Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/wG1sPMFiGWMSDfe7QHupEhIUAaY.roa
File: wG1sPMFiGWMSDfe7QHupEhIUAaY.roa (raw, json)
Hash identifier: eUsJxmIQX0l9nW4ZVbM5XnUOq2sPzcI2ND4QheLv5ps=
Subject key identifier: C0:6D:6C:3C:C1:62:19:63:12:0D:F7:BB:40:7B:A9:12:12:14:01:A6
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE627B539E31AD780BDCA22F870B645
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/wG1sPMFiGWMSDfe7QHupEhIUAaY.roa
Signing time: Sun 01 Jan 2023 10:35:00 +0000
ROA not before: Sun 01 Jan 2023 10:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210793
IP address blocks: 45.81.248.0/22 maxlen: 22
45.95.120.0/22 maxlen: 22
45.86.88.0/22 maxlen: 22
147.78.124.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:27:b5:39:e3:1a:d7:80:bd:ca:22:f8:70:b6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c06d6c3cc1621963120df7bb407ba912121401a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b6:42:33:75:a9:47:11:b9:d1:d1:37:69:96:
19:9b:96:42:28:40:2f:0e:c6:3d:d3:e6:f2:93:7a:
41:51:fb:a4:ad:40:43:36:c1:02:e7:b4:e1:2b:49:
38:f8:f6:30:96:96:3b:f3:41:f5:da:87:d2:7c:1e:
24:28:60:2f:5b:75:de:f7:e3:e6:e2:54:4a:68:96:
ff:f9:89:42:d3:7d:fc:1f:29:aa:02:d6:d4:e3:b0:
38:b3:ee:09:61:f4:d4:86:9f:df:85:1a:38:84:98:
c6:de:2b:61:79:08:c7:91:94:e2:69:ef:a2:7d:7f:
be:d6:1d:59:ba:52:a1:7c:70:fd:b6:61:a4:50:d2:
db:e4:6b:7d:9e:4f:9a:21:e1:6f:ec:86:43:17:a1:
3d:5f:57:f0:d9:dc:4a:0d:46:88:61:f9:1c:d4:0f:
59:22:97:2d:48:94:a4:bf:39:78:6e:15:00:17:5f:
2f:74:c2:ba:ac:a7:1a:0d:32:7c:28:98:08:51:d6:
68:4b:1c:ad:47:2b:00:d9:82:51:da:cc:41:55:85:
11:46:1e:8e:f5:a3:f4:96:f1:45:b1:1e:bb:fc:01:
f0:8b:b9:b5:40:17:a1:4b:1f:cc:41:31:13:f3:6e:
d8:bb:0a:91:bb:cf:2f:87:86:f2:bc:9a:25:6b:11:
7c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6D:6C:3C:C1:62:19:63:12:0D:F7:BB:40:7B:A9:12:12:14:01:A6
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/wG1sPMFiGWMSDfe7QHupEhIUAaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.248.0/22
45.86.88.0/22
45.95.120.0/22
147.78.124.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:84:7e:11:fd:66:36:a5:89:03:f9:35:ea:0b:c0:52:ee:e2:
22:3e:47:11:00:6e:38:1f:70:28:9d:4c:71:57:12:11:a0:43:
c8:0b:e9:11:ca:05:74:82:24:5b:81:39:5b:a3:95:fc:e4:71:
bd:d9:85:e2:91:b6:0a:3c:57:9e:8e:8e:79:df:ce:f2:79:66:
21:60:25:d0:97:b5:85:8e:58:77:a3:2e:78:51:7b:df:66:74:
19:94:e0:72:ac:55:0c:3d:fd:0e:23:6f:57:02:92:55:eb:e2:
87:6c:68:98:f4:9a:33:86:14:4d:11:b4:9a:3a:f1:50:57:03:
e2:a9:ba:04:ce:37:36:40:89:c1:17:bf:a3:1c:23:2f:58:83:
db:be:71:66:ed:dc:de:b9:ba:a9:b3:8b:e5:c9:ef:67:b9:c2:
dd:20:c0:e2:02:12:f3:6a:a5:7a:3f:a1:fd:c4:22:f9:3b:6c:
65:d7:7d:c5:1d:e5:7f:51:f8:4f:6a:2f:27:8c:80:a0:ae:1b:
45:90:25:4b:f1:82:6f:65:44:b2:e2:44:31:54:f6:ec:47:c1:
28:33:21:36:09:02:5b:3e:5d:1e:f4:71:03:86:5e:da:e3:a0:
f9:1c:1d:5a:0f:dc:d4:d4:96:1d:51:71:e4:0e:8e:63:52:c2:
a0:aa:25:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVs5ie1OeMa14C9yiL4cLZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDZkNmMzY2MxNjIxOTYzMTIwZGY3YmI0MDdiYTkxMjEyMTQwMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7ZCM3WpRxG50dE3aZYZm5ZCKEAv
DsY90+byk3pBUfukrUBDNsEC57ThK0k4+PYwlpY780H12ofSfB4kKGAvW3Xe9+Pm
4lRKaJb/+YlC0338HymqAtbU47A4s+4JYfTUhp/fhRo4hJjG3itheQjHkZTiae+i
fX++1h1ZulKhfHD9tmGkUNLb5Gt9nk+aIeFv7IZDF6E9X1fw2dxKDUaIYfkc1A9Z
IpctSJSkvzl4bhUAF18vdMK6rKcaDTJ8KJgIUdZoSxytRysA2YJR2sxBVYURRh6O
9aP0lvFFsR67/AHwi7m1QBehSx/MQTET827YuwqRu88vh4byvJolaxF8gQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMBtbDzBYhljEg33u0B7qRISFAGmMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvd0cxc1BNRmlHV01TRGZlN1FIdXBFaElVQWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVH4AwQC
LVZYAwQCLV94AwQCk058MA0GCSqGSIb3DQEBCwUAA4IBAQB7hH4R/WY2pYkD+TXq
C8BS7uIiPkcRAG44H3AonUxxVxIRoEPIC+kRygV0giRbgTlbo5X85HG92YXikbYK
PFeejo55387yeWYhYCXQl7WFjlh3oy54UXvfZnQZlOByrFUMPf0OI29XApJV6+KH
bGiY9JozhhRNEbSaOvFQVwPiqboEzjc2QInBF7+jHCMvWIPbvnFm7dzeubqps4vl
ye9nucLdIMDiAhLzaqV6P6H9xCL5O2xl133FHeV/UfhPai8njICgrhtFkCVL8YJv
ZUSy4kQxVPbsR8EoMyE2CQJbPl0e9HEDhl7a46D5HB1aD9zU1JYdUXHkDo5jUsKg
qiUr
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:25 2024 by rpki-client on console-ams.rpki-client.org