Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/GtUSAAgQ3ZHALp34E7KMSasse8o.roa
File: GtUSAAgQ3ZHALp34E7KMSasse8o.roa (raw, json)
Hash identifier: JWyND/h3MRABPR7JFO48Oa+d2bGne92nWIjXx+X/zOM=
Subject key identifier: 1A:D5:12:00:08:10:DD:91:C0:2E:9D:F8:13:B2:8C:49:AB:2C:7B:CA
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CA19448005B9C70745AB1A7EF31ECC2DE
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/GtUSAAgQ3ZHALp34E7KMSasse8o.roa
Signing time: Mon 25 Dec 2023 15:24:58 +0000
ROA not before: Mon 25 Dec 2023 15:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 5.189.248.0/22 maxlen: 24
5.188.192.0/23 maxlen: 23
5.188.194.0/23 maxlen: 23
5.188.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:94:48:00:5b:9c:70:74:5a:b1:a7:ef:31:ec:c2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 25 15:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ad512000810dd91c02e9df813b28c49ab2c7bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9b:65:29:db:f7:69:08:4e:1a:45:91:92:5a:
01:d0:3b:17:cc:64:6c:af:7f:5a:4f:74:b4:65:e6:
28:dc:47:91:d4:01:af:3d:14:19:30:15:f1:2b:21:
38:c0:eb:9f:bd:08:dc:3c:d1:26:16:83:6c:2a:55:
e2:ef:98:a0:08:e1:8f:49:b0:a0:02:2a:7e:32:9c:
c3:d4:b0:a2:1d:b0:ad:1b:02:ef:6f:88:d2:cb:ef:
35:22:e7:fa:00:6c:45:18:49:19:6b:36:9c:78:43:
2e:ec:fd:f1:05:66:05:dd:f2:f8:5e:8f:4e:b8:b8:
52:63:60:c0:c0:d5:86:ef:3d:29:3c:57:d4:d6:37:
da:4d:70:c7:7e:d4:5a:b2:b7:a4:4f:51:ae:ef:6f:
1c:65:e8:ca:ef:3b:31:de:0b:45:ce:7e:be:c7:56:
23:c3:90:0f:53:53:c1:60:57:b2:18:1c:f6:81:e9:
18:2f:e8:86:df:9f:80:05:9a:5f:64:c9:47:2f:02:
58:80:55:c5:97:86:91:31:5e:a2:3b:67:e5:60:58:
30:29:23:54:35:48:5d:8a:f8:f3:83:d6:de:3f:83:
65:94:34:a6:63:30:15:60:be:0b:d4:bf:b8:b7:6a:
4c:31:c5:9d:67:5b:8a:62:ab:30:88:0c:f7:ec:b9:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D5:12:00:08:10:DD:91:C0:2E:9D:F8:13:B2:8C:49:AB:2C:7B:CA
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/GtUSAAgQ3ZHALp34E7KMSasse8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.192.0/22
5.188.204.0/23
5.189.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:67:10:be:27:b1:0a:f1:dc:60:40:de:00:97:40:75:5d:4b:
de:da:c5:a7:88:96:f2:ae:f3:e9:22:74:8d:eb:51:37:1c:30:
84:1d:87:04:97:db:b7:af:31:1e:e4:6c:08:fc:f2:75:dd:00:
0b:b9:4b:2a:14:f5:e4:03:81:49:71:7a:fa:e2:46:d2:ed:b0:
11:70:69:c0:3c:dd:c6:18:ef:00:eb:c7:b6:46:d6:20:04:5f:
55:fd:22:56:61:6d:6f:2d:41:26:97:aa:53:02:d0:32:84:20:
f4:d0:25:2d:2a:a5:99:1e:8b:4e:9f:f2:98:57:3d:7f:8e:1d:
b2:40:8f:5b:db:a6:33:8e:a1:d5:85:96:c5:6b:39:0e:4c:63:
7f:3d:25:96:2b:8a:7c:02:90:9c:30:5b:8a:0b:5b:2f:34:4f:
99:e2:c2:bb:85:e7:f0:ec:15:ad:5d:ef:5c:f7:25:b8:1d:7e:
b4:ec:67:f3:17:d4:b4:ec:99:09:34:f2:d9:e0:bf:d5:8c:4f:
ec:fa:92:47:74:e0:7f:f3:1f:d1:d8:26:05:96:2a:81:f7:62:
fa:c7:d0:cf:ca:2f:64:95:31:80:bc:fc:71:e5:38:52:f8:28:
cf:bc:2b:30:32:0d:fe:14:8b:74:8e:7e:8d:f9:0b:7f:f5:58:
46:6f:d4:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyhlEgAW5xwdFqxp+8x7MLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMxMjI1MTUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQ1MTIwMDA4MTBkZDkxYzAyZTlkZjgxM2IyOGM0OWFiMmM3YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJtlKdv3aQhOGkWRkloB0DsXzGRs
r39aT3S0ZeYo3EeR1AGvPRQZMBXxKyE4wOufvQjcPNEmFoNsKlXi75igCOGPSbCg
Aip+MpzD1LCiHbCtGwLvb4jSy+81Iuf6AGxFGEkZazaceEMu7P3xBWYF3fL4Xo9O
uLhSY2DAwNWG7z0pPFfU1jfaTXDHftRasrekT1Gu728cZejK7zsx3gtFzn6+x1Yj
w5APU1PBYFeyGBz2gekYL+iG35+ABZpfZMlHLwJYgFXFl4aRMV6iO2flYFgwKSNU
NUhdivjzg9beP4NllDSmYzAVYL4L1L+4t2pMMcWdZ1uKYqswiAz37LnszQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBrVEgAIEN2RwC6d+BOyjEmrLHvKMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvR3RVU0FBZ1EzWkhBTHAzNEU3S01TYXNzZThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBbzAAwQB
BbzMAwQCBb34MA0GCSqGSIb3DQEBCwUAA4IBAQAbZxC+J7EK8dxgQN4Al0B1XUve
2sWniJbyrvPpInSN61E3HDCEHYcEl9u3rzEe5GwI/PJ13QALuUsqFPXkA4FJcXr6
4kbS7bARcGnAPN3GGO8A68e2RtYgBF9V/SJWYW1vLUEml6pTAtAyhCD00CUtKqWZ
HotOn/KYVz1/jh2yQI9b26YzjqHVhZbFazkOTGN/PSWWK4p8ApCcMFuKC1svNE+Z
4sK7hefw7BWtXe9c9yW4HX607GfzF9S07JkJNPLZ4L/VjE/s+pJHdOB/8x/R2CYF
liqB92L6x9DPyi9klTGAvPxx5ThS+CjPvCswMg3+FIt0jn6N+Qt/9VhGb9Ts
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org