Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GBpP5qccelqmAgDlD2fzS-P3-0c.roa
File: GBpP5qccelqmAgDlD2fzS-P3-0c.roa (raw, json)
Hash identifier: CsBf+c+LW8/XqKRqOOL7nboVQRRGfhmWF1e3MtiwtUY=
Subject key identifier: 18:1A:4F:E6:A7:1C:7A:5A:A6:02:00:E5:0F:67:F3:4B:E3:F7:FB:47
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189AC6DD84444AEF3384A7C170675150B8C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GBpP5qccelqmAgDlD2fzS-P3-0c.roa
Signing time: Mon 31 Jul 2023 14:50:27 +0000
ROA not before: Mon 31 Jul 2023 14:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209193
IP address blocks: 185.216.69.0/24 maxlen: 24
185.207.12.0/24 maxlen: 24
45.139.105.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:6d:d8:44:44:ae:f3:38:4a:7c:17:06:75:15:0b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 31 14:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=181a4fe6a71c7a5aa60200e50f67f34be3f7fb47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7d:23:eb:1d:7f:91:37:67:73:78:96:22:e4:
9c:a0:75:3b:91:03:f3:44:5a:96:07:50:a7:76:c6:
31:7a:9e:be:f3:21:25:a4:94:4d:09:9b:99:61:a8:
9f:4d:e3:7b:3c:31:3a:42:c3:59:ba:48:69:31:71:
be:30:47:4f:1f:89:c8:11:a6:9e:7d:30:af:60:20:
20:24:53:63:98:57:99:2e:82:02:63:b4:b3:b5:c8:
45:6a:7a:bf:a4:2a:b7:bf:17:7a:7d:82:db:50:56:
45:02:89:05:70:ee:ba:e4:c5:54:ee:d1:ac:ee:34:
64:8d:13:71:b9:0b:ca:f6:b5:86:1e:9e:6f:b0:6f:
03:f6:41:44:c8:23:34:e1:54:30:0d:58:ad:49:66:
7f:f7:e6:e4:db:ad:6c:67:91:df:ed:ae:dd:7a:a4:
4e:85:e7:41:6d:72:e6:d0:69:a1:85:19:84:1a:e6:
6c:b4:6f:e5:4c:3a:df:ba:3c:d6:ae:b2:c3:d5:3b:
80:1a:92:7e:54:ea:cb:bf:eb:2f:14:66:a8:a3:bc:
e8:1d:8e:3d:92:38:a8:33:f0:ef:ed:5c:a6:5e:bf:
38:2d:7e:92:9c:7d:37:5e:74:2c:42:96:bf:e5:8e:
60:b5:21:35:63:bc:f4:75:26:cb:d0:be:1c:49:3a:
00:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1A:4F:E6:A7:1C:7A:5A:A6:02:00:E5:0F:67:F3:4B:E3:F7:FB:47
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GBpP5qccelqmAgDlD2fzS-P3-0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.105.0/24
185.207.12.0/24
185.216.69.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
09:7b:b0:80:1e:bd:c4:30:dd:db:5d:aa:66:4e:49:6d:12:58:
dd:0e:f9:d9:ca:96:a5:2a:87:1d:0a:36:34:8d:54:dc:b4:a2:
48:97:6f:8b:93:88:59:f5:62:ba:7f:78:a9:cb:f1:68:64:3e:
d0:29:1f:05:07:ae:f9:82:37:42:5f:08:08:64:be:e9:76:56:
e0:7e:4b:1e:d0:e0:1e:d9:ea:7a:a9:ae:c3:9c:14:5d:f0:86:
88:43:a6:09:be:b5:76:33:3c:b2:8f:59:e1:e2:4e:62:13:31:
59:5e:41:4c:c6:79:91:cb:28:a8:96:d2:48:fd:53:8b:71:9b:
a8:cb:6a:8e:f7:6a:31:3d:17:4a:20:62:76:54:ae:69:8b:38:
b0:43:9e:1e:5a:72:82:b4:92:5c:f7:b8:95:23:23:00:84:fd:
bd:dd:81:7c:5a:37:07:21:c3:a5:df:ad:b7:64:f1:28:69:d5:
02:90:60:82:32:7e:62:19:6f:ed:b5:51:51:26:3c:64:b3:8b:
5e:da:bf:74:96:ee:b4:c8:f7:9f:e8:94:da:c1:bc:47:60:a8:
15:9d:13:c1:c6:71:a7:de:77:a0:c7:fa:08:0e:9a:70:3e:36:
ae:f1:96:4a:2b:5b:c9:50:30:65:51:1c:5c:4a:9f:a5:1a:87:
72:b3:70:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmsbdhERK7zOEp8FwZ1FQuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzMxMTQ1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODFhNGZlNmE3MWM3YTVhYTYwMjAwZTUwZjY3ZjM0YmUzZjdmYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA030j6x1/kTdnc3iWIuScoHU7kQPz
RFqWB1CndsYxep6+8yElpJRNCZuZYaifTeN7PDE6QsNZukhpMXG+MEdPH4nIEaae
fTCvYCAgJFNjmFeZLoICY7SztchFanq/pCq3vxd6fYLbUFZFAokFcO665MVU7tGs
7jRkjRNxuQvK9rWGHp5vsG8D9kFEyCM04VQwDVitSWZ/9+bk261sZ5Hf7a7deqRO
hedBbXLm0GmhhRmEGuZstG/lTDrfujzWrrLD1TuAGpJ+VOrLv+svFGaoo7zoHY49
kjioM/Dv7VymXr84LX6SnH03XnQsQpa/5Y5gtSE1Y7z0dSbL0L4cSToAbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBgaT+anHHpapgIA5Q9n80vj9/tHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR0JwUDVxY2NlbHFtQWdEbEQyZnpTLVAzLTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYtpAwQA
uc8MAwQAudhFAwQAwjFXMA0GCSqGSIb3DQEBCwUAA4IBAQAJe7CAHr3EMN3bXapm
TkltEljdDvnZypalKocdCjY0jVTctKJIl2+Lk4hZ9WK6f3ipy/FoZD7QKR8FB675
gjdCXwgIZL7pdlbgfkse0OAe2ep6qa7DnBRd8IaIQ6YJvrV2Mzyyj1nh4k5iEzFZ
XkFMxnmRyyioltJI/VOLcZuoy2qO92oxPRdKIGJ2VK5piziwQ54eWnKCtJJc97iV
IyMAhP293YF8WjcHIcOl3623ZPEoadUCkGCCMn5iGW/ttVFRJjxks4te2r90lu60
yPef6JTawbxHYKgVnRPBxnGn3negx/oIDppwPjau8ZZKK1vJUDBlURxcSp+lGody
s3Ct
-----END CERTIFICATE-----
Generated at Sat Sep 2 20:17:50 2023 by rpki-client on console-ams.rpki-client.org