Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GK8X4PRIPfj2KAlgaj5qIi6WdYo.roa
File: GK8X4PRIPfj2KAlgaj5qIi6WdYo.roa (raw, json)
Hash identifier: j65ulagKACbQZ7Oyb85XrmV7fPcpEVbJPj4Kl7Q2VLk=
Subject key identifier: 18:AF:17:E0:F4:48:3D:F8:F6:28:09:60:6A:3E:6A:22:2E:96:75:8A
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D5F1FDB21C0D8C5B411109FBD33AB3959
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GK8X4PRIPfj2KAlgaj5qIi6WdYo.roa
Signing time: Wed 31 Jan 2024 10:45:39 +0000
ROA not before: Wed 31 Jan 2024 10:45:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 147.45.40.0/22 maxlen: 32
147.45.68.0/22 maxlen: 32
193.233.133.0/24 maxlen: 24
193.233.232.0/24 maxlen: 24
193.233.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 12:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:1f:db:21:c0:d8:c5:b4:11:10:9f:bd:33:ab:39:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 31 10:45:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18af17e0f4483df8f62809606a3e6a222e96758a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:fa:85:77:5f:82:3d:31:7b:fd:b9:cf:63:
fb:e4:c0:68:0a:a5:07:62:1b:e6:a6:35:38:19:42:
93:dd:48:b8:70:f4:17:8c:f0:4a:fe:f6:cb:da:cc:
44:4d:f6:95:f8:06:f7:1c:df:ba:fb:f8:f3:4f:90:
10:90:65:33:de:3c:31:3a:75:ae:8d:36:9d:f8:31:
ca:c9:8e:40:3a:ea:d9:d2:8d:af:2d:74:69:69:13:
cd:bf:28:79:6d:9d:2f:b2:a0:93:48:60:ea:05:08:
f5:5b:41:60:5f:85:78:ed:06:d0:84:7e:46:23:3d:
79:96:67:85:08:b4:6f:9c:18:c8:74:47:76:81:43:
27:07:3d:46:fb:7e:97:3e:aa:ce:d5:2f:09:15:a2:
dd:38:d0:88:8c:24:e7:71:68:15:00:de:b8:34:fc:
2d:c2:a4:85:bd:be:9a:95:ad:ee:cd:a8:34:b1:ec:
6a:5e:46:b4:cc:cc:fe:52:7e:0b:6b:ce:c0:b2:f7:
11:9b:62:3a:5e:60:f2:5b:ed:ff:51:91:39:92:5a:
a8:65:af:ce:71:eb:05:cd:27:60:fc:80:7f:72:f6:
be:30:ce:71:1c:4e:0e:e6:c6:98:ff:ad:6c:d2:aa:
ea:54:2d:9b:45:c2:2e:92:bb:28:c6:90:a4:1b:af:
f1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:AF:17:E0:F4:48:3D:F8:F6:28:09:60:6A:3E:6A:22:2E:96:75:8A
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GK8X4PRIPfj2KAlgaj5qIi6WdYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.40.0/22
147.45.68.0/22
193.233.133.0/24
193.233.232.0/23
Signature Algorithm: sha256WithRSAEncryption
48:b3:83:3e:da:c5:42:3b:f9:89:70:4f:8c:3e:a9:be:69:cc:
98:c6:78:fc:84:ed:ee:d2:30:71:75:0a:7e:a0:a9:ed:bf:71:
9b:05:9d:6a:43:45:2a:fa:96:79:ef:5b:9e:70:d7:7c:a1:18:
3b:18:0f:d9:21:4a:9a:19:b8:ab:f7:1b:8f:72:5f:a9:96:4c:
ca:2c:45:7e:f6:2c:11:73:19:8e:53:41:66:87:4f:03:db:d9:
d0:36:dc:59:88:b9:37:ae:d8:53:2a:a0:19:e6:ef:d5:2b:b8:
ad:dc:74:1b:90:a1:88:45:84:68:1b:b8:9d:c9:fc:1e:d6:ab:
df:11:e3:6d:79:78:0e:5a:e4:d5:06:6b:31:9d:b6:0f:f7:e5:
f7:8d:85:64:89:37:00:20:51:40:79:1f:c1:6c:ff:0b:fa:90:
f1:a5:15:26:2c:e1:71:e8:8b:1a:7d:7d:83:1d:f5:a2:1a:34:
87:be:6b:43:83:96:eb:16:78:42:a4:02:24:11:fe:5f:87:6f:
eb:a3:f7:8b:0d:31:c9:c7:d4:9a:b6:2a:a3:0b:61:29:d4:d8:
08:fa:1a:06:d2:8e:e7:28:fb:32:2d:95:ca:9c:07:74:e8:cd:
cc:a4:68:1a:86:00:eb:7d:c4:e6:75:ed:fa:ee:58:df:57:60:
51:58:6d:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1fH9shwNjFtBEQn70zqzlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTMxMTA0NTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGFmMTdlMGY0NDgzZGY4ZjYyODA5NjA2YTNlNmEyMjJlOTY3NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUn6hXdfgj0xe/25z2P75MBoCqUH
YhvmpjU4GUKT3Ui4cPQXjPBK/vbL2sxETfaV+Ab3HN+6+/jzT5AQkGUz3jwxOnWu
jTad+DHKyY5AOurZ0o2vLXRpaRPNvyh5bZ0vsqCTSGDqBQj1W0FgX4V47QbQhH5G
Iz15lmeFCLRvnBjIdEd2gUMnBz1G+36XPqrO1S8JFaLdONCIjCTncWgVAN64NPwt
wqSFvb6ala3uzag0sexqXka0zMz+Un4La87AsvcRm2I6XmDyW+3/UZE5klqoZa/O
cesFzSdg/IB/cva+MM5xHE4O5saY/61s0qrqVC2bRcIukrsoxpCkG6/x4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBivF+D0SD349igJYGo+aiIulnWKMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvR0s4WDRQUklQZmoyS0FsZ2FqNXFJaTZXZFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCky0oAwQC
ky1EAwQAwemFAwQBwenoMA0GCSqGSIb3DQEBCwUAA4IBAQBIs4M+2sVCO/mJcE+M
Pqm+acyYxnj8hO3u0jBxdQp+oKntv3GbBZ1qQ0Uq+pZ571uecNd8oRg7GA/ZIUqa
Gbir9xuPcl+plkzKLEV+9iwRcxmOU0Fmh08D29nQNtxZiLk3rthTKqAZ5u/VK7it
3HQbkKGIRYRoG7idyfwe1qvfEeNteXgOWuTVBmsxnbYP9+X3jYVkiTcAIFFAeR/B
bP8L+pDxpRUmLOFx6IsafX2DHfWiGjSHvmtDg5brFnhCpAIkEf5fh2/ro/eLDTHJ
x9SatiqjC2Ep1NgI+hoG0o7nKPsyLZXKnAd06M3MpGgahgDrfcTmde367ljfV2BR
WG25
-----END CERTIFICATE-----
Generated at Thu Feb 1 16:26:09 2024 by rpki-client on console-ams.rpki-client.org