Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/GHqqL0jDA5vTRYasUXbhRNyMIS4.roa
File: GHqqL0jDA5vTRYasUXbhRNyMIS4.roa (raw, json)
Hash identifier: D2hvew2cOOoCT5KUqH4mQhipl2IqxbXpZYehsADJmL0=
Subject key identifier: 18:7A:AA:2F:48:C3:03:9B:D3:45:86:AC:51:76:E1:44:DC:8C:21:2E
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018B1471ACAAD43F713FC0BFC7254F7D0CDE
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/GHqqL0jDA5vTRYasUXbhRNyMIS4.roa
Signing time: Mon 09 Oct 2023 12:37:55 +0000
ROA not before: Mon 09 Oct 2023 12:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
212.68.188.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 10:13:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:71:ac:aa:d4:3f:71:3f:c0:bf:c7:25:4f:7d:0c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Oct 9 12:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=187aaa2f48c3039bd34586ac5176e144dc8c212e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2b:ad:95:65:35:53:d7:fe:d5:24:58:59:2c:
d0:3b:dc:3c:fb:d3:23:01:5e:cb:e3:b9:53:75:24:
17:99:c0:16:4a:9f:ec:53:b0:5d:96:ea:c1:c3:c6:
07:f8:1e:5a:9e:fb:d9:1b:b1:b4:5b:ac:12:98:41:
9f:3e:0c:98:c1:aa:b7:22:6a:d6:85:26:91:11:67:
71:86:26:b1:7a:01:96:24:58:8a:57:36:66:ed:e7:
e0:34:ae:8b:f8:28:90:1d:13:b6:9d:62:8b:8b:b2:
4e:59:6d:a1:0e:05:e4:60:17:49:12:71:fa:89:06:
6d:e6:34:d4:74:6f:5d:1c:3e:45:32:46:20:cf:2b:
06:6b:fa:fb:b8:28:6d:13:d1:ee:0c:06:bc:a1:85:
30:30:7a:1f:ae:db:93:f2:a3:06:26:d6:d6:23:c9:
89:1b:c5:90:15:33:a4:7b:2d:aa:90:fb:47:6b:1e:
03:ae:12:c0:14:f2:be:41:c7:1e:0c:b6:e9:0a:d4:
4e:b4:46:f9:0a:7d:8d:0f:35:10:41:bb:25:cf:96:
11:aa:bd:a2:6c:dd:9f:7f:cd:67:69:7d:ba:42:04:
48:47:85:96:50:ec:9e:70:4f:7b:70:76:be:89:0b:
ab:0f:72:ef:44:41:14:f3:8f:c9:fd:7a:60:62:ab:
f8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7A:AA:2F:48:C3:03:9B:D3:45:86:AC:51:76:E1:44:DC:8C:21:2E
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/GHqqL0jDA5vTRYasUXbhRNyMIS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.180.0-212.68.191.255
Signature Algorithm: sha256WithRSAEncryption
9a:53:e5:9b:21:39:fa:cd:c6:ad:1c:c0:2e:15:c2:49:eb:40:
17:22:ef:0e:19:a3:c1:4d:a7:fb:b4:89:e1:61:51:25:b5:b9:
98:50:f8:50:0a:20:1c:df:3b:cf:ed:dd:9e:18:7f:38:75:aa:
1f:54:5c:1b:e6:73:20:86:c7:56:00:7a:0e:12:ff:4f:03:6a:
f8:93:e7:79:e9:5a:c9:e4:d5:bf:82:1a:b9:88:7c:78:b9:d8:
c5:14:c0:24:08:71:1a:10:d8:9f:01:d6:1e:1a:61:a5:82:50:
e5:32:6d:1d:90:e7:43:44:7e:9b:2c:f4:f8:84:bc:6d:66:80:
6b:57:84:02:67:fc:7b:96:d3:b8:5a:15:3e:46:12:89:46:a5:
12:e5:5f:9e:22:6e:00:47:2c:d3:15:6d:ce:07:75:11:55:0c:
2d:4a:6b:46:9e:dd:00:c8:74:e4:34:df:ee:56:66:95:3f:72:
e5:0d:15:07:2f:33:b6:df:6d:89:0b:0b:ce:10:81:75:ea:52:
fd:8f:ec:e9:92:7b:05:6b:49:14:93:9b:35:bb:b0:ab:f2:c0:
d8:f6:d7:78:f8:65:25:8d:77:6a:b5:36:10:e9:8e:f7:39:e4:
e8:45:f7:0d:e1:44:bb:7d:05:42:cd:6f:e3:18:b5:8a:01:c2:
ca:8d:38:2f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYsUcayq1D9xP8C/xyVPfQzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMxMDA5MTIzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODdhYWEyZjQ4YzMwMzliZDM0NTg2YWM1MTc2ZTE0NGRjOGMyMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCutlWU1U9f+1SRYWSzQO9w8+9Mj
AV7L47lTdSQXmcAWSp/sU7BdlurBw8YH+B5anvvZG7G0W6wSmEGfPgyYwaq3ImrW
hSaREWdxhiaxegGWJFiKVzZm7efgNK6L+CiQHRO2nWKLi7JOWW2hDgXkYBdJEnH6
iQZt5jTUdG9dHD5FMkYgzysGa/r7uChtE9HuDAa8oYUwMHofrtuT8qMGJtbWI8mJ
G8WQFTOkey2qkPtHax4DrhLAFPK+QcceDLbpCtROtEb5Cn2NDzUQQbslz5YRqr2i
bN2ff81naX26QgRIR4WWUOyecE97cHa+iQurD3LvREEU84/J/XpgYqv4tQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBh6qi9IwwOb00WGrFF24UTcjCEuMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvR0hxcUwwakRBNXZUUllhc1VYYmhSTnlNSVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALURLQD
BAbURIAwDQYJKoZIhvcNAQELBQADggEBAJpT5ZshOfrNxq0cwC4VwknrQBci7w4Z
o8FNp/u0ieFhUSW1uZhQ+FAKIBzfO8/t3Z4Yfzh1qh9UXBvmcyCGx1YAeg4S/08D
aviT53npWsnk1b+CGrmIfHi52MUUwCQIcRoQ2J8B1h4aYaWCUOUybR2Q50NEfpss
9PiEvG1mgGtXhAJn/HuW07haFT5GEolGpRLlX54ibgBHLNMVbc4HdRFVDC1Ka0ae
3QDIdOQ03+5WZpU/cuUNFQcvM7bfbYkLC84QgXXqUv2P7OmSewVrSRSTmzW7sKvy
wNj213j4ZSWNd2q1NhDpjvc55OhF9w3hRLt9BULNb+MYtYoBwsqNOC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org