Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/rM9ULQ9b6X0hcFYjpMzRoC2up44.roa
File: rM9ULQ9b6X0hcFYjpMzRoC2up44.roa (raw, json)
Hash identifier: 4iVQs/KoKk1KICo9Vv13o5hG8EeMLElZ01+7CbNWSHo=
Subject key identifier: AC:CF:54:2D:0F:5B:E9:7D:21:70:56:23:A4:CC:D1:A0:2D:AE:A7:8E
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018C6CDE70CE908C09ED102516A61585212A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/rM9ULQ9b6X0hcFYjpMzRoC2up44.roa
Signing time: Fri 15 Dec 2023 09:46:06 +0000
ROA not before: Fri 15 Dec 2023 09:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/23 maxlen: 24
45.157.210.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
79.98.247.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:de:70:ce:90:8c:09:ed:10:25:16:a6:15:85:21:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 15 09:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=accf542d0f5be97d21705623a4ccd1a02daea78e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:1c:6c:f3:e1:6e:e9:e4:f3:93:15:56:6b:
03:a6:aa:af:8b:38:5a:90:b6:1d:9f:a6:a9:ec:a0:
a7:96:e8:10:56:d1:d9:45:c5:29:6d:c9:48:b3:c6:
c3:ce:02:66:28:52:5e:9b:2c:12:f6:58:e3:da:48:
c7:89:ee:04:70:2e:49:cc:ac:dc:39:62:53:46:78:
b0:d7:bc:a4:4e:3c:34:ec:73:55:09:06:06:9b:65:
22:31:08:1a:d8:58:dc:af:0f:eb:d1:69:f9:c8:6c:
4f:23:39:08:db:a4:5f:12:67:9c:b1:85:6c:04:ef:
08:71:18:cc:0b:e1:46:ff:57:56:52:5f:45:5e:f7:
84:18:7d:cb:c3:7d:d5:f8:e9:20:51:7c:37:ec:92:
6c:ef:02:67:86:45:a8:e9:64:84:fe:c5:9e:73:a7:
2a:58:e4:94:33:58:bf:07:94:c1:d6:5d:af:c7:73:
fd:40:22:41:87:3c:9a:11:c3:d4:d4:3c:0e:85:31:
5f:44:5e:e7:00:9e:67:43:6a:64:fa:bc:ea:15:cc:
01:d1:b7:ef:09:27:07:c3:12:ea:e1:42:a4:b0:6d:
1a:84:56:44:03:5f:e6:9f:e0:3a:5c:63:9e:ef:68:
6a:42:cc:00:bf:3e:f9:0f:f5:5c:31:e3:6e:77:1e:
47:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:CF:54:2D:0F:5B:E9:7D:21:70:56:23:A4:CC:D1:A0:2D:AE:A7:8E
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/rM9ULQ9b6X0hcFYjpMzRoC2up44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.210.0/23
79.98.246.0/23
176.125.251.0/24
185.199.148.0/23
185.199.151.0/24
185.199.212.0/23
185.250.26.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
84:17:61:27:0a:52:5a:bd:53:ab:91:f0:a0:78:7c:70:85:58:
ef:cd:42:cf:60:03:13:1d:54:81:7a:27:f0:bd:2d:9f:94:b1:
82:85:ca:07:84:49:51:5b:6a:4d:76:1d:b1:91:06:a5:52:0f:
9a:6f:2a:66:37:2f:e4:31:48:eb:db:7f:85:c4:b2:6c:1f:54:
6a:75:d6:9e:a7:f3:15:f4:be:61:ed:bf:16:cb:14:f1:ea:37:
e6:28:51:ce:78:1b:3e:5e:e7:93:1e:8f:f1:6c:8c:a4:f2:7a:
53:1e:68:86:3d:7b:4d:61:4a:de:4e:dc:f2:ff:59:62:66:e1:
4b:87:46:ec:05:86:84:29:dd:06:a2:5e:2e:3e:81:83:a8:35:
19:8a:84:e2:5f:74:60:9d:78:df:65:2c:59:e9:40:4a:c3:56:
62:bb:c6:c6:9e:45:96:e5:b1:3f:a8:0d:65:53:e0:4d:cf:7c:
57:af:ae:86:fa:dc:ff:5d:b1:9a:2a:60:bb:2c:21:06:6b:07:
dc:3b:35:ae:71:08:a8:29:d8:47:6e:9e:4e:cb:cf:04:88:dd:
3f:52:df:fb:8a:8a:83:a0:12:09:96:44:fc:6d:15:05:e0:4e:
21:e9:5c:e3:8e:5f:15:33:e2:e1:4f:45:27:12:ff:23:fb:eb:
c7:a8:87:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYxs3nDOkIwJ7RAlFqYVhSEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjE1MDk0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2NmNTQyZDBmNWJlOTdkMjE3MDU2MjNhNGNjZDFhMDJkYWVhNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzocbPPhbunk85MVVmsDpqqvizha
kLYdn6ap7KCnlugQVtHZRcUpbclIs8bDzgJmKFJemywS9ljj2kjHie4EcC5JzKzc
OWJTRniw17ykTjw07HNVCQYGm2UiMQga2Fjcrw/r0Wn5yGxPIzkI26RfEmecsYVs
BO8IcRjMC+FG/1dWUl9FXveEGH3Lw33V+OkgUXw37JJs7wJnhkWo6WSE/sWec6cq
WOSUM1i/B5TB1l2vx3P9QCJBhzyaEcPU1DwOhTFfRF7nAJ5nQ2pk+rzqFcwB0bfv
CScHwxLq4UKksG0ahFZEA1/mn+A6XGOe72hqQswAvz75D/VcMeNudx5HSwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKzPVC0PW+l9IXBWI6TM0aAtrqeOMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvck05VUxROWI2WDBoY0ZZanBNelJvQzJ1cDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZv8AwQA
LZv/AwQBLZ3SAwQBT2L2AwQAsH37AwQBuceUAwQAuceXAwQBucfUAwQAufoaAwQB
wpJcMA0GCSqGSIb3DQEBCwUAA4IBAQCEF2EnClJavVOrkfCgeHxwhVjvzULPYAMT
HVSBeifwvS2flLGChcoHhElRW2pNdh2xkQalUg+abypmNy/kMUjr23+FxLJsH1Rq
ddaep/MV9L5h7b8WyxTx6jfmKFHOeBs+XueTHo/xbIyk8npTHmiGPXtNYUreTtzy
/1liZuFLh0bsBYaEKd0Gol4uPoGDqDUZioTiX3RgnXjfZSxZ6UBKw1Ziu8bGnkWW
5bE/qA1lU+BNz3xXr66G+tz/XbGaKmC7LCEGawfcOzWucQioKdhHbp5Oy88EiN0/
Ut/7ioqDoBIJlkT8bRUF4E4h6Vzjjl8VM+LhT0UnEv8j++vHqIck
-----END CERTIFICATE-----
Generated at Mon Dec 18 01:55:37 2023 by rpki-client on console-fra.rpki-client.org