Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/GKD4enWdHbPP8X3-IEtd00C8iZk.roa
File: GKD4enWdHbPP8X3-IEtd00C8iZk.roa (raw, json)
Hash identifier: OfurBukH+USvPWQxZizaPsGgPnCSFcBud5erminXla8=
Subject key identifier: 18:A0:F8:7A:75:9D:1D:B3:CF:F1:7D:FE:20:4B:5D:D3:40:BC:89:99
Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial: 018570674EDD01FCFA3ACFD5C3F4726F68C2
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/GKD4enWdHbPP8X3-IEtd00C8iZk.roa
Signing time: Mon 02 Jan 2023 02:54:56 +0000
ROA not before: Mon 02 Jan 2023 02:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 88.218.106.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 18 Jan 2023 02:22:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:4e:dd:01:fc:fa:3a:cf:d5:c3:f4:72:6f:68:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Validity
Not Before: Jan 2 02:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18a0f87a759d1db3cff17dfe204b5dd340bc8999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ad:7d:c6:04:8e:d7:b1:d4:8e:6f:ea:8e:6e:
de:c4:cd:fb:23:06:e3:04:23:d8:d4:62:87:83:19:
fd:1d:d0:35:e9:65:64:8f:27:a9:fc:e7:4d:c1:02:
ab:52:d4:53:c3:c1:5b:1e:73:aa:2b:cd:f9:d8:80:
a0:6e:eb:7d:cb:54:b9:a4:f6:6e:3b:e3:32:16:ce:
d7:1e:02:a9:2b:0d:db:af:43:76:8c:53:ea:94:ce:
78:3d:21:ca:65:31:14:a0:d6:ce:7f:9a:a4:16:96:
5e:43:9f:6a:70:96:f7:8e:03:7f:37:16:d0:91:0a:
ff:59:33:32:af:8f:c4:c8:31:9c:03:15:ab:fa:e7:
4e:26:02:ae:d7:6d:70:3a:fc:96:fb:b9:c3:c9:08:
03:db:14:f9:5c:79:40:67:dc:03:81:1e:66:b2:fd:
bc:f1:21:34:cd:00:5a:e7:6b:38:cf:d1:cd:ee:3e:
21:bb:29:5c:b1:20:8c:a5:9b:37:a9:18:55:31:69:
aa:96:16:ff:1a:c6:03:79:85:c0:74:16:8f:66:2e:
fd:d7:bb:cc:f6:44:ed:e9:f7:2f:69:a6:18:d9:78:
a3:72:6c:1a:67:a6:57:45:72:0f:b8:21:3c:3a:e2:
86:44:73:ae:1c:af:13:19:77:01:bc:1e:50:64:f3:
90:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A0:F8:7A:75:9D:1D:B3:CF:F1:7D:FE:20:4B:5D:D3:40:BC:89:99
X509v3 Authority Key Identifier:
keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/GKD4enWdHbPP8X3-IEtd00C8iZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.106.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:a5:69:35:ab:58:6f:4a:11:8c:e3:55:29:81:e5:e6:9d:ea:
b7:eb:0f:89:19:44:a1:4d:d3:c6:de:81:ab:2e:bc:93:c2:9e:
80:af:f5:9d:56:1f:e0:4e:98:b0:46:54:4b:34:2c:9f:a2:1f:
b3:aa:07:26:a9:63:b2:30:aa:fe:ef:e5:12:8d:c3:30:4f:39:
8e:19:1e:a0:2a:23:43:8f:33:8c:24:a4:02:b6:47:1e:c6:0d:
5e:75:ef:c9:dc:a2:a9:04:66:ee:66:8e:31:67:62:05:8a:e9:
33:ff:dc:9b:3e:78:d9:97:ae:19:1e:1a:7a:06:9d:9b:9e:c8:
60:7e:62:50:77:a2:20:a2:27:33:91:59:aa:31:33:49:30:76:
fe:a9:34:23:99:90:d0:d5:fd:46:d3:e5:db:44:eb:f6:7e:f8:
37:6f:a2:12:0f:75:8c:ea:52:3c:8f:d0:b0:46:22:9c:03:dc:
4e:0a:06:7e:f3:c5:fc:29:7a:b6:27:20:6a:fb:ad:dd:fa:0d:
fc:eb:aa:3f:ab:9f:79:54:64:ea:7d:58:09:e0:49:27:46:1a:
9d:59:05:b2:5b:7f:b4:9a:92:fd:ef:b1:b8:d1:4f:5f:5a:7e:
57:e5:1d:10:c7:87:17:59:20:9e:b7:cd:2f:ce:b5:ef:ec:5f:
eb:c3:e0:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ07dAfz6Os/Vw/Ryb2jCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjMwMTAyMDI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGEwZjg3YTc1OWQxZGIzY2ZmMTdkZmUyMDRiNWRkMzQwYmM4OTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn619xgSO17HUjm/qjm7exM37Iwbj
BCPY1GKHgxn9HdA16WVkjyep/OdNwQKrUtRTw8FbHnOqK8352ICgbut9y1S5pPZu
O+MyFs7XHgKpKw3br0N2jFPqlM54PSHKZTEUoNbOf5qkFpZeQ59qcJb3jgN/NxbQ
kQr/WTMyr4/EyDGcAxWr+udOJgKu121wOvyW+7nDyQgD2xT5XHlAZ9wDgR5msv28
8SE0zQBa52s4z9HN7j4huylcsSCMpZs3qRhVMWmqlhb/GsYDeYXAdBaPZi7917vM
9kTt6fcvaaYY2XijcmwaZ6ZXRXIPuCE8OuKGRHOuHK8TGXcBvB5QZPOQjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBig+Hp1nR2zz/F9/iBLXdNAvImZMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvR0tENGVuV2RIYlBQOFgzLUlFdGQwMEM4aVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNpqMA0G
CSqGSIb3DQEBCwUAA4IBAQAKpWk1q1hvShGM41UpgeXmneq36w+JGUShTdPG3oGr
LryTwp6Ar/WdVh/gTpiwRlRLNCyfoh+zqgcmqWOyMKr+7+USjcMwTzmOGR6gKiND
jzOMJKQCtkcexg1ede/J3KKpBGbuZo4xZ2IFiukz/9ybPnjZl64ZHhp6Bp2bnshg
fmJQd6IgoiczkVmqMTNJMHb+qTQjmZDQ1f1G0+XbROv2fvg3b6ISD3WM6lI8j9Cw
RiKcA9xOCgZ+88X8KXq2JyBq+63d+g3866o/q595VGTqfVgJ4EknRhqdWQWyW3+0
mpL977G40U9fWn5X5R0Qx4cXWSCet80vzrXv7F/rw+Dv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:15 2024 by rpki-client on console-ams.rpki-client.org