Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/gAFXa7DVcsHqjSsxowILDLgArQ0.roa
File: gAFXa7DVcsHqjSsxowILDLgArQ0.roa (raw, json)
Hash identifier: 1bzB8+A1DUDtRaYR74Rkn0LWlQCexC4tBoI4DK1ucAk=
Subject key identifier: 80:01:57:6B:B0:D5:72:C1:EA:8D:2B:31:A3:02:0B:0C:B8:00:AD:0D
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0AD41F10ED2588E919E76AE5741208
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/gAFXa7DVcsHqjSsxowILDLgArQ0.roa
Signing time: Sun 01 Jan 2023 11:15:04 +0000
ROA not before: Sun 01 Jan 2023 11:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41272
IP address blocks: 46.165.64.0/18 maxlen: 18
188.7.0.0/16 maxlen: 16
80.185.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 17 Jul 2023 17:10:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d4:1f:10:ed:25:88:e9:19:e7:6a:e5:74:12:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8001576bb0d572c1ea8d2b31a3020b0cb800ad0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3f:a8:e7:37:f5:2b:4a:ba:c1:0e:eb:9d:68:
d5:b2:7a:a2:23:7b:89:ae:87:81:ea:67:7f:33:98:
b1:23:f2:d8:14:f1:fa:fc:a5:d1:41:2d:53:ef:fb:
30:23:b3:3f:44:15:cb:19:6c:f8:1e:11:be:7c:d6:
e1:03:38:7c:5f:56:d9:11:74:fb:e5:7b:14:e7:24:
7b:d2:9d:74:e4:aa:ee:84:66:48:e0:75:3c:3a:01:
c3:53:57:cf:dc:d0:0a:9c:88:1d:b0:07:18:4c:30:
01:6b:e2:6c:b6:20:a9:4b:d9:98:86:00:2a:5c:03:
82:dc:0c:41:ab:38:77:8c:9c:fa:6e:dc:96:89:f5:
8a:21:a4:28:64:9d:df:0a:59:3b:a1:3c:c3:32:0f:
44:fc:27:46:1a:43:3b:05:ff:a4:43:54:d3:14:0c:
95:9e:66:3e:d3:dd:20:99:97:2e:69:65:97:ed:d4:
0a:52:fb:37:0b:d5:40:7c:69:23:0f:27:25:d3:4b:
d4:5a:9a:12:70:24:e6:84:0f:7f:22:d7:72:e5:7a:
11:c5:cc:28:0d:0c:11:a7:08:c5:5f:d3:ad:70:58:
0d:71:c3:d5:30:01:f0:3e:89:ae:7e:7d:e3:10:58:
a9:3c:e3:4e:51:2b:0d:64:17:af:d4:bb:d8:db:60:
ad:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:01:57:6B:B0:D5:72:C1:EA:8D:2B:31:A3:02:0B:0C:B8:00:AD:0D
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/gAFXa7DVcsHqjSsxowILDLgArQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.165.64.0/18
80.185.0.0/16
188.7.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:1f:a3:ed:12:3f:3a:7b:db:6d:33:1e:ed:53:39:51:8b:79:
f6:bc:08:56:44:5f:3b:1f:50:10:c1:90:00:cd:a4:d5:18:f0:
26:29:24:bf:b6:54:51:21:c2:fb:29:d6:06:38:28:f8:25:1d:
b7:58:5a:bb:e2:67:ca:c8:5d:71:6a:6b:66:8a:a3:8d:6d:36:
d8:c8:89:2c:f8:31:9e:bf:04:56:36:c6:59:cc:3e:93:5f:94:
80:f9:30:66:45:01:e0:bf:60:81:e5:5a:0e:a9:e3:d7:d4:fd:
79:c8:74:5a:c2:50:4a:b5:43:b7:b8:fa:2c:e6:3c:b1:5a:d2:
4d:10:d0:39:31:9c:69:a6:90:a1:d3:c8:71:9d:a5:b6:c6:1d:
80:c2:6b:23:3f:7f:bd:5b:3a:d4:f5:65:de:2b:ef:58:da:c0:
35:33:2b:e5:60:d4:a7:d5:a3:6b:f9:9f:28:3a:68:1c:e9:7b:
ba:05:d3:8f:06:a2:11:6a:e3:1b:89:c3:74:93:20:dd:50:c1:
c4:ae:54:f7:5f:8a:c2:a2:a2:76:17:63:5b:90:cf:17:79:c8:
1f:e8:9c:4d:79:0b:f0:7d:b9:ce:20:f8:5a:6f:f6:ed:b5:33:
ee:9b:e1:c5:9a:db:a6:43:a5:48:50:51:11:98:e9:48:e8:71:
53:77:13:55
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVtCtQfEO0liOkZ52rldBIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAxNTc2YmIwZDU3MmMxZWE4ZDJiMzFhMzAyMGIwY2I4MDBhZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT+o5zf1K0q6wQ7rnWjVsnqiI3uJ
roeB6md/M5ixI/LYFPH6/KXRQS1T7/swI7M/RBXLGWz4HhG+fNbhAzh8X1bZEXT7
5XsU5yR70p105KruhGZI4HU8OgHDU1fP3NAKnIgdsAcYTDABa+JstiCpS9mYhgAq
XAOC3AxBqzh3jJz6btyWifWKIaQoZJ3fClk7oTzDMg9E/CdGGkM7Bf+kQ1TTFAyV
nmY+090gmZcuaWWX7dQKUvs3C9VAfGkjDycl00vUWpoScCTmhA9/Itdy5XoRxcwo
DQwRpwjFX9OtcFgNccPVMAHwPomufn3jEFipPONOUSsNZBev1LvY22CtKwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFIABV2uw1XLB6o0rMaMCCwy4AK0NMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvZ0FGWGE3RFZjc0hxalNzeG93SUxETGdBclEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAATAQAwQGLqVAAwMA
ULkDAwC8BzANBgkqhkiG9w0BAQsFAAOCAQEAjR+j7RI/OnvbbTMe7VM5UYt59rwI
VkRfOx9QEMGQAM2k1RjwJikkv7ZUUSHC+ynWBjgo+CUdt1hau+JnyshdcWprZoqj
jW022MiJLPgxnr8EVjbGWcw+k1+UgPkwZkUB4L9ggeVaDqnj19T9ech0WsJQSrVD
t7j6LOY8sVrSTRDQOTGcaaaQodPIcZ2ltsYdgMJrIz9/vVs61PVl3ivvWNrANTMr
5WDUp9Wja/mfKDpoHOl7ugXTjwaiEWrjG4nDdJMg3VDBxK5U91+KwqKidhdjW5DP
F3nIH+icTXkL8H25ziD4Wm/27bUz7pvhxZrbpkOlSFBREZjpSOhxU3cTVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org