Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/iG-Fy_BG1j41bWWc_Q4gt4PQ1y8.roa
File: iG-Fy_BG1j41bWWc_Q4gt4PQ1y8.roa (raw, json)
Hash identifier: qVi9aYJij//UK6uJm6AoEsCp9UuNoZBlII1ax2VZ5sw=
Subject key identifier: 88:6F:85:CB:F0:46:D6:3E:35:6D:65:9C:FD:0E:20:B7:83:D0:D7:2F
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E3D53E63E1AB306ED81702DC69187
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/iG-Fy_BG1j41bWWc_Q4gt4PQ1y8.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200482
IP address blocks: 45.137.68.0/24 maxlen: 24
109.71.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 17:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3d:53:e6:3e:1a:b3:06:ed:81:70:2d:c6:91:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=886f85cbf046d63e356d659cfd0e20b783d0d72f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cd:8b:d9:f9:d4:79:89:0e:13:4b:3e:88:5a:
37:e4:cc:62:ef:1c:c1:23:e8:be:20:a8:88:ac:43:
7d:9b:f4:e8:c9:95:99:93:13:8a:ad:b6:41:70:08:
8e:41:47:7a:d4:7b:41:6a:7d:13:d2:1a:aa:9e:19:
48:71:b0:81:5e:35:ae:31:17:75:72:84:87:de:f3:
31:53:6b:9b:16:e9:d6:95:d9:61:ac:97:ad:cc:74:
95:83:c6:ed:c8:f9:9f:74:21:a2:70:0b:61:cd:e2:
94:ed:3d:57:0b:39:99:95:8b:de:62:1f:b8:2a:cd:
49:b8:d2:59:e0:b4:15:a1:4d:db:6c:90:81:b4:14:
97:94:25:3d:ac:a7:2d:2a:f1:b6:0a:eb:8c:86:32:
ba:42:e0:75:45:38:2d:43:de:14:51:79:e3:91:a8:
dd:99:c4:47:19:c0:ae:85:98:e7:1e:3b:d3:7b:cb:
55:a2:97:72:08:ec:8f:6d:b2:2e:58:14:12:0f:66:
0a:64:8a:82:0e:82:64:09:15:16:be:84:c1:f6:aa:
9e:f7:68:47:72:5d:e4:8f:04:0a:d5:43:15:9e:51:
cf:f6:dc:75:99:65:a5:e2:03:52:02:7a:0d:a8:6b:
53:93:6b:3b:2c:3c:a0:41:2a:f9:a7:fa:35:c4:38:
b8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6F:85:CB:F0:46:D6:3E:35:6D:65:9C:FD:0E:20:B7:83:D0:D7:2F
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/iG-Fy_BG1j41bWWc_Q4gt4PQ1y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.68.0/24
109.71.254.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:19:46:19:a9:5e:fb:a3:e2:ba:e8:3e:c2:ba:89:05:6a:b0:
10:66:93:e3:51:0e:14:0b:ae:e5:85:94:00:6f:b2:50:9a:d3:
d0:75:8b:f1:d0:8a:2f:97:69:57:4a:8a:db:c0:5e:a4:41:5d:
b3:76:ae:ec:27:01:c1:75:ed:da:7f:ed:ae:4f:d2:ef:0b:57:
cd:04:9e:8f:50:fb:3d:e4:77:2e:a5:2d:36:3a:7b:0c:bd:96:
d4:46:2f:c5:de:31:bc:a6:51:cc:ca:53:d5:2f:04:cf:92:f3:
d6:b6:0a:df:b9:05:26:97:23:90:c2:78:59:d0:98:71:11:4f:
d8:12:03:5f:63:54:08:0f:63:2a:75:94:f6:fc:44:5a:bd:31:
88:2c:67:c7:13:1c:8d:a0:0f:08:4e:48:17:ed:fe:88:f9:0e:
88:0e:54:d4:3a:a8:4e:aa:76:ce:4b:2f:52:5a:e1:6f:c3:3b:
9f:98:e6:59:d3:81:cc:27:43:cc:15:c5:fa:5f:e3:0e:d8:60:
2c:f9:c3:84:ee:74:bf:a9:44:ee:53:ac:fc:e6:74:87:6d:83:
e8:f0:28:31:20:ef:7c:23:3b:89:2f:d7:f4:c8:55:b7:45:b9:
e0:ed:4a:22:02:75:92:c5:82:55:a7:28:c4:55:a5:00:93:f9:
57:2a:dc:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTj1T5j4aswbtgXAtxpGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZmODVjYmYwNDZkNjNlMzU2ZDY1OWNmZDBlMjBiNzgzZDBkNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3c2L2fnUeYkOE0s+iFo35Mxi7xzB
I+i+IKiIrEN9m/ToyZWZkxOKrbZBcAiOQUd61HtBan0T0hqqnhlIcbCBXjWuMRd1
coSH3vMxU2ubFunWldlhrJetzHSVg8btyPmfdCGicAthzeKU7T1XCzmZlYveYh+4
Ks1JuNJZ4LQVoU3bbJCBtBSXlCU9rKctKvG2CuuMhjK6QuB1RTgtQ94UUXnjkajd
mcRHGcCuhZjnHjvTe8tVopdyCOyPbbIuWBQSD2YKZIqCDoJkCRUWvoTB9qqe92hH
cl3kjwQK1UMVnlHP9tx1mWWl4gNSAnoNqGtTk2s7LDygQSr5p/o1xDi4SwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIhvhcvwRtY+NW1lnP0OILeD0NcvMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvaUctRnlfQkcxajQxYldXY19RNGd0NFBRMXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYlEAwQA
bUf+MA0GCSqGSIb3DQEBCwUAA4IBAQALGUYZqV77o+K66D7CuokFarAQZpPjUQ4U
C67lhZQAb7JQmtPQdYvx0Iovl2lXSorbwF6kQV2zdq7sJwHBde3af+2uT9LvC1fN
BJ6PUPs95HcupS02OnsMvZbURi/F3jG8plHMylPVLwTPkvPWtgrfuQUmlyOQwnhZ
0JhxEU/YEgNfY1QID2MqdZT2/ERavTGILGfHExyNoA8ITkgX7f6I+Q6IDlTUOqhO
qnbOSy9SWuFvwzufmOZZ04HMJ0PMFcX6X+MO2GAs+cOE7nS/qUTuU6z85nSHbYPo
8CgxIO98IzuJL9f0yFW3Rbng7UoiAnWSxYJVpyjEVaUAk/lXKtwB
-----END CERTIFICATE-----
Generated at Thu Feb 1 22:03:28 2024 by rpki-client on console-ams.rpki-client.org