Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/gGlm14XRvjbP7I7xlGsY4P3_vmE.roa
File: gGlm14XRvjbP7I7xlGsY4P3_vmE.roa (raw, json)
Hash identifier: JIUBu9wf5Y51ncEM3T9VtQXNtIAhdwePIDyu5/aGQtI=
Subject key identifier: 80:69:66:D7:85:D1:BE:36:CF:EC:8E:F1:94:6B:18:E0:FD:FF:BE:61
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0191E2BD17A2D00BAF494C5C6B5AECFBBD21
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/gGlm14XRvjbP7I7xlGsY4P3_vmE.roa
Signing time: Wed 11 Sep 2024 20:18:48 +0000
ROA not before: Wed 11 Sep 2024 20:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 185.174.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 07:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e2:bd:17:a2:d0:0b:af:49:4c:5c:6b:5a:ec:fb:bd:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 11 20:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=806966d785d1be36cfec8ef1946b18e0fdffbe61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8e:44:06:b6:b1:26:f8:f7:f6:b1:59:7c:59:
9f:1d:9c:b2:da:20:09:88:e2:b0:77:23:f3:70:b7:
87:fa:67:38:a1:6e:d6:54:2c:0c:d8:b6:55:31:6b:
de:cc:cc:e4:93:02:0c:1d:97:90:c8:a9:8b:23:0f:
5b:0f:b3:c2:03:d1:9a:35:10:e6:c6:83:2e:47:d8:
6c:98:8f:0b:7d:35:c5:e4:2b:bd:37:a3:c7:f0:cb:
6e:f6:57:e8:c9:bf:ed:d9:1d:20:e7:07:00:c8:9f:
f9:dd:ab:26:db:90:5b:f6:5e:f0:60:75:72:7b:0e:
0c:fa:a5:d0:d8:36:0e:65:28:e8:13:64:0d:86:52:
de:e4:43:5e:77:02:d2:42:c9:2c:b5:a0:cf:1b:88:
96:ac:89:f3:d1:10:82:7b:74:4c:b3:d3:f3:a3:19:
35:c3:46:5a:d4:15:2d:b9:62:d5:06:0e:e3:62:a2:
42:68:45:f7:ba:cf:33:d4:56:b8:fc:ec:2e:57:17:
dd:cc:25:0f:58:f6:78:46:d1:c4:e5:06:5f:ad:c4:
6b:d7:ac:22:ab:d7:6a:77:4a:ad:13:e6:eb:3d:11:
fd:2b:9b:cf:98:de:0f:7c:f2:55:ca:3f:b1:c1:3a:
30:be:9c:d2:3f:ca:79:7e:2a:d3:14:e8:51:d4:2e:
a6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:69:66:D7:85:D1:BE:36:CF:EC:8E:F1:94:6B:18:E0:FD:FF:BE:61
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/gGlm14XRvjbP7I7xlGsY4P3_vmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.22.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:4c:25:0f:f0:00:ad:a3:46:83:c2:13:81:12:12:63:00:c9:
85:4f:98:e3:6d:20:20:7c:47:a7:9d:40:a1:2d:5e:04:16:09:
68:a1:9c:9f:7b:41:3c:ad:4f:2a:6e:4c:47:cf:0a:4d:ee:76:
78:ec:7a:44:c5:3b:5b:f1:e6:f5:1b:dd:91:47:4a:3c:86:09:
e3:69:49:17:6e:45:af:fa:f3:e7:a6:02:67:8a:8b:84:1c:b5:
6c:d8:dd:ad:c7:3f:cc:73:51:56:67:bc:b5:a3:e5:e8:01:90:
9c:14:74:8f:5d:9d:ae:72:d4:f5:22:19:2e:0f:f2:e9:8f:6e:
28:ae:1a:2c:42:67:25:32:9c:be:e3:72:f8:de:2f:36:9d:f8:
f5:f5:5b:4b:c1:ee:43:6d:28:1e:1a:46:c6:0a:6a:54:77:4e:
5b:c9:b3:b8:67:dd:a8:0f:0c:49:21:10:b9:05:ac:d2:ae:25:
32:36:8c:36:cd:18:7b:95:8d:5e:0c:61:62:6b:94:52:37:65:
0d:2a:f7:e6:c8:71:75:0b:99:e5:35:8f:1c:57:70:ae:d0:35:
64:43:1b:da:0a:67:dd:e7:86:bb:f3:e2:ce:3f:ed:93:fd:7b:
ec:04:a1:ae:1f:7d:20:ee:af:a6:41:3c:36:8d:1b:4f:ce:89:
bb:eb:bd:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHivRei0AuvSUxca1rs+70hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwOTExMjAxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY5NjZkNzg1ZDFiZTM2Y2ZlYzhlZjE5NDZiMThlMGZkZmZiZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI5EBraxJvj39rFZfFmfHZyy2iAJ
iOKwdyPzcLeH+mc4oW7WVCwM2LZVMWvezMzkkwIMHZeQyKmLIw9bD7PCA9GaNRDm
xoMuR9hsmI8LfTXF5Cu9N6PH8Mtu9lfoyb/t2R0g5wcAyJ/53asm25Bb9l7wYHVy
ew4M+qXQ2DYOZSjoE2QNhlLe5ENedwLSQskstaDPG4iWrInz0RCCe3RMs9Pzoxk1
w0Za1BUtuWLVBg7jYqJCaEX3us8z1Fa4/OwuVxfdzCUPWPZ4RtHE5QZfrcRr16wi
q9dqd0qtE+brPRH9K5vPmN4PfPJVyj+xwTowvpzSP8p5firTFOhR1C6mrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBpZteF0b42z+yO8ZRrGOD9/75hMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvZ0dsbTE0WFJ2amJQN0k3eGxHc1k0UDNfdm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua4WMA0G
CSqGSIb3DQEBCwUAA4IBAQAuTCUP8ACto0aDwhOBEhJjAMmFT5jjbSAgfEennUCh
LV4EFglooZyfe0E8rU8qbkxHzwpN7nZ47HpExTtb8eb1G92RR0o8hgnjaUkXbkWv
+vPnpgJniouEHLVs2N2txz/Mc1FWZ7y1o+XoAZCcFHSPXZ2uctT1IhkuD/Lpj24o
rhosQmclMpy+43L43i82nfj19VtLwe5DbSgeGkbGCmpUd05bybO4Z92oDwxJIRC5
BazSriUyNow2zRh7lY1eDGFia5RSN2UNKvfmyHF1C5nlNY8cV3Cu0DVkQxvaCmfd
54a78+LOP+2T/XvsBKGuH30g7q+mQTw2jRtPzom7670q
-----END CERTIFICATE-----
Generated at Thu Sep 12 09:32:12 2024 by rpki-client on console-ams.rpki-client.org