Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ywZ3GvCsWRlTUZid4TvHEO1O9QE.roa
File: ywZ3GvCsWRlTUZid4TvHEO1O9QE.roa (raw, json)
Hash identifier: NuhodHsrlUyD9sws4JUlXSCYtgUCPuOCxgX+xds85jI=
Subject key identifier: CB:06:77:1A:F0:AC:59:19:53:51:98:9D:E1:3B:C7:10:ED:4E:F5:01
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01857082C38E354870C8F0C1382464ECFBAD
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ywZ3GvCsWRlTUZid4TvHEO1O9QE.roa
Signing time: Mon 02 Jan 2023 03:24:55 +0000
ROA not before: Mon 02 Jan 2023 03:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197518
IP address blocks: 185.255.200.0/22 maxlen: 22
185.199.212.0/22 maxlen: 24
194.146.92.0/23 maxlen: 23
45.157.208.0/22 maxlen: 22
188.95.248.0/21 maxlen: 21
185.250.24.0/22 maxlen: 24
185.221.24.0/22 maxlen: 22
176.125.250.0/23 maxlen: 23
130.193.104.0/21 maxlen: 21
45.155.252.0/22 maxlen: 24
2a03:680::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 04 Feb 2023 21:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c3:8e:35:48:70:c8:f0:c1:38:24:64:ec:fb:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 03:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb06771af0ac59195351989de13bc710ed4ef501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:23:b5:3d:b3:32:70:1c:15:62:90:0a:2c:5f:
f5:cb:21:13:46:cd:ad:03:5d:b6:d5:fc:ba:c6:99:
3d:9d:15:45:5e:b1:82:10:a2:f5:f5:1f:22:36:09:
19:9c:a2:77:2a:24:96:d3:ce:db:82:04:e5:58:80:
60:38:e5:b6:e9:61:c6:63:48:05:1b:68:d5:56:19:
f5:01:ad:be:0b:17:a1:7d:d1:ab:63:95:c0:7a:54:
01:7a:ca:41:d6:8d:f5:db:ad:78:b2:a3:81:7c:e3:
b9:28:ef:8a:4f:9d:85:af:ee:7b:13:7d:12:12:41:
dc:51:2f:bf:89:85:66:76:d7:f4:d8:ed:36:25:16:
78:e2:97:af:3c:d5:44:b3:60:6c:83:9f:7c:ef:9f:
83:23:9c:74:89:76:42:e2:9f:38:3f:79:a5:3f:4a:
cb:4f:cc:85:a8:12:a2:88:ce:df:46:c0:07:d2:d2:
2d:b5:c2:11:de:c8:e6:69:64:ac:25:52:bd:77:e9:
1c:ef:c7:67:8d:83:85:6f:32:3f:33:25:60:01:1b:
1a:99:64:db:48:fc:ad:2f:39:a7:6c:38:17:ae:8e:
a3:f6:f4:8b:1e:55:de:d5:c7:01:a5:42:07:88:98:
8f:85:61:2d:60:d4:fe:bf:54:9c:86:24:d6:a4:51:
a4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:06:77:1A:F0:AC:59:19:53:51:98:9D:E1:3B:C7:10:ED:4E:F5:01
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ywZ3GvCsWRlTUZid4TvHEO1O9QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/22
45.157.208.0/22
130.193.104.0/21
176.125.250.0/23
185.199.212.0/22
185.221.24.0/22
185.250.24.0/22
185.255.200.0/22
188.95.248.0/21
194.146.92.0/23
IPv6:
2a03:680::/32
Signature Algorithm: sha256WithRSAEncryption
6b:a7:6d:bd:79:10:f4:30:a4:99:44:bb:5b:28:1f:11:7e:4e:
2b:3e:2c:e9:f6:71:48:b2:8f:e2:dd:7f:63:bc:4e:db:cd:6c:
71:81:11:d9:f4:f8:3f:30:91:7e:a8:fe:2e:66:13:43:d8:31:
ea:c8:d8:bf:02:bb:a5:06:f6:65:af:59:4a:00:d3:c1:3b:13:
79:3b:b2:9e:1c:f0:88:8e:78:6e:f9:4a:17:82:67:bc:3a:60:
1d:c5:be:f9:fc:6a:67:71:b7:54:d7:83:96:65:33:03:47:51:
ff:e2:3b:63:fb:a1:be:07:bb:5d:43:e3:70:8a:8c:1d:e2:c0:
39:4c:2b:d9:cf:1d:98:94:67:51:18:3e:20:c7:78:b9:be:cd:
cf:90:a5:52:1a:c2:74:6d:53:24:2c:25:49:c7:5e:d9:8e:dd:
45:ef:f9:71:b7:07:97:a3:7a:3f:3c:2e:bb:74:67:74:b5:1c:
25:5e:b5:ae:6a:95:b4:b0:34:43:56:c7:43:22:84:c1:95:83:
4c:ad:74:77:73:3f:48:0c:49:f1:5e:c5:08:6d:25:e9:bf:4c:
cf:d5:c6:a0:14:15:7e:a6:41:63:2e:a6:e2:4b:97:cf:be:74:
d5:4b:bb:a0:99:0c:45:d6:81:b4:f8:57:c8:9a:57:bc:09:30:
7e:0b:2d:a6
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVwgsOONUhwyPDBOCRk7PutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMTAyMDMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA2NzcxYWYwYWM1OTE5NTM1MTk4OWRlMTNiYzcxMGVkNGVmNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiO1PbMycBwVYpAKLF/1yyETRs2t
A1221fy6xpk9nRVFXrGCEKL19R8iNgkZnKJ3KiSW087bggTlWIBgOOW26WHGY0gF
G2jVVhn1Aa2+CxehfdGrY5XAelQBespB1o312614sqOBfOO5KO+KT52Fr+57E30S
EkHcUS+/iYVmdtf02O02JRZ44pevPNVEs2Bsg59875+DI5x0iXZC4p84P3mlP0rL
T8yFqBKiiM7fRsAH0tIttcIR3sjmaWSsJVK9d+kc78dnjYOFbzI/MyVgARsamWTb
SPytLzmnbDgXro6j9vSLHlXe1ccBpUIHiJiPhWEtYNT+v1SchiTWpFGk2QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFMsGdxrwrFkZU1GYneE7xxDtTvUBMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveXdaM0d2Q3NXUmxUVVppZDRUdkhFTzFPOVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLZv8AwQC
LZ3QAwQDgsFoAwQBsH36AwQCucfUAwQCud0YAwQCufoYAwQCuf/IAwQDvF/4AwQB
wpJcMA0EAgACMAcDBQAqAwaAMA0GCSqGSIb3DQEBCwUAA4IBAQBrp229eRD0MKSZ
RLtbKB8Rfk4rPizp9nFIso/i3X9jvE7bzWxxgRHZ9Pg/MJF+qP4uZhND2DHqyNi/
ArulBvZlr1lKANPBOxN5O7KeHPCIjnhu+UoXgme8OmAdxb75/GpncbdU14OWZTMD
R1H/4jtj+6G+B7tdQ+Nwiowd4sA5TCvZzx2YlGdRGD4gx3i5vs3PkKVSGsJ0bVMk
LCVJx17Zjt1F7/lxtweXo3o/PC67dGd0tRwlXrWuapW0sDRDVsdDIoTBlYNMrXR3
cz9IDEnxXsUIbSXpv0zP1cagFBV+pkFjLqbiS5fPvnTVS7ugmQxF1oG0+FfImle8
CTB+Cy2m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org