Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zDAWsK_QT7cQ4qTTRexVIos-n10.roa
File: zDAWsK_QT7cQ4qTTRexVIos-n10.roa (raw, json)
Hash identifier: ykmrSSoWE6URESRuIpXDPuruvfzC3PpIMx2nCCq/iiw=
Subject key identifier: CC:30:16:B0:AF:D0:4F:B7:10:E2:A4:D3:45:EC:55:22:8B:3E:9F:5D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01920E24D96ABC70378FF79B8BA9743855A4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zDAWsK_QT7cQ4qTTRexVIos-n10.roa
Signing time: Fri 20 Sep 2024 06:35:48 +0000
ROA not before: Fri 20 Sep 2024 06:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.226.180.0/23 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 21:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:24:d9:6a:bc:70:37:8f:f7:9b:8b:a9:74:38:55:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 20 06:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc3016b0afd04fb710e2a4d345ec55228b3e9f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5a:b2:5e:4f:c8:d2:af:e6:71:81:63:bf:b8:
7f:35:3e:dd:cd:4b:f4:a6:1e:dc:5b:22:04:6b:60:
ac:50:46:15:63:50:8b:d7:42:9d:fc:dd:67:70:c7:
66:45:fe:70:35:44:5d:23:25:00:63:97:de:95:5c:
64:63:b8:2a:32:5e:04:c5:79:45:4c:0c:45:b5:50:
b2:d0:53:b7:a8:fc:5f:a1:ba:64:03:71:18:31:46:
31:81:49:0b:64:ef:18:66:dc:0d:4e:71:d5:be:da:
f9:b0:62:45:2e:eb:a9:98:a3:9e:8d:3d:4b:7e:04:
69:94:91:fd:00:fd:a0:06:df:1f:5f:71:16:53:be:
4e:55:b7:36:c7:6e:92:e5:c5:f9:ba:36:ee:54:99:
3f:d3:78:a7:4d:42:5d:80:6e:78:1c:dd:b9:96:43:
92:66:61:fa:42:91:4f:ec:bb:d9:34:3e:89:1d:05:
d4:85:0f:af:9f:5b:ba:1d:26:98:bf:4f:f0:6e:b8:
de:72:3f:41:7e:2b:d4:ba:82:10:46:3b:6e:c9:ee:
de:33:8c:21:02:ca:ee:6d:96:f9:f0:e8:4e:a0:9f:
76:86:0d:10:47:7d:7b:45:0c:58:eb:2e:42:3f:bd:
6c:48:f9:18:24:82:51:2b:12:ab:53:90:56:3f:0c:
84:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:30:16:B0:AF:D0:4F:B7:10:E2:A4:D3:45:EC:55:22:8B:3E:9F:5D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/zDAWsK_QT7cQ4qTTRexVIos-n10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.254.0/24
185.199.213.0/24
185.221.26.0/24
185.226.180.0/23
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f5:e0:82:3c:88:53:5a:bd:c3:a4:28:02:fe:cf:a9:98:b1:
2f:ee:ff:9b:f8:e4:ca:66:8f:fd:c3:be:b6:b9:cb:af:78:72:
e3:e6:9a:b1:d5:13:59:9e:98:44:b3:07:0c:d2:af:f0:50:f3:
fd:2d:2c:81:a1:e5:48:87:6b:b8:b7:d8:3d:88:98:21:c7:25:
46:10:96:6f:43:37:4a:af:8d:6c:c5:62:2f:d5:31:e9:ad:96:
15:e3:20:26:06:c8:6c:21:9c:5a:30:b7:92:08:91:df:61:f1:
5e:84:42:0f:79:1b:a3:87:f6:6c:3d:c1:d8:b2:df:d2:96:f3:
41:e0:12:6a:9b:fd:05:6e:82:c3:84:12:ac:a3:cd:e9:30:80:
e3:80:42:db:b7:b7:c0:c3:f8:c5:4e:cf:21:1f:a9:0b:da:73:
c7:90:81:75:b4:6c:10:eb:78:38:4f:c1:2a:7a:49:af:29:53:
d6:32:66:af:38:a8:6f:77:0f:54:7a:23:b4:fe:e5:fc:95:83:
40:2f:dc:7e:70:8c:72:b8:ce:cc:ce:4a:14:23:a2:14:33:9b:
df:9f:36:ab:6c:3a:15:0e:23:fd:4c:a8:97:60:17:8e:66:e6:
a7:a8:e7:e1:9c:fb:2a:89:88:c7:43:cc:c1:bc:1b:94:95:3d:
ae:4e:ea:30
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZIOJNlqvHA3j/ebi6l0OFWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwOTIwMDYzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzMwMTZiMGFmZDA0ZmI3MTBlMmE0ZDM0NWVjNTUyMjhiM2U5ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FqyXk/I0q/mcYFjv7h/NT7dzUv0
ph7cWyIEa2CsUEYVY1CL10Kd/N1ncMdmRf5wNURdIyUAY5felVxkY7gqMl4ExXlF
TAxFtVCy0FO3qPxfobpkA3EYMUYxgUkLZO8YZtwNTnHVvtr5sGJFLuupmKOejT1L
fgRplJH9AP2gBt8fX3EWU75OVbc2x26S5cX5ujbuVJk/03inTUJdgG54HN25lkOS
ZmH6QpFP7LvZND6JHQXUhQ+vn1u6HSaYv0/wbrjecj9BfivUuoIQRjtuye7eM4wh
AsrubZb58OhOoJ92hg0QR317RQxY6y5CP71sSPkYJIJRKxKrU5BWPwyEAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMwwFrCv0E+3EOKk00XsVSKLPp9dMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvekRBV3NLX1FUN2NRNHFUVFJleFZJb3MtbjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZv+AwQA
ucfVAwQAud0aAwQBueK0AwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQCh9eCCPIhT
Wr3DpCgC/s+pmLEv7v+b+OTKZo/9w762ucuveHLj5pqx1RNZnphEswcM0q/wUPP9
LSyBoeVIh2u4t9g9iJghxyVGEJZvQzdKr41sxWIv1THprZYV4yAmBshsIZxaMLeS
CJHfYfFehEIPeRujh/ZsPcHYst/SlvNB4BJqm/0FboLDhBKso83pMIDjgELbt7fA
w/jFTs8hH6kL2nPHkIF1tGwQ63g4T8EqekmvKVPWMmavOKhvdw9UeiO0/uX8lYNA
L9x+cIxyuM7MzkoUI6IUM5vfnzarbDoVDiP9TKiXYBeOZuanqOfhnPsqiYjHQ8zB
vBuUlT2uTuow
-----END CERTIFICATE-----
Generated at Mon Sep 23 00:10:00 2024 by rpki-client on console-fra.rpki-client.org