Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GhE5V7tAHSd-qg1wkA0MnB6slG4.roa
File: GhE5V7tAHSd-qg1wkA0MnB6slG4.roa (raw, json)
Hash identifier: vcbeGNHRNMx/IlCiJ9BUgd13xksnrEkSH+FkoBA8+gQ=
Subject key identifier: 1A:11:39:57:BB:40:1D:27:7E:AA:0D:70:90:0D:0C:9C:1E:AC:94:6E
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 018A286BFB6C776A505C22B3EE71C791BFD1
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GhE5V7tAHSd-qg1wkA0MnB6slG4.roa
Signing time: Thu 24 Aug 2023 16:41:19 +0000
ROA not before: Thu 24 Aug 2023 16:41:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 185.171.202.0/24 maxlen: 24
2a10:4646:50::/44 maxlen: 44
2a10:4640::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:6b:fb:6c:77:6a:50:5c:22:b3:ee:71:c7:91:bf:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Aug 24 16:41:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a113957bb401d277eaa0d70900d0c9c1eac946e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b8:82:12:b6:9c:83:17:b2:93:a0:70:94:10:
bf:8e:ba:32:17:16:22:d8:fb:57:40:36:e0:15:b3:
d8:dd:d8:e3:97:b6:db:75:d4:15:b5:2a:30:8b:87:
7c:b7:70:e1:da:ee:cf:44:c0:b6:f4:cc:25:d3:5f:
c4:91:ed:a3:03:91:6e:fe:be:54:f8:6c:4f:5c:22:
f7:60:42:84:c3:2a:6e:d0:70:15:f9:14:30:56:21:
32:8b:7b:63:74:17:40:51:bb:2a:57:29:22:87:d3:
e7:cb:f7:d4:1e:a1:0e:2e:ee:65:9a:f8:f0:15:22:
52:9b:a9:76:7a:40:af:2d:d2:09:83:27:df:ed:41:
a7:de:7a:4d:0c:43:88:72:99:5e:f4:a6:e1:c5:41:
f2:de:77:b7:0f:40:99:11:37:ae:f3:75:03:7f:3c:
e7:fa:42:fd:16:a0:02:8b:28:bc:e5:ff:28:35:1e:
c7:a3:05:dd:3f:27:96:06:7f:81:e2:8c:e7:d1:77:
94:ec:83:1b:b2:cd:a0:56:05:5a:1f:33:8c:58:e8:
60:d7:6b:e6:27:3a:e5:2e:d8:c1:b5:e3:c4:7d:99:
42:98:16:89:31:28:6f:00:e3:fa:30:57:62:0e:d5:
b7:e6:cc:4b:13:32:79:b0:6b:37:58:8d:59:20:01:
c0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:11:39:57:BB:40:1D:27:7E:AA:0D:70:90:0D:0C:9C:1E:AC:94:6E
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/GhE5V7tAHSd-qg1wkA0MnB6slG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.202.0/24
IPv6:
2a10:4640::/32
2a10:4646:50::/44
Signature Algorithm: sha256WithRSAEncryption
3b:1d:6b:3d:13:d0:07:7d:9a:aa:c2:cc:c2:fb:44:0e:37:e1:
c7:d1:69:9e:0e:ea:34:18:f7:3f:b2:64:71:27:97:72:98:b6:
b5:2f:f4:36:9c:ec:e4:45:19:3a:f7:8b:12:84:6e:1c:16:24:
37:c5:cf:fa:f1:8f:37:c0:f1:a3:6b:97:ab:e9:3b:64:b1:57:
1d:d7:1b:dc:b0:9c:a8:78:11:e2:b4:34:12:52:3e:92:b4:e1:
c8:06:6c:c6:8c:27:d4:a2:e7:11:06:ac:65:cb:bc:31:d6:92:
e6:f2:04:4b:39:04:bd:ff:ef:87:2c:aa:15:38:8a:24:8c:f7:
8a:bc:99:29:e5:e3:c8:55:78:dd:86:b4:7f:59:58:27:8d:d2:
e2:cb:b8:87:c4:1d:e3:b1:4a:3b:dd:50:c8:79:60:0a:a1:af:
10:e4:fe:cb:74:c3:72:56:37:2e:21:6d:75:8e:93:4b:10:57:
4b:23:6a:31:d4:f4:1c:9d:5a:e0:56:a8:c0:7e:d7:f1:76:e1:
da:87:f7:df:5a:04:98:e3:c8:32:ef:27:f2:ac:b4:ac:2a:a9:
e1:cc:bf:f1:15:6c:dc:59:4d:3f:2c:1d:37:83:06:70:5a:67:
ee:09:9b:0a:d6:09:3b:de:9f:90:26:f2:0b:fa:e4:e9:f1:07:
e7:5e:8d:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYooa/tsd2pQXCKz7nHHkb/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwODI0MTY0MTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTExMzk1N2JiNDAxZDI3N2VhYTBkNzA5MDBkMGM5YzFlYWM5NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7iCEracgxeyk6BwlBC/jroyFxYi
2PtXQDbgFbPY3djjl7bbddQVtSowi4d8t3Dh2u7PRMC29Mwl01/Eke2jA5Fu/r5U
+GxPXCL3YEKEwypu0HAV+RQwViEyi3tjdBdAUbsqVykih9Pny/fUHqEOLu5lmvjw
FSJSm6l2ekCvLdIJgyff7UGn3npNDEOIcple9KbhxUHy3ne3D0CZETeu83UDfzzn
+kL9FqACiyi85f8oNR7HowXdPyeWBn+B4ozn0XeU7IMbss2gVgVaHzOMWOhg12vm
JzrlLtjBtePEfZlCmBaJMShvAOP6MFdiDtW35sxLEzJ5sGs3WI1ZIAHAlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBoROVe7QB0nfqoNcJANDJwerJRuMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvR2hFNVY3dEFIU2QtcWcxd2tBME1uQjZzbEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAuavKMBYE
AgACMBADBQAqEEZAAwcEKhBGRgBQMA0GCSqGSIb3DQEBCwUAA4IBAQA7HWs9E9AH
fZqqwszC+0QON+HH0WmeDuo0GPc/smRxJ5dymLa1L/Q2nOzkRRk694sShG4cFiQ3
xc/68Y83wPGja5er6TtksVcd1xvcsJyoeBHitDQSUj6StOHIBmzGjCfUoucRBqxl
y7wx1pLm8gRLOQS9/++HLKoVOIokjPeKvJkp5ePIVXjdhrR/WVgnjdLiy7iHxB3j
sUo73VDIeWAKoa8Q5P7LdMNyVjcuIW11jpNLEFdLI2ox1PQcnVrgVqjAftfxduHa
h/ffWgSY48gy7yfyrLSsKqnhzL/xFWzcWU0/LB03gwZwWmfuCZsK1gk73p+QJvIL
+uTp8QfnXo2w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org