Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d8b0c3-3f70-43db-85a4-5be1202367e9/1/2GIAYkUwzJwQ1xcllj1hqIMpnPk.roa
File: 2GIAYkUwzJwQ1xcllj1hqIMpnPk.roa (raw, json)
Hash identifier: 7o2edzjGu0Kr8nWNBqVSYDmL+5PpUzXzMbYK0Ze4+OY=
Subject key identifier: D8:62:00:62:45:30:CC:9C:10:D7:17:25:96:3D:61:A8:83:29:9C:F9
Certificate issuer: /CN=1b6a5a7ee9d21a7dd45bbbfff431b364dea0b5ae
Certificate serial: 0188B0399350AEF2513030A969A43F525F24
Authority key identifier: 1B:6A:5A:7E:E9:D2:1A:7D:D4:5B:BB:FF:F4:31:B3:64:DE:A0:B5:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2pafunSGn3UW7v_9DGzZN6gta4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d8b0c3-3f70-43db-85a4-5be1202367e9/1/2GIAYkUwzJwQ1xcllj1hqIMpnPk.roa
Signing time: Mon 12 Jun 2023 15:29:03 +0000
ROA not before: Mon 12 Jun 2023 15:29:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212344
IP address blocks: 45.85.186.0/24 maxlen: 24
45.85.186.0/23 maxlen: 23
45.85.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b0:39:93:50:ae:f2:51:30:30:a9:69:a4:3f:52:5f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b6a5a7ee9d21a7dd45bbbfff431b364dea0b5ae
Validity
Not Before: Jun 12 15:29:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d86200624530cc9c10d71725963d61a883299cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:92:05:ba:8c:17:aa:d6:5a:49:ca:cf:2d:ad:
45:9f:94:eb:78:70:06:3d:99:98:9c:b7:37:05:72:
e9:fa:46:a6:58:86:2c:c2:b7:c1:d5:81:8e:30:23:
77:68:81:10:3d:71:f5:14:88:10:82:0f:b9:88:aa:
8d:cc:c3:06:ff:b8:d2:92:96:76:84:ba:37:48:89:
76:c4:3e:9b:2b:fa:5f:f4:d2:c4:c7:a8:15:ea:c2:
20:74:82:c5:58:92:d6:e6:25:da:90:79:7c:e2:4c:
2c:6a:af:7d:58:a5:0d:e4:61:38:b6:55:b7:07:fd:
07:2c:34:c0:f2:d6:79:4d:23:19:78:4f:b1:a2:1c:
7f:a7:e4:a5:b8:5c:8c:a0:08:0c:9a:5f:16:34:5d:
3b:ca:81:a0:4f:4b:32:79:4b:6a:d4:56:21:62:e4:
e9:26:cf:ed:a7:8d:06:7e:c7:79:35:87:5e:2f:81:
f7:68:7b:dd:89:04:15:b8:eb:13:83:59:3e:31:ea:
db:9e:67:51:3f:17:97:7e:55:0b:97:72:8e:b4:39:
b8:ba:66:ae:5c:73:84:bd:a5:80:cf:6b:40:b1:9c:
74:99:58:7e:24:a6:cb:a7:20:9a:8a:cb:03:9d:7d:
79:c6:f4:04:f0:b2:4b:7a:0a:b7:7a:43:9a:45:19:
4d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:62:00:62:45:30:CC:9C:10:D7:17:25:96:3D:61:A8:83:29:9C:F9
X509v3 Authority Key Identifier:
keyid:1B:6A:5A:7E:E9:D2:1A:7D:D4:5B:BB:FF:F4:31:B3:64:DE:A0:B5:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2pafunSGn3UW7v_9DGzZN6gta4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d8b0c3-3f70-43db-85a4-5be1202367e9/1/2GIAYkUwzJwQ1xcllj1hqIMpnPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d8b0c3-3f70-43db-85a4-5be1202367e9/1/G2pafunSGn3UW7v_9DGzZN6gta4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.186.0/23
Signature Algorithm: sha256WithRSAEncryption
d5:30:ab:87:ca:b8:12:bd:c7:d0:e3:a2:07:b5:88:94:f8:24:
f2:f9:b9:0e:b5:7b:1e:bf:94:5b:ee:61:8f:50:7c:78:c8:eb:
9b:4b:ef:5f:4a:03:04:61:53:cf:4f:eb:6b:51:17:ed:45:59:
dc:ee:4d:62:e7:f2:af:6d:5b:70:c5:f7:63:b1:3d:be:50:e4:
86:ba:25:53:83:80:ab:e2:58:7a:fe:f9:b7:c8:d3:a0:bb:b7:
c4:e2:ed:62:4c:d2:09:55:ac:29:b2:05:92:3a:ca:60:cd:39:
65:90:37:6f:fc:51:d3:9e:67:ee:8f:12:be:49:b8:42:38:09:
06:da:71:ec:18:58:24:36:38:26:da:5b:54:e5:eb:46:9b:f9:
dc:24:78:5a:12:c8:54:16:39:1d:a5:fb:9b:34:3b:33:98:9c:
35:82:4e:2e:6b:44:bd:47:bd:1e:9d:e7:dd:3d:8e:b7:bb:22:
c1:79:73:17:ba:df:ca:34:7c:12:ae:58:ac:e0:f4:7a:aa:89:
e7:13:db:c7:62:7b:80:9c:8a:7e:95:8e:37:47:50:1f:06:04:
15:8b:a8:91:58:b3:9e:00:68:2f:d6:cc:21:e8:d6:3d:c0:e5:
6d:2a:e0:4a:a9:71:e1:fa:e3:f8:a2:ac:f0:c0:98:6b:7e:e6:
fd:cf:c1:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiwOZNQrvJRMDCpaaQ/Ul8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmE1YTdlZTlkMjFhN2RkNDViYmJmZmY0MzFiMzY0ZGVh
MGI1YWUwHhcNMjMwNjEyMTUyOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYyMDA2MjQ1MzBjYzljMTBkNzE3MjU5NjNkNjFhODgzMjk5Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5IFuowXqtZaScrPLa1Fn5TreHAG
PZmYnLc3BXLp+kamWIYswrfB1YGOMCN3aIEQPXH1FIgQgg+5iKqNzMMG/7jSkpZ2
hLo3SIl2xD6bK/pf9NLEx6gV6sIgdILFWJLW5iXakHl84kwsaq99WKUN5GE4tlW3
B/0HLDTA8tZ5TSMZeE+xohx/p+SluFyMoAgMml8WNF07yoGgT0syeUtq1FYhYuTp
Js/tp40Gfsd5NYdeL4H3aHvdiQQVuOsTg1k+MerbnmdRPxeXflULl3KOtDm4umau
XHOEvaWAz2tAsZx0mVh+JKbLpyCaissDnX15xvQE8LJLegq3ekOaRRlNIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhiAGJFMMycENcXJZY9YaiDKZz5MB8GA1UdIwQY
MBaAFBtqWn7p0hp91Fu7//Qxs2TeoLWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJwYWZ1blNHbjNVVzd2XzlER3paTjZndGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kOGIwYzMtM2Y3MC00M2RiLTg1YTQt
NWJlMTIwMjM2N2U5LzEvMkdJQVlrVXd6SndRMXhjbGxqMWhxSU1wblBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kOGIwYzMtM2Y3MC00M2RiLTg1YTQtNWJlMTIwMjM2N2U5
LzEvRzJwYWZ1blNHbjNVVzd2XzlER3paTjZndGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVW6MA0G
CSqGSIb3DQEBCwUAA4IBAQDVMKuHyrgSvcfQ46IHtYiU+CTy+bkOtXsev5Rb7mGP
UHx4yOubS+9fSgMEYVPPT+trURftRVnc7k1i5/KvbVtwxfdjsT2+UOSGuiVTg4Cr
4lh6/vm3yNOgu7fE4u1iTNIJVawpsgWSOspgzTllkDdv/FHTnmfujxK+SbhCOAkG
2nHsGFgkNjgm2ltU5etGm/ncJHhaEshUFjkdpfubNDszmJw1gk4ua0S9R70enefd
PY63uyLBeXMXut/KNHwSrlis4PR6qonnE9vHYnuAnIp+lY43R1AfBgQVi6iRWLOe
AGgv1swh6NY9wOVtKuBKqXHh+uP4oqzwwJhrfub9z8GS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:53 2024 by rpki-client on console-fra.rpki-client.org