Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/g2L97udFNMRrtJVcG1Rb6FxrsBg.roa
File: g2L97udFNMRrtJVcG1Rb6FxrsBg.roa (raw, json)
Hash identifier: IoZXoISXMCF+joBH+lMB6HxsNqcmLnouK/nqNF941/4=
Subject key identifier: 83:62:FD:EE:E7:45:34:C4:6B:B4:95:5C:1B:54:5B:E8:5C:6B:B0:18
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018BB40AF10E9DE2B7F584D068DFDB1532C5
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/g2L97udFNMRrtJVcG1Rb6FxrsBg.roa
Signing time: Thu 09 Nov 2023 12:24:57 +0000
ROA not before: Thu 09 Nov 2023 12:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197071
IP address blocks: 185.236.8.0/24 maxlen: 24
45.86.156.0/24 maxlen: 24
45.86.156.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:0a:f1:0e:9d:e2:b7:f5:84:d0:68:df:db:15:32:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Nov 9 12:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8362fdeee74534c46bb4955c1b545be85c6bb018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a6:80:88:b6:52:22:ac:d3:24:ab:0b:ce:fd:
b3:32:65:41:3e:a3:57:c6:00:68:cc:63:2f:aa:2c:
83:22:d6:27:af:e2:90:1c:8f:06:5b:41:ec:84:e8:
8b:f3:44:bf:bf:7e:c5:80:c3:ba:18:96:4d:b2:c8:
14:a8:d9:93:d8:da:40:7f:06:4b:c3:3a:5b:ad:26:
fb:d0:75:af:56:cf:53:cb:21:33:7e:30:35:10:88:
b4:13:88:03:b8:e7:fa:5b:f5:1a:30:e9:aa:a8:b1:
23:fa:17:2d:f8:c1:b4:cb:54:48:1b:ee:d3:88:53:
90:32:47:d4:9c:ad:c7:52:57:6f:f3:86:b2:cb:30:
e4:b4:8e:78:1f:6c:4f:5f:f7:5a:cb:67:9b:5a:49:
9b:12:18:b4:2d:f5:4f:50:e8:0d:54:63:22:3f:8d:
56:6c:1e:35:f3:b7:fc:34:94:82:06:54:ab:39:24:
47:2e:63:17:69:11:2b:36:9a:bf:09:e4:cb:00:45:
fc:b4:b4:4c:94:aa:8c:b2:df:09:e5:a3:9e:a8:22:
e9:45:48:71:e8:0d:7a:0a:46:0c:35:46:8e:ac:46:
2f:70:d8:66:89:cf:79:07:1a:a0:5a:88:d1:c4:32:
b1:c0:3c:d3:73:30:6e:ab:f2:1d:78:25:33:e1:b1:
f3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:62:FD:EE:E7:45:34:C4:6B:B4:95:5C:1B:54:5B:E8:5C:6B:B0:18
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/g2L97udFNMRrtJVcG1Rb6FxrsBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/23
185.236.8.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:69:dc:c1:02:72:80:d5:b7:0f:fe:14:43:15:db:07:dc:f4:
d5:60:8b:44:1e:57:ce:66:e4:5b:f6:44:e9:82:6f:d4:c2:2d:
68:eb:f0:e7:d1:ec:c6:2f:fe:58:d6:7c:d1:0e:33:6a:df:fd:
a5:68:4c:73:dc:94:fb:b3:e8:2d:74:72:e1:80:0d:6d:52:1c:
59:77:ae:67:73:9d:d6:e9:89:2e:20:ad:12:c1:4c:65:cb:ea:
6c:6c:7e:eb:37:e2:74:d1:04:4c:d7:fe:f8:bb:ab:db:ea:80:
c4:41:5b:66:fe:e2:52:34:f1:fb:e3:6e:ab:24:f2:95:79:b6:
d8:7d:77:a7:b6:9e:ff:94:6a:5f:b4:f0:e8:33:ec:12:78:4f:
97:07:28:6c:68:51:eb:0a:1d:bf:e1:d1:85:df:a0:8a:fc:49:
42:40:15:38:15:5f:e3:a1:34:ad:93:5c:f8:5f:5d:60:b0:2e:
31:ec:13:a2:4a:92:c8:84:63:82:d6:e4:0b:e1:85:70:22:d9:
e7:be:db:3e:79:85:00:e8:a4:5e:32:ed:c6:d9:34:ca:0c:39:
fa:a5:9a:56:09:9c:33:a3:01:cf:17:76:3d:eb:1c:18:b6:6f:
4c:22:bd:49:71:51:3e:48:bd:21:a6:18:f5:35:c3:a0:70:a4:
85:5e:c2:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu0CvEOneK39YTQaN/bFTLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMxMTA5MTIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzYyZmRlZWU3NDUzNGM0NmJiNDk1NWMxYjU0NWJlODVjNmJiMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaaAiLZSIqzTJKsLzv2zMmVBPqNX
xgBozGMvqiyDItYnr+KQHI8GW0HshOiL80S/v37FgMO6GJZNssgUqNmT2NpAfwZL
wzpbrSb70HWvVs9TyyEzfjA1EIi0E4gDuOf6W/UaMOmqqLEj+hct+MG0y1RIG+7T
iFOQMkfUnK3HUldv84ayyzDktI54H2xPX/day2ebWkmbEhi0LfVPUOgNVGMiP41W
bB4187f8NJSCBlSrOSRHLmMXaRErNpq/CeTLAEX8tLRMlKqMst8J5aOeqCLpRUhx
6A16CkYMNUaOrEYvcNhmic95BxqgWojRxDKxwDzTczBuq/IdeCUz4bHz/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFINi/e7nRTTEa7SVXBtUW+hca7AYMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvZzJMOTd1ZEZOTVJydEpWY0cxUmI2Rnhyc0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVacAwQA
uewIMA0GCSqGSIb3DQEBCwUAA4IBAQAvadzBAnKA1bcP/hRDFdsH3PTVYItEHlfO
ZuRb9kTpgm/Uwi1o6/Dn0ezGL/5Y1nzRDjNq3/2laExz3JT7s+gtdHLhgA1tUhxZ
d65nc53W6YkuIK0SwUxly+psbH7rN+J00QRM1/74u6vb6oDEQVtm/uJSNPH7426r
JPKVebbYfXentp7/lGpftPDoM+wSeE+XByhsaFHrCh2/4dGF36CK/ElCQBU4FV/j
oTStk1z4X11gsC4x7BOiSpLIhGOC1uQL4YVwItnnvts+eYUA6KReMu3G2TTKDDn6
pZpWCZwzowHPF3Y96xwYtm9MIr1JcVE+SL0hphj1NcOgcKSFXsKR
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:23 2024 by rpki-client on console-fra.rpki-client.org