Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/G5F7zk4DR0hzPKA0hOFj_bHkJFU.roa
File: G5F7zk4DR0hzPKA0hOFj_bHkJFU.roa (raw, json)
Hash identifier: 8dCRFScDTmXSw7mjL3qlY/OeZ4P0Z2QN+5LAoBn8tl4=
Subject key identifier: 1B:91:7B:CE:4E:03:47:48:73:3C:A0:34:84:E1:63:FD:B1:E4:24:55
Certificate issuer: /CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Certificate serial: 018ABC3669C4C86029478DBD80B3937D2FA4
Authority key identifier: 4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/G5F7zk4DR0hzPKA0hOFj_bHkJFU.roa
Signing time: Fri 22 Sep 2023 09:26:37 +0000
ROA not before: Fri 22 Sep 2023 09:26:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201454
IP address blocks: 45.140.0.0/22 maxlen: 24
185.73.24.0/22 maxlen: 22
2a05:3f00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:36:69:c4:c8:60:29:47:8d:bd:80:b3:93:7d:2f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Validity
Not Before: Sep 22 09:26:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b917bce4e034748733ca03484e163fdb1e42455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:79:36:32:02:4b:75:3b:13:96:93:45:3f:
cb:98:48:28:6d:31:cb:ce:85:80:0c:b8:f6:32:00:
94:43:f9:1b:5b:bd:6a:38:90:d6:28:df:d0:0d:a1:
2e:7d:5b:c5:f8:cb:56:00:1d:08:00:7a:49:36:e9:
b1:0c:b0:53:f2:d2:39:52:11:fd:25:0c:81:47:c2:
7e:3b:4b:73:71:b5:41:75:f9:a9:02:69:30:3a:75:
1e:fb:19:82:c2:6f:ea:76:01:af:5d:25:08:ab:c5:
6b:b8:a8:15:9f:92:b9:e6:eb:22:7f:38:cb:4a:e3:
55:ae:48:63:de:7b:ff:e8:dd:5a:8b:9f:5e:6d:bf:
09:56:5c:71:b5:1f:ed:3c:c0:71:fd:68:ad:0c:ba:
7a:e0:66:52:3d:d0:c0:1e:74:87:2b:bf:9d:5d:05:
ff:c6:e8:be:85:43:3c:a4:ef:2f:7f:5d:74:3a:a4:
7a:77:2d:f4:c3:4e:8e:70:81:16:e7:93:7f:a2:29:
f2:d1:16:02:6b:5f:75:46:01:0b:0b:1f:4a:f6:04:
0d:a3:af:56:5a:4d:35:2c:a1:8e:04:44:cc:4b:fc:
82:56:5a:13:46:d6:1d:6a:7f:e7:2d:5d:e0:a6:c2:
38:ce:14:09:b9:23:72:35:43:61:9a:e1:49:0c:96:
2d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:91:7B:CE:4E:03:47:48:73:3C:A0:34:84:E1:63:FD:B1:E4:24:55
X509v3 Authority Key Identifier:
keyid:4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/G5F7zk4DR0hzPKA0hOFj_bHkJFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.0.0/22
185.73.24.0/22
IPv6:
2a05:3f00::/29
Signature Algorithm: sha256WithRSAEncryption
b6:7c:16:7a:44:9b:f6:c4:37:3d:1b:29:9d:56:3f:f6:88:3f:
94:e5:85:d4:b3:dd:f7:91:b3:b8:92:eb:b7:25:f4:52:de:76:
47:da:80:7e:cd:f3:40:b8:a6:43:ad:54:91:ce:76:34:a8:9f:
48:4e:18:04:24:32:df:1f:87:c7:2d:a3:77:8a:19:15:30:19:
81:48:8e:f6:cd:df:12:3e:bd:f1:99:c3:59:8a:0c:a9:88:1d:
fe:f0:9b:cd:d2:4f:cd:e8:f2:fa:61:42:f9:86:d0:0c:59:b2:
84:c5:28:e8:ad:cb:16:ec:8f:6d:76:af:47:89:b2:3a:4c:82:
9e:e1:05:1d:1d:39:ed:8f:9a:19:2a:2e:49:fe:2a:9f:81:5f:
60:13:e8:dd:a1:ba:e4:a8:a0:30:18:6b:de:8f:d2:d8:60:c1:
a0:0f:08:94:e7:b8:51:17:9e:8d:c4:1b:23:b6:26:77:b1:7e:
9e:5d:8b:69:8a:87:26:3b:8c:b5:95:a0:79:ba:99:49:d8:56:
82:d9:07:72:f4:66:28:19:02:f8:7f:6c:15:58:a6:58:5a:00:
ed:20:74:ce:26:e5:12:5a:bd:41:2a:86:b9:49:d5:1a:82:d1:
d7:1a:45:4c:13:e1:ce:1a:94:81:c4:bd:05:5d:85:41:4a:8c:
62:85:d2:19
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYq8NmnEyGApR429gLOTfS+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWM1ZTU2YWFjZDAxZmZiMjgyNWE5MzFlZDVlZGU0MWMz
ZjkyZTYwHhcNMjMwOTIyMDkyNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjkxN2JjZTRlMDM0NzQ4NzMzY2EwMzQ4NGUxNjNmZGIxZTQyNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+N5NjICS3U7E5aTRT/LmEgobTHL
zoWADLj2MgCUQ/kbW71qOJDWKN/QDaEufVvF+MtWAB0IAHpJNumxDLBT8tI5UhH9
JQyBR8J+O0tzcbVBdfmpAmkwOnUe+xmCwm/qdgGvXSUIq8VruKgVn5K55usifzjL
SuNVrkhj3nv/6N1ai59ebb8JVlxxtR/tPMBx/WitDLp64GZSPdDAHnSHK7+dXQX/
xui+hUM8pO8vf110OqR6dy30w06OcIEW55N/oiny0RYCa191RgELCx9K9gQNo69W
Wk01LKGOBETMS/yCVloTRtYdan/nLV3gpsI4zhQJuSNyNUNhmuFJDJYtzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBuRe85OA0dIczygNIThY/2x5CRVMB8GA1UdIwQY
MBaAFEqcXlaqzQH/soJakx7V7eQcP5LmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMt
MmU2OTRiMzM5OTMzLzEvRzVGN3prNERSMGh6UEtBMGhPRmpfYkhrSkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMtMmU2OTRiMzM5OTMz
LzEvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYwAAwQC
uUkYMA0EAgACMAcDBQMqBT8AMA0GCSqGSIb3DQEBCwUAA4IBAQC2fBZ6RJv2xDc9
GymdVj/2iD+U5YXUs933kbO4kuu3JfRS3nZH2oB+zfNAuKZDrVSRznY0qJ9IThgE
JDLfH4fHLaN3ihkVMBmBSI72zd8SPr3xmcNZigypiB3+8JvN0k/N6PL6YUL5htAM
WbKExSjorcsW7I9tdq9HibI6TIKe4QUdHTntj5oZKi5J/iqfgV9gE+jdobrkqKAw
GGvej9LYYMGgDwiU57hRF56NxBsjtiZ3sX6eXYtpiocmO4y1laB5uplJ2FaC2Qdy
9GYoGQL4f2wVWKZYWgDtIHTOJuUSWr1BKoa5SdUagtHXGkVME+HOGpSBxL0FXYVB
SoxihdIZ
-----END CERTIFICATE-----
Generated at Fri Oct 20 13:30:53 2023 by rpki-client on console-fra.rpki-client.org