d:82:72:4f:b7:f1:e2:80:b8:3f:96:c5:25:
7e:f6:a9:28:cf:bd:e8:23:86:f2:fe:25:1b:d2:a5:
19:d2:f9:13:f5:5d:d2:03:bc:ed:bb:08:93:f5:b0:
8d:e0:6c:9d:8f:8a:8a:23:42:0c:c4:07:a2:73:51:
84:88:10:fb:d8:93:b9:4d:82:a8:63:4a:4e:e5:4a:
8e:cc:dc:3b:bb:3b:88:83:71:cf:13:d0:7b:bd:1e:
5d:2c:05:c7:34:ae:e8:5c:b6:fb:8f:fc:94:77:6f:
80:2a:cf:30:26:12:ef:2a:93:fe:40:fa:27:22:cf:
65:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:69:74:69:B2:BE:58:60:71:CB:A8:33:78:58:56:1D:87:9B:41:20
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/r2l0abK-WGBxy6gzeFhWHYebQSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
45.157.211.0/24
79.98.245.0-79.98.247.255
176.125.250.0/23
185.199.151.0/24
185.199.212.0/23
185.221.24.0/23
185.225.168.0/22
185.226.181.0/24
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:dc:b2:95:0e:e9:d7:43:a2:32:1e:3e:fc:97:a1:a4:2b:bb:
98:97:af:59:91:7b:f2:17:d1:e0:69:cd:27:61:e5:eb:23:93:
7a:58:7c:d2:25:f9:1e:f6:40:fc:67:cb:f3:d5:dc:53:c0:68:
e6:2b:bd:7a:e9:54:22:5e:c7:30:51:28:10:e8:e9:bf:b5:8e:
d6:e7:bb:7a:f2:00:95:05:89:12:fa:c4:f1:ad:60:47:2b:1e:
ef:93:78:e2:79:9c:ef:6b:bc:a3:ed:31:14:ae:88:dc:d4:0f:
2f:a2:d4:27:58:c6:c2:a3:7e:68:12:75:ac:25:9f:d3:8c:24:
b0:91:46:f6:78:6b:5c:50:b3:2f:a5:e5:f2:14:0d:50:bf:5f:
0c:58:67:56:97:a6:01:b9:30:7b:95:43:62:1c:b6:2f:e2:a8:
0e:9d:57:e2:73:7a:7a:68:9d:a7:75:a1:22:07:b6:ba:8c:3b:
9d:4c:e0:f6:a5:1f:57:f9:41:85:fd:92:2b:07:93:aa:57:b2:
2c:3e:95:e2:45:d7:0f:67:ba:a3:31:60:94:75:c7:9d:fe:94:
26:9c:70:2f:41:b6:b3:d1:df:84:f4:f8:92:0b:56:80:dd:64:
d5:72:73:d6:84:8d:8a:e1:e3:8b:5e:ce:4b:9f:fa:5c:84:c3:
29:92:4f:65
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYt8equP5Co4+BP7fJDx0t9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMDI5MTcyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY5NzQ2OWIyYmU1ODYwNzFjYmE4MzM3ODU4NTYxZDg3OWI0MTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEC6HbPZ1SKJnnHYnUL93eDbZoKA
cw31dkLJroU9egpmCLEBkkmY77ZWnIZMo3VbGY7Pu5tN8b95Xe3YCJcyWS/x8Dd4
PJBs92IMxYIld9z1xpcOwHj+7xy+MYDQa9ADrgjmUbWBBB/FIevM+gTEjy80/Y7X
wOdeLJc22bjY6ngvmGP89WExHW2Cck+38eKAuD+WxSV+9qkoz73oI4by/iUb0qUZ
0vkT9V3SA7ztuwiT9bCN4Gydj4qKI0IMxAeic1GEiBD72JO5TYKoY0pO5UqOzNw7
uzuIg3HPE9B7vR5dLAXHNK7oXLb7j/yUd2+AKs8wJhLvKpP+QPonIs9leQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFK9pdGmyvlhgccuoM3hYVh2Hm0EgMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvcjJsMGFiSy1XR0J4eTZnemVGaFdIWWViUVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALZv8AwQA
LZv/AwQALZ3RAwQALZ3TMAwDBABPYvUDBANPYvADBAGwffoDBAC5x5cDBAG5x9QD
BAG53RgDBAK54agDBAC54rUDBAC5+hoDBAHCklwwDQYJKoZIhvcNAQELBQADggEB
AErcspUO6ddDojIePvyXoaQru5iXr1mRe/IX0eBpzSdh5esjk3pYfNIl+R72QPxn
y/PV3FPAaOYrvXrpVCJexzBRKBDo6b+1jtbnu3ryAJUFiRL6xPGtYEcrHu+TeOJ5
nO9rvKPtMRSuiNzUDy+i1CdYxsKjfmgSdawln9OMJLCRRvZ4a1xQsy+l5fIUDVC/
XwxYZ1aXpgG5MHuVQ2Icti/iqA6dV+Jzenponad1oSIHtrqMO51M4PalH1f5QYX9
kisHk6pXsiw+leJF1w9nuqMxYJR1x53+lCaccC9BtrPR34T0+JILVoDdZNVyc9aE
jYrh44tezkuf+lyEwymST2U=
-----END CERTIFICATE-----
Generated at Mon Nov 6 20:12:09 2023 by rpki-client on console-ams.rpki-client.org