Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/gFSk0MwnJ0hK1Ly0Tq5PRLu0OYM.roa
File: gFSk0MwnJ0hK1Ly0Tq5PRLu0OYM.roa (raw, json)
Hash identifier: y1SWpViw2F2FPmeJQVJZ9T6o0mmqI5eWgM6GwOCuAXA=
Subject key identifier: 80:54:A4:D0:CC:27:27:48:4A:D4:BC:B4:4E:AE:4F:44:BB:B4:39:83
Certificate issuer: /CN=d07267bf23b2971a4795a83ef8478a821bafb1db
Certificate serial: 0191B2A01A63E757F6B1AA5E47AB767ED8E1
Authority key identifier: D0:72:67:BF:23:B2:97:1A:47:95:A8:3E:F8:47:8A:82:1B:AF:B1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0HJnvyOylxpHlag--EeKghuvsds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/gFSk0MwnJ0hK1Ly0Tq5PRLu0OYM.roa
Signing time: Mon 02 Sep 2024 12:05:22 +0000
ROA not before: Mon 02 Sep 2024 12:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8445
IP address blocks: 89.26.23.0/24 maxlen: 24
194.37.0.0/24 maxlen: 24
2a03:c400::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:a0:1a:63:e7:57:f6:b1:aa:5e:47:ab:76:7e:d8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07267bf23b2971a4795a83ef8478a821bafb1db
Validity
Not Before: Sep 2 12:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8054a4d0cc2727484ad4bcb44eae4f44bbb43983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:73:4a:cf:7e:af:e3:77:01:54:bd:1f:b0:8b:
f4:48:e4:c3:42:a8:e3:c1:82:ea:78:87:32:86:03:
03:fb:dd:4d:01:d0:c5:49:f7:ce:89:32:97:dd:72:
31:46:10:e1:9f:bc:eb:b9:64:c0:43:eb:02:7e:71:
9a:70:43:2f:be:da:7a:73:29:66:90:01:9e:41:a0:
b6:23:a8:69:87:ca:45:89:b2:59:bc:4c:13:51:58:
3e:bd:a5:dd:73:bb:14:88:5a:34:01:a3:c4:65:f9:
4e:4f:e5:63:7e:9e:47:87:91:44:5f:1a:3f:8f:44:
2e:3d:b3:f2:75:3d:7b:d9:13:be:ba:c0:4e:ff:88:
3d:bd:83:86:10:b3:31:25:38:07:d2:db:a6:63:1a:
f2:8e:77:fd:e2:d4:c7:0d:a2:35:49:9a:59:76:cf:
0f:f7:5e:ab:fd:70:a8:3e:82:f6:4b:87:dc:ac:2f:
b6:b1:91:e1:a0:56:93:81:4b:5d:0a:c3:54:97:0e:
e5:12:b1:80:91:65:42:11:99:17:18:f3:4c:35:7f:
76:24:5e:28:ce:86:08:4e:05:d9:36:23:79:6d:2e:
a1:77:21:96:1b:73:9f:6f:14:fd:8f:33:a0:7a:77:
09:d1:3b:fe:7f:bb:b8:91:f0:2c:3b:81:2f:29:df:
39:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:54:A4:D0:CC:27:27:48:4A:D4:BC:B4:4E:AE:4F:44:BB:B4:39:83
X509v3 Authority Key Identifier:
keyid:D0:72:67:BF:23:B2:97:1A:47:95:A8:3E:F8:47:8A:82:1B:AF:B1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0HJnvyOylxpHlag--EeKghuvsds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/gFSk0MwnJ0hK1Ly0Tq5PRLu0OYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/0HJnvyOylxpHlag--EeKghuvsds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.26.23.0/24
194.37.0.0/24
IPv6:
2a03:c400::/32
Signature Algorithm: sha256WithRSAEncryption
93:9f:e5:6a:c7:8f:3a:34:95:f5:10:6e:d6:56:1a:89:71:01:
e5:76:59:ad:dd:50:83:d8:d6:31:3f:29:bc:44:9a:3e:b7:59:
4d:48:11:08:3d:18:6b:c1:09:fc:8a:58:87:db:d3:59:76:e8:
dc:8a:2c:2e:40:61:5c:54:ed:a7:f6:88:74:0b:be:92:be:1d:
de:b6:fd:6b:c0:e4:32:b6:e9:1e:5e:02:59:69:8e:31:82:a2:
fc:7f:e2:55:de:a7:ca:8e:e9:6c:b0:4f:05:4d:c0:3e:5f:ba:
f7:af:7a:f4:68:27:2e:6a:1d:ac:29:a7:54:9f:f2:f8:cb:0a:
d3:75:0b:40:f7:0d:96:26:e3:1a:f8:ca:b0:f4:5f:55:1e:aa:
0d:fa:cb:9f:e3:30:ed:ce:af:f7:67:43:ad:04:7c:22:27:c7:
43:46:82:e8:25:5d:9a:8d:ad:58:94:ee:7f:5c:10:5f:e1:42:
01:d3:4e:15:ac:3a:75:10:72:92:ef:ec:ed:97:dd:f1:0a:8c:
c0:a0:e6:5e:01:a4:c0:b9:05:93:0e:81:8c:09:6f:55:d1:d4:
bb:af:3a:1d:e6:0e:93:a5:94:94:e4:88:64:52:a9:f5:57:ae:
48:e7:f4:8d:89:c5:5c:b2:1d:27:b1:4f:94:cc:ef:eb:da:90:
3b:86:96:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGyoBpj51f2sapeR6t2ftjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNzI2N2JmMjNiMjk3MWE0Nzk1YTgzZWY4NDc4YTgyMWJh
ZmIxZGIwHhcNMjQwOTAyMTIwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDU0YTRkMGNjMjcyNzQ4NGFkNGJjYjQ0ZWFlNGY0NGJiYjQzOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnNKz36v43cBVL0fsIv0SOTDQqjj
wYLqeIcyhgMD+91NAdDFSffOiTKX3XIxRhDhn7zruWTAQ+sCfnGacEMvvtp6cylm
kAGeQaC2I6hph8pFibJZvEwTUVg+vaXdc7sUiFo0AaPEZflOT+Vjfp5Hh5FEXxo/
j0QuPbPydT172RO+usBO/4g9vYOGELMxJTgH0tumYxryjnf94tTHDaI1SZpZds8P
916r/XCoPoL2S4fcrC+2sZHhoFaTgUtdCsNUlw7lErGAkWVCEZkXGPNMNX92JF4o
zoYITgXZNiN5bS6hdyGWG3OfbxT9jzOgencJ0Tv+f7u4kfAsO4EvKd85VQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIBUpNDMJydIStS8tE6uT0S7tDmDMB8GA1UdIwQY
MBaAFNByZ78jspcaR5WoPvhHioIbr7HbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEhKbnZ5T3lseHBIbGFnLS1FZUtnaHV2c2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS84ZGI1NzktYzFmYy00MjE1LTkwZjQt
ZjQ2NzNiYTUyYzAwLzEvZ0ZTazBNd25KMGhLMUx5MFRxNVBSTHUwT1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS84ZGI1NzktYzFmYy00MjE1LTkwZjQtZjQ2NzNiYTUyYzAw
LzEvMEhKbnZ5T3lseHBIbGFnLS1FZUtnaHV2c2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWRoXAwQA
wiUAMA0EAgACMAcDBQAqA8QAMA0GCSqGSIb3DQEBCwUAA4IBAQCTn+Vqx486NJX1
EG7WVhqJcQHldlmt3VCD2NYxPym8RJo+t1lNSBEIPRhrwQn8iliH29NZdujciiwu
QGFcVO2n9oh0C76Svh3etv1rwOQytukeXgJZaY4xgqL8f+JV3qfKjulssE8FTcA+
X7r3r3r0aCcuah2sKadUn/L4ywrTdQtA9w2WJuMa+Mqw9F9VHqoN+suf4zDtzq/3
Z0OtBHwiJ8dDRoLoJV2aja1YlO5/XBBf4UIB004VrDp1EHKS7+ztl93xCozAoOZe
AaTAuQWTDoGMCW9V0dS7rzod5g6TpZSU5IhkUqn1V65I5/SNicVcsh0nsU+UzO/r
2pA7hpa4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:35 2025 by rpki-client