Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/314fnAcpI49XWShPMr8_spcz-5U.roa
File: 314fnAcpI49XWShPMr8_spcz-5U.roa (raw, json)
Hash identifier: 7NHuzGVv6lvihifngHghlnvVsXbTKmVE3fJyW0P4m0A=
Subject key identifier: DF:5E:1F:9C:07:29:23:8F:57:59:28:4F:32:BF:3F:B2:97:33:FB:95
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0188EACB12747F11DCEF22253C85B914A9B6
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/314fnAcpI49XWShPMr8_spcz-5U.roa
Signing time: Sat 24 Jun 2023 00:25:57 +0000
ROA not before: Sat 24 Jun 2023 00:25:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ea:cb:12:74:7f:11:dc:ef:22:25:3c:85:b9:14:a9:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 24 00:25:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df5e1f9c0729238f5759284f32bf3fb29733fb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:4f:ca:8d:59:d6:59:43:6a:77:26:9b:ec:
10:8e:69:d6:e3:68:5e:e1:db:41:9f:ab:d8:5e:86:
a9:34:da:19:df:d7:8d:7f:b4:fb:12:2b:1e:c7:ed:
d4:16:05:34:ac:ec:12:49:cf:47:e2:78:eb:54:9e:
de:ae:16:01:ec:45:17:31:f7:87:30:eb:62:b9:40:
e5:de:5d:bb:c3:4a:fa:ba:6a:35:16:cf:f1:ec:c2:
9a:63:5d:20:ba:d5:7d:fa:6f:24:04:75:8c:33:b5:
72:41:72:f2:07:c5:6d:0e:9c:49:50:61:dc:a2:61:
03:93:72:c5:50:91:d2:c2:7d:d7:49:b5:72:f2:1a:
b7:d5:c5:a9:80:9b:69:be:7b:7a:29:54:58:33:64:
4d:06:17:6c:a9:5a:f1:39:e7:98:60:a6:a8:21:c3:
9c:dc:d5:57:a9:6f:e0:0b:ea:05:48:24:47:ae:50:
ad:da:ce:7b:b3:86:a4:fd:17:94:cf:26:7f:18:b9:
8a:14:bb:78:49:c7:af:d4:d1:06:a8:d6:40:df:10:
85:3f:62:22:c8:44:29:88:38:61:c6:a2:42:24:44:
eb:a7:cd:c5:1c:dc:25:27:2c:bd:07:32:bc:78:96:
d5:5a:6a:17:ff:2b:c9:87:9f:00:aa:fa:62:99:8f:
62:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5E:1F:9C:07:29:23:8F:57:59:28:4F:32:BF:3F:B2:97:33:FB:95
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/314fnAcpI49XWShPMr8_spcz-5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
79.98.246.0/23
176.125.250.0/24
185.225.170.0/24
185.226.181.0/24
194.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:65:bf:92:65:25:c0:7e:50:70:f0:b8:d2:b8:75:74:59:43:
d9:b4:60:0f:aa:b3:6e:df:9f:81:09:f9:29:23:22:ec:b8:53:
a2:22:c2:ad:ee:5e:a6:10:27:73:80:49:c1:38:5a:4d:96:a6:
bf:42:94:4f:84:01:e1:75:d5:aa:92:83:75:07:bc:45:64:f5:
63:0a:56:0e:56:95:05:da:cc:f4:26:12:c8:57:51:85:e4:ee:
ab:db:0b:46:a3:c5:b0:89:f1:38:58:ce:28:12:6b:55:1d:09:
db:23:10:fe:e6:69:4a:4f:f9:38:b5:3a:81:c5:05:75:64:7c:
2b:fe:6b:7f:2d:55:f1:49:ab:3c:a5:7d:57:bb:80:d2:66:7a:
90:91:0a:56:ed:66:34:92:d1:a2:13:35:ac:66:ef:4d:c0:be:
7b:12:39:8a:4d:78:62:dd:1f:6b:56:25:4d:69:f1:9f:5d:6b:
87:de:92:43:77:22:1e:3f:60:48:52:43:2c:61:71:6e:35:c7:
f1:a9:12:45:e1:5e:6c:55:ff:5f:26:d2:92:05:d4:94:95:50:
60:5f:1e:a1:bc:3d:bb:d2:10:31:65:e0:6f:d8:cc:bc:87:2a:
4e:94:83:8a:7b:9b:13:89:9f:bf:28:a2:c3:f5:f3:44:7d:33:
ba:bd:bb:1e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYjqyxJ0fxHc7yIlPIW5FKm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjI0MDAyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjVlMWY5YzA3MjkyMzhmNTc1OTI4NGYzMmJmM2ZiMjk3MzNmYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotZPyo1Z1llDancmm+wQjmnW42he
4dtBn6vYXoapNNoZ39eNf7T7Eisex+3UFgU0rOwSSc9H4njrVJ7erhYB7EUXMfeH
MOtiuUDl3l27w0r6umo1Fs/x7MKaY10gutV9+m8kBHWMM7VyQXLyB8VtDpxJUGHc
omEDk3LFUJHSwn3XSbVy8hq31cWpgJtpvnt6KVRYM2RNBhdsqVrxOeeYYKaoIcOc
3NVXqW/gC+oFSCRHrlCt2s57s4ak/ReUzyZ/GLmKFLt4Scev1NEGqNZA3xCFP2Ii
yEQpiDhhxqJCJETrp83FHNwlJyy9BzK8eJbVWmoX/yvJh58AqvpimY9iWQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN9eH5wHKSOPV1koTzK/P7KXM/uVMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMzE0Zm5BY3BJNDlYV1NoUE1yOF9zcGN6LTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZv8AwQA
LZv/AwQALZ3RAwQBT2L2AwQAsH36AwQAueGqAwQAueK1AwQAwpJdMA0GCSqGSIb3
DQEBCwUAA4IBAQA8Zb+SZSXAflBw8LjSuHV0WUPZtGAPqrNu35+BCfkpIyLsuFOi
IsKt7l6mECdzgEnBOFpNlqa/QpRPhAHhddWqkoN1B7xFZPVjClYOVpUF2sz0JhLI
V1GF5O6r2wtGo8WwifE4WM4oEmtVHQnbIxD+5mlKT/k4tTqBxQV1ZHwr/mt/LVXx
Sas8pX1Xu4DSZnqQkQpW7WY0ktGiEzWsZu9NwL57EjmKTXhi3R9rViVNafGfXWuH
3pJDdyIeP2BIUkMsYXFuNcfxqRJF4V5sVf9fJtKSBdSUlVBgXx6hvD270hAxZeBv
2My8hypOlIOKe5sTiZ+/KKLD9fNEfTO6vbse
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:51 2023 by rpki-client on console.sobornost.net