Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/GK7fpCD6hbMPYfK3YTHnrsk6jTs.roa
File: GK7fpCD6hbMPYfK3YTHnrsk6jTs.roa (raw, json)
Hash identifier: 91ZYT+3KkQNVHyHLPIiALSNz+5+mbIIY9anp6hCgYiU=
Subject key identifier: 18:AE:DF:A4:20:FA:85:B3:0F:61:F2:B7:61:31:E7:AE:C9:3A:8D:3B
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018EED77A8A7159A91246E6B8D5D96794C6C
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/GK7fpCD6hbMPYfK3YTHnrsk6jTs.roa
Signing time: Wed 17 Apr 2024 19:10:25 +0000
ROA not before: Wed 17 Apr 2024 19:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 46.38.154.0/24 maxlen: 24
212.16.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 09:07:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ed:77:a8:a7:15:9a:91:24:6e:6b:8d:5d:96:79:4c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Apr 17 19:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18aedfa420fa85b30f61f2b76131e7aec93a8d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c2:8e:b0:22:41:8e:5e:1b:69:f5:47:90:c2:
e6:10:9f:68:42:2b:84:32:90:40:9b:0e:97:1c:26:
ef:28:8d:d3:55:ad:55:d0:6a:53:09:a1:15:13:f4:
a8:28:97:19:aa:99:a8:64:d1:c7:f5:7c:38:e2:67:
a1:95:66:ea:93:61:cf:74:29:1e:86:28:f9:c8:3a:
c0:b3:68:d3:da:3b:d0:33:ea:70:43:d5:8f:bc:44:
14:71:14:72:2d:27:5e:9d:f9:77:8e:65:d7:8f:91:
92:be:0d:b7:c1:50:54:15:3b:f1:04:96:fb:13:16:
f3:eb:06:bd:3f:a8:4b:b6:17:99:d6:04:d7:93:ab:
e9:1f:72:53:be:73:f4:52:7a:08:e0:3c:00:71:62:
75:8e:ca:d0:e7:df:c5:11:ee:ea:de:5d:f5:b7:21:
2e:02:69:35:0c:2f:06:90:71:da:22:7b:b4:1b:6b:
ac:a2:7e:ae:9c:38:4e:3f:b1:3e:4e:a9:35:76:7a:
27:0b:5a:c8:c3:63:9e:37:bb:49:d2:83:93:73:e7:
59:a9:68:10:07:54:d3:3d:dc:30:1b:64:c4:fd:e1:
88:6a:15:e5:4c:91:83:9e:97:8c:06:f7:20:a1:db:
9d:43:b2:76:2b:ab:b5:1c:42:3c:a8:92:96:e1:22:
40:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:AE:DF:A4:20:FA:85:B3:0F:61:F2:B7:61:31:E7:AE:C9:3A:8D:3B
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/GK7fpCD6hbMPYfK3YTHnrsk6jTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.154.0/24
212.16.79.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3d:67:cb:be:e9:2a:86:c0:9e:58:65:75:0c:50:10:fc:fd:
fa:b1:e8:9d:f5:6b:77:46:55:5f:5e:f7:99:92:7d:48:f3:7c:
e7:4c:da:49:a7:80:d6:84:2d:ef:3f:46:ba:8b:96:64:9b:38:
33:2c:14:e1:fc:5b:c9:25:f8:da:da:39:2f:ad:c6:01:aa:1a:
c2:45:ba:19:8e:a1:28:db:b1:98:1d:0f:b1:e6:e6:b3:67:1d:
29:5c:46:36:82:55:94:78:d0:4f:88:0f:cb:e0:f1:46:18:ed:
11:fe:83:99:07:5c:1b:bb:2c:9e:6f:06:15:7c:e0:de:9c:02:
70:61:98:a4:55:e0:ae:2b:21:f5:17:c6:d3:e8:c1:88:2f:64:
42:5e:6b:35:0d:e3:9a:89:c4:5b:e3:67:1b:10:43:a2:e8:6e:
d5:26:c6:ec:15:43:80:c4:bb:97:79:fb:2a:50:b1:56:2b:9f:
17:9d:cc:1e:56:cf:ca:ac:19:90:0a:98:ce:50:06:3a:ff:fe:
9d:5b:0d:4a:79:7d:1d:f4:4e:91:af:87:eb:f5:9d:56:00:68:
5a:bd:e0:b0:52:e5:46:6e:24:15:89:a0:43:cd:60:71:d2:d0:
c2:a3:bf:6e:b4:15:59:6c:51:0f:a2:ef:36:d0:23:aa:8b:ea:
8b:c8:03:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7td6inFZqRJG5rjV2WeUxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNDE3MTkxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGFlZGZhNDIwZmE4NWIzMGY2MWYyYjc2MTMxZTdhZWM5M2E4ZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcKOsCJBjl4bafVHkMLmEJ9oQiuE
MpBAmw6XHCbvKI3TVa1V0GpTCaEVE/SoKJcZqpmoZNHH9Xw44mehlWbqk2HPdCke
hij5yDrAs2jT2jvQM+pwQ9WPvEQUcRRyLSdenfl3jmXXj5GSvg23wVBUFTvxBJb7
Exbz6wa9P6hLtheZ1gTXk6vpH3JTvnP0UnoI4DwAcWJ1jsrQ59/FEe7q3l31tyEu
Amk1DC8GkHHaInu0G2uson6unDhOP7E+Tqk1dnonC1rIw2OeN7tJ0oOTc+dZqWgQ
B1TTPdwwG2TE/eGIahXlTJGDnpeMBvcgodudQ7J2K6u1HEI8qJKW4SJALQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBiu36Qg+oWzD2Hyt2Ex567JOo07MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvR0s3ZnBDRDZoYk1QWWZLM1lUSG5yc2s2alRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiaaAwQA
1BBPMA0GCSqGSIb3DQEBCwUAA4IBAQAcPWfLvukqhsCeWGV1DFAQ/P36seid9Wt3
RlVfXveZkn1I83znTNpJp4DWhC3vP0a6i5ZkmzgzLBTh/FvJJfja2jkvrcYBqhrC
RboZjqEo27GYHQ+x5uazZx0pXEY2glWUeNBPiA/L4PFGGO0R/oOZB1wbuyyebwYV
fODenAJwYZikVeCuKyH1F8bT6MGIL2RCXms1DeOaicRb42cbEEOi6G7VJsbsFUOA
xLuXefsqULFWK58XncweVs/KrBmQCpjOUAY6//6dWw1KeX0d9E6Rr4fr9Z1WAGha
veCwUuVGbiQViaBDzWBx0tDCo79utBVZbFEPou820COqi+qLyANz
-----END CERTIFICATE-----
Generated at Wed May 1 12:49:32 2024 by rpki-client on console-fra.rpki-client.org