Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/gjHr7-D-JyFH6un-OL0-X1xOWok.roa
File: gjHr7-D-JyFH6un-OL0-X1xOWok.roa (raw, json)
Hash identifier: ix81HNM91aRHPZWUx866kpcaH26zRjX3/n+lBRyzN44=
Subject key identifier: 82:31:EB:EF:E0:FE:27:21:47:EA:E9:FE:38:BD:3E:5F:5C:4E:5A:89
Certificate issuer: /CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Certificate serial: 018570FB9F39CAB3DE72BA79B78067274B9F
Authority key identifier: A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/gjHr7-D-JyFH6un-OL0-X1xOWok.roa
Signing time: Mon 02 Jan 2023 05:36:56 +0000
ROA not before: Mon 02 Jan 2023 05:36:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16347
IP address blocks: 193.47.139.0/24 maxlen: 24
103.73.172.0/22 maxlen: 24
185.247.248.0/22 maxlen: 24
2a0d:4240::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 15 Dec 2023 15:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:9f:39:ca:b3:de:72:ba:79:b7:80:67:27:4b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Validity
Not Before: Jan 2 05:36:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8231ebefe0fe272147eae9fe38bd3e5f5c4e5a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a7:1b:f6:41:2c:ba:d9:c5:37:b0:ce:9f:f1:
38:9b:2b:56:4f:03:fc:7b:74:4c:f6:f2:cd:9a:54:
9a:d3:1d:a9:43:5a:a8:80:15:04:e1:a2:f2:f0:97:
6f:21:82:23:39:fe:7d:d6:cf:56:36:b1:e8:92:6b:
86:7c:13:89:10:66:c2:06:98:96:44:06:51:00:2d:
14:06:f8:37:72:aa:71:14:a9:d9:e7:d9:05:6e:1c:
cd:97:9c:ac:3c:2e:b1:2b:f4:83:dc:b4:60:f6:4e:
1a:6f:f1:5c:2b:54:e3:33:15:ed:be:60:80:db:62:
7e:58:01:48:09:40:52:cd:f0:82:e3:d6:c9:b4:00:
54:b7:a3:e0:5e:9c:4d:0e:3e:b1:bf:ba:43:d2:80:
2c:5e:2c:e7:9e:55:45:3e:a9:05:97:5e:89:5f:4a:
a5:cf:94:d7:0a:ea:a1:48:1d:ad:ce:f8:7c:95:56:
73:a3:78:f5:56:5e:65:bd:27:2f:ed:a5:b9:69:79:
88:40:f1:b8:e4:fd:df:a2:06:32:ea:97:52:aa:a2:
bd:a2:96:91:14:98:48:ed:ff:52:55:2f:9f:88:a9:
ef:30:12:d6:31:75:b0:72:6b:73:26:d0:ef:4f:3b:
06:08:3b:ef:d4:7c:54:1c:d0:58:d8:42:56:76:87:
4c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:31:EB:EF:E0:FE:27:21:47:EA:E9:FE:38:BD:3E:5F:5C:4E:5A:89
X509v3 Authority Key Identifier:
keyid:A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/gjHr7-D-JyFH6un-OL0-X1xOWok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/qM-s4RTYzeptxeekmUPzIjRss10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.73.172.0/22
185.247.248.0/22
193.47.139.0/24
IPv6:
2a0d:4240::/29
Signature Algorithm: sha256WithRSAEncryption
35:d4:8d:a3:7f:c0:d1:03:ea:a7:52:d4:e9:18:41:0c:d1:c7:
98:12:81:e5:2b:0f:ba:a1:fa:0f:4d:be:06:4f:25:5b:e1:d6:
4d:38:4b:9d:8c:c5:30:8d:89:ad:99:c6:76:78:5f:83:40:de:
6f:58:57:c8:c8:44:bb:94:ba:79:d6:c7:81:45:11:96:be:0f:
f9:6b:7e:32:db:47:71:1c:01:e9:4d:2a:d6:bb:34:52:ab:dd:
61:1e:e9:80:fb:de:a4:0d:f0:18:a1:00:e8:d0:ec:ab:ea:7d:
10:3f:b4:5f:32:d4:e3:6d:b5:58:de:f5:bd:ae:b1:db:f9:ab:
d2:1a:65:ad:1f:1a:b3:f0:c7:e9:e5:06:ad:78:df:38:3b:73:
f9:3f:85:19:ad:91:f5:1d:13:50:29:b2:8e:bb:c3:2c:bc:f5:
df:0a:30:ea:66:b2:ec:b3:e7:57:df:de:61:71:ca:2a:41:0a:
52:27:11:e4:56:db:58:97:fd:bd:ac:11:87:c8:35:4c:62:d8:
58:e6:ff:0a:00:78:61:94:87:79:41:00:1e:ec:b0:78:20:11:
5d:17:8d:7c:fe:69:e0:1a:8b:5f:00:45:59:58:a7:b0:07:e6:
65:42:4b:16:52:5e:0c:bd:59:7e:ad:40:a8:4e:90:49:25:e2:
70:1e:de:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVw+585yrPecrp5t4BnJ0ufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4Y2ZhY2UxMTRkOGNkZWE2ZGM1ZTdhNDk5NDNmMzIyMzQ2
Y2IzNWQwHhcNMjMwMTAyMDUzNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjMxZWJlZmUwZmUyNzIxNDdlYWU5ZmUzOGJkM2U1ZjVjNGU1YTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6cb9kEsutnFN7DOn/E4mytWTwP8
e3RM9vLNmlSa0x2pQ1qogBUE4aLy8JdvIYIjOf591s9WNrHokmuGfBOJEGbCBpiW
RAZRAC0UBvg3cqpxFKnZ59kFbhzNl5ysPC6xK/SD3LRg9k4ab/FcK1TjMxXtvmCA
22J+WAFICUBSzfCC49bJtABUt6PgXpxNDj6xv7pD0oAsXiznnlVFPqkFl16JX0ql
z5TXCuqhSB2tzvh8lVZzo3j1Vl5lvScv7aW5aXmIQPG45P3fogYy6pdSqqK9opaR
FJhI7f9SVS+fiKnvMBLWMXWwcmtzJtDvTzsGCDvv1HxUHNBY2EJWdodMJwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIIx6+/g/ichR+rp/ji9Pl9cTlqJMB8GA1UdIwQY
MBaAFKjPrOEU2M3qbcXnpJlD8yI0bLNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEt
NjQ5NjQ5NzZmN2IzLzEvZ2pIcjctRC1KeUZINnVuLU9MMC1YMXhPV29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEtNjQ5NjQ5NzZmN2Iz
LzEvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCZ0msAwQC
uff4AwQAwS+LMA0EAgACMAcDBQMqDUJAMA0GCSqGSIb3DQEBCwUAA4IBAQA11I2j
f8DRA+qnUtTpGEEM0ceYEoHlKw+6ofoPTb4GTyVb4dZNOEudjMUwjYmtmcZ2eF+D
QN5vWFfIyES7lLp51seBRRGWvg/5a34y20dxHAHpTSrWuzRSq91hHumA+96kDfAY
oQDo0Oyr6n0QP7RfMtTjbbVY3vW9rrHb+avSGmWtHxqz8Mfp5QateN84O3P5P4UZ
rZH1HRNQKbKOu8MsvPXfCjDqZrLss+dX395hccoqQQpSJxHkVttYl/29rBGHyDVM
YthY5v8KAHhhlId5QQAe7LB4IBFdF418/mngGotfAEVZWKewB+ZlQksWUl4MvVl+
rUCoTpBJJeJwHt42
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:10 2024 by rpki-client on console-fra.rpki-client.org