Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/gWoWhoHXaiv548deZJA7XRxtMmQ.roa
File: gWoWhoHXaiv548deZJA7XRxtMmQ.roa (raw, json)
Hash identifier: QibNRYR2eIUOLiv15whJBDkoY+K1Qi7tTuqEaAwv3JM=
Subject key identifier: 81:6A:16:86:81:D7:6A:2B:F9:E3:C7:5E:64:90:3B:5D:1C:6D:32:64
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA82A3961AF9F07E4BF980E8495C40
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/gWoWhoHXaiv548deZJA7XRxtMmQ.roa
Signing time: Mon 02 Jan 2023 13:45:03 +0000
ROA not before: Mon 02 Jan 2023 13:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197431
IP address blocks: 85.232.225.0/24 maxlen: 24
85.232.246.0/24 maxlen: 24
213.189.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:82:a3:96:1a:f9:f0:7e:4b:f9:80:e8:49:5c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=816a168681d76a2bf9e3c75e64903b5d1c6d3264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4b:33:d3:9a:1e:f5:f2:cd:e7:42:bf:c5:9b:
0d:54:3e:09:46:5c:59:17:9f:89:04:c0:b5:a3:f9:
bb:57:c7:8a:62:61:73:23:9a:8f:3f:28:97:97:18:
91:0f:fe:6c:4a:61:c2:37:76:dd:fa:23:d6:9f:70:
c2:b1:65:ff:6e:3f:fa:ac:d0:03:00:0d:11:95:ac:
74:36:25:7b:c8:60:c1:d7:fa:58:3c:cc:a2:83:27:
bc:6a:9e:ed:1c:23:e9:a5:4d:48:70:80:ac:26:f5:
92:37:43:89:f9:33:f9:8d:75:02:52:a6:f4:b8:bc:
89:6b:1e:53:ae:23:45:2b:f6:0a:d7:a8:10:5b:a3:
44:29:7e:aa:e9:cb:26:86:37:b1:ca:14:83:d3:46:
c8:67:ea:35:f3:bb:47:b9:00:3b:25:1f:96:00:90:
61:8a:81:9a:77:3d:79:38:49:fc:1f:ff:6a:84:8a:
d6:c6:31:22:1c:08:3c:c4:80:e9:9e:d7:81:74:88:
0e:fd:2f:24:64:ac:c4:e4:1b:8b:e3:82:07:92:6e:
0b:0e:81:77:fd:e4:6b:ef:6d:a2:20:79:a9:8f:ef:
16:e6:b7:21:11:db:96:b8:ae:6d:b4:1b:eb:2e:cb:
4b:05:4f:3f:c0:47:58:39:13:88:11:b7:a1:f7:46:
40:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:6A:16:86:81:D7:6A:2B:F9:E3:C7:5E:64:90:3B:5D:1C:6D:32:64
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/gWoWhoHXaiv548deZJA7XRxtMmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.232.225.0/24
85.232.246.0/24
213.189.48.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:cf:95:a8:27:19:b0:4a:a7:f6:d6:f0:ca:ec:76:2d:d3:ac:
d3:33:14:03:6c:de:40:f7:6f:94:37:f3:b6:df:10:d4:77:c3:
d9:ba:ea:4c:26:88:46:12:ad:98:43:40:45:96:9f:1b:90:c7:
e7:cd:9c:1f:eb:1a:6a:99:e5:14:79:df:98:07:95:b4:65:ad:
2e:79:db:66:38:e3:a5:47:f2:24:c6:1d:8f:20:ee:84:af:13:
ac:76:6d:8e:24:ed:be:ed:69:18:af:5d:20:22:e1:0c:18:18:
8f:93:1f:70:5d:0c:86:a2:22:a6:e5:be:38:32:6d:bc:83:ac:
0e:4a:f3:6b:f6:81:c2:a5:5f:af:43:af:21:20:65:13:11:75:
86:b1:a1:41:ca:08:2a:cc:52:06:02:a3:39:fe:2d:2b:07:b1:
ef:41:da:aa:07:b1:9a:56:7a:1b:b4:a5:23:e7:b6:59:f1:2d:
a9:3e:ef:96:ad:70:08:0c:0d:47:c8:8d:ea:04:91:47:9f:85:
1a:c8:56:52:a1:d3:e4:bd:ea:6f:c7:15:67:d3:29:53:7c:de:
c5:41:ae:e4:79:70:94:f1:b6:50:b9:47:c0:c5:5d:3e:d6:cb:
8f:58:b2:74:d6:f6:aa:81:e7:58:05:bd:33:8e:09:17:13:1d:
33:5d:5a:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyuoKjlhr58H5L+YDoSVxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTZhMTY4NjgxZDc2YTJiZjllM2M3NWU2NDkwM2I1ZDFjNmQzMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0sz05oe9fLN50K/xZsNVD4JRlxZ
F5+JBMC1o/m7V8eKYmFzI5qPPyiXlxiRD/5sSmHCN3bd+iPWn3DCsWX/bj/6rNAD
AA0Rlax0NiV7yGDB1/pYPMyigye8ap7tHCPppU1IcICsJvWSN0OJ+TP5jXUCUqb0
uLyJax5TriNFK/YK16gQW6NEKX6q6csmhjexyhSD00bIZ+o187tHuQA7JR+WAJBh
ioGadz15OEn8H/9qhIrWxjEiHAg8xIDpnteBdIgO/S8kZKzE5BuL44IHkm4LDoF3
/eRr722iIHmpj+8W5rchEduWuK5ttBvrLstLBU8/wEdYOROIEbeh90ZAFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIFqFoaB12or+ePHXmSQO10cbTJkMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvZ1dvV2hvSFhhaXY1NDhkZVpKQTdYUnh0TW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVejhAwQA
Vej2AwQA1b0wMA0GCSqGSIb3DQEBCwUAA4IBAQCqz5WoJxmwSqf21vDK7HYt06zT
MxQDbN5A92+UN/O23xDUd8PZuupMJohGEq2YQ0BFlp8bkMfnzZwf6xpqmeUUed+Y
B5W0Za0uedtmOOOlR/Ikxh2PIO6ErxOsdm2OJO2+7WkYr10gIuEMGBiPkx9wXQyG
oiKm5b44Mm28g6wOSvNr9oHCpV+vQ68hIGUTEXWGsaFByggqzFIGAqM5/i0rB7Hv
QdqqB7GaVnobtKUj57ZZ8S2pPu+WrXAIDA1HyI3qBJFHn4UayFZSodPkvepvxxVn
0ylTfN7FQa7keXCU8bZQuUfAxV0+1suPWLJ01vaqgedYBb0zjgkXEx0zXVoO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:57 2024 by rpki-client on console-fra.rpki-client.org