Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/gQGsseM8W8VrvI5LTf7wFsldhRY.roa
File: gQGsseM8W8VrvI5LTf7wFsldhRY.roa (raw, json)
Hash identifier: YsMb0MgIyHpOeaiUDSNrLBQNIplEluvcHAE1I62IshY=
Subject key identifier: 81:01:AC:B1:E3:3C:5B:C5:6B:BC:8E:4B:4D:FE:F0:16:C9:5D:85:16
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 018926CDD4AD054CE35043B14D22FA16E636
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/gQGsseM8W8VrvI5LTf7wFsldhRY.roa
Signing time: Wed 05 Jul 2023 16:06:10 +0000
ROA not before: Wed 05 Jul 2023 16:06:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51170
IP address blocks: 185.185.77.0/24 maxlen: 24
185.185.78.0/24 maxlen: 24
5.180.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:cd:d4:ad:05:4c:e3:50:43:b1:4d:22:fa:16:e6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jul 5 16:06:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8101acb1e33c5bc56bbc8e4b4dfef016c95d8516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f9:80:34:a3:73:2d:3c:fc:21:0e:db:06:60:
08:58:d9:0d:08:3b:10:1b:cb:09:e0:ae:82:f0:a0:
df:14:0e:bd:22:41:6d:d2:59:97:31:21:d9:1b:f3:
78:a3:e0:12:67:25:ba:f0:31:28:a4:02:47:06:9d:
d5:18:58:f5:d0:6a:3c:79:7f:17:9f:09:ba:79:b6:
75:8a:f6:61:e7:fb:4a:90:fe:5b:37:ca:74:27:3c:
01:7d:e0:ca:01:3b:68:75:55:dc:ae:12:66:f2:55:
45:7b:05:56:6f:16:32:b2:5b:0a:c7:b0:4d:51:80:
e6:7d:ed:a9:6b:5f:24:52:4a:ca:1f:f6:fc:44:e1:
7f:51:b2:e7:65:70:5b:d2:24:cf:03:d9:fe:b5:03:
c8:4e:4b:6f:3f:63:2b:a6:c5:76:89:2b:df:d9:63:
44:a6:13:31:27:2e:22:b2:47:65:03:36:4b:e2:41:
42:02:1f:20:64:32:fe:2f:a6:b5:c0:3a:a7:5b:fa:
e2:bc:1a:fc:ec:6b:ce:62:65:35:a5:5c:29:5e:53:
72:ae:cd:6c:81:c3:1a:b5:09:5b:96:89:f2:be:af:
dc:fa:70:a8:c5:5f:88:46:25:be:38:39:c9:55:9c:
99:e8:1e:16:36:a6:e9:a4:35:d0:79:34:4b:6f:89:
c7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:01:AC:B1:E3:3C:5B:C5:6B:BC:8E:4B:4D:FE:F0:16:C9:5D:85:16
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/gQGsseM8W8VrvI5LTf7wFsldhRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.77.0-185.185.78.255
Signature Algorithm: sha256WithRSAEncryption
4b:03:9b:53:87:56:dc:14:1b:18:1b:85:f1:59:1e:70:9c:c3:
87:cf:49:1c:d8:be:37:bc:06:bb:c0:25:6d:1f:93:d1:42:36:
9e:7a:aa:8b:8f:ad:c8:23:34:27:12:05:2e:01:cf:72:3e:e3:
71:de:1b:ea:be:ba:4f:33:2d:db:9d:5d:fc:9a:83:a4:f6:d7:
a0:b4:dc:d1:29:e8:8a:be:26:4b:9c:78:fd:cb:9d:7e:a0:7a:
c5:ac:ad:b7:c2:1d:f1:68:c7:bc:28:30:e9:af:7e:a3:2c:a4:
4e:9e:64:75:b8:81:1d:77:58:6e:3a:62:69:56:cf:d7:b5:6d:
9c:8f:1c:e6:bb:86:09:72:6f:46:09:82:dc:54:e1:7b:d9:56:
7c:d9:47:a4:43:db:21:7e:54:76:49:d9:e5:1a:95:53:ac:be:
df:d6:0b:99:67:94:4f:b0:dc:dc:2e:2e:f9:ad:39:04:b7:0d:
e6:d3:6c:9d:60:86:c3:4f:58:2b:64:5c:5f:d5:69:91:5f:bf:
57:16:a2:eb:aa:62:01:81:c2:8e:00:1e:26:cc:a9:a7:ca:c2:
9a:f9:d0:26:e7:8d:47:86:bb:ca:5f:53:e2:c0:53:41:08:05:
37:40:f7:30:6d:d4:9a:52:e3:5b:b5:47:61:ee:35:af:ca:f6:
a0:a2:2b:b8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkmzdStBUzjUEOxTSL6FuY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjMwNzA1MTYwNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTAxYWNiMWUzM2M1YmM1NmJiYzhlNGI0ZGZlZjAxNmM5NWQ4NTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfmANKNzLTz8IQ7bBmAIWNkNCDsQ
G8sJ4K6C8KDfFA69IkFt0lmXMSHZG/N4o+ASZyW68DEopAJHBp3VGFj10Go8eX8X
nwm6ebZ1ivZh5/tKkP5bN8p0JzwBfeDKATtodVXcrhJm8lVFewVWbxYyslsKx7BN
UYDmfe2pa18kUkrKH/b8ROF/UbLnZXBb0iTPA9n+tQPITktvP2MrpsV2iSvf2WNE
phMxJy4iskdlAzZL4kFCAh8gZDL+L6a1wDqnW/rivBr87GvOYmU1pVwpXlNyrs1s
gcMatQlblonyvq/c+nCoxV+IRiW+ODnJVZyZ6B4WNqbppDXQeTRLb4nHhwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIEBrLHjPFvFa7yOS03+8BbJXYUWMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvZ1FHc3NlTThXOFZydkk1TFRmN3dGc2xkaFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCBbS8MAwD
BAC5uU0DBAC5uU4wDQYJKoZIhvcNAQELBQADggEBAEsDm1OHVtwUGxgbhfFZHnCc
w4fPSRzYvje8BrvAJW0fk9FCNp56qouPrcgjNCcSBS4Bz3I+43HeG+q+uk8zLdud
Xfyag6T216C03NEp6Iq+JkuceP3LnX6gesWsrbfCHfFox7woMOmvfqMspE6eZHW4
gR13WG46YmlWz9e1bZyPHOa7hglyb0YJgtxU4XvZVnzZR6RD2yF+VHZJ2eUalVOs
vt/WC5lnlE+w3NwuLvmtOQS3DebTbJ1ghsNPWCtkXF/VaZFfv1cWouuqYgGBwo4A
HibMqafKwpr50CbnjUeGu8pfU+LAU0EIBTdA9zBt1JpS41u1R2HuNa/K9qCiK7g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:44 2024 by rpki-client on console-fra.rpki-client.org