Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GBjRsGcwAJDEH6bJxwFzfgpL5YQ.roa
File: GBjRsGcwAJDEH6bJxwFzfgpL5YQ.roa (raw, json)
Hash identifier: b8RFsaRrirvkQvXwI2xYZ23n2KLd5G6PUvEfVQv/nQY=
Subject key identifier: 18:18:D1:B0:67:30:00:90:C4:1F:A6:C9:C7:01:73:7E:0A:4B:E5:84
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018776D3C03EFEAF6308C1C05C0DB4163EF3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GBjRsGcwAJDEH6bJxwFzfgpL5YQ.roa
Signing time: Wed 12 Apr 2023 18:56:41 +0000
ROA not before: Wed 12 Apr 2023 18:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207177
IP address blocks: 91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
171.22.52.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/22 maxlen: 22
45.86.17.0/24 maxlen: 24
45.86.16.0/24 maxlen: 24
45.86.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:d3:c0:3e:fe:af:63:08:c1:c0:5c:0d:b4:16:3e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 12 18:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1818d1b067300090c41fa6c9c701737e0a4be584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b2:86:5e:4c:ce:c4:bf:9a:7c:cf:f3:42:86:
5d:c9:ed:3d:4e:47:2c:d3:ce:45:c3:e1:96:ff:4f:
f4:59:1b:e3:5d:41:ad:cb:c0:b1:b7:c8:4e:b5:23:
ba:75:db:53:d5:5d:7f:ab:1a:03:7e:e8:bd:ac:b6:
ee:c2:1b:c8:39:21:d9:da:8d:c8:06:fe:07:16:3e:
30:a2:ed:28:76:09:36:75:60:fd:6b:ef:d1:c5:8f:
12:7e:b5:57:64:57:96:be:92:68:5a:b6:1a:aa:58:
2e:ba:88:af:dc:5f:6d:94:a8:a0:d5:82:c6:22:bd:
e4:e3:0c:4f:35:2d:67:6d:98:74:ad:25:36:25:87:
bd:f1:1d:49:9b:67:6d:61:f1:cb:57:f8:11:56:5a:
40:cf:bf:b7:70:2f:e6:b1:f2:a0:5d:55:1a:35:3d:
a0:b7:a3:54:fe:d7:4a:9d:01:69:3a:f4:a8:72:7b:
c6:0a:ca:88:cd:91:ae:3e:6a:8b:f3:47:eb:d3:2c:
c8:04:cb:40:3a:08:d2:46:dc:25:7a:d0:86:e1:94:
f9:e1:9f:38:c8:16:be:f5:14:c1:11:9b:8b:e7:63:
a2:bf:cb:67:e5:fe:97:5b:fc:28:96:59:e1:99:02:
8c:ae:c7:38:79:cb:31:5d:15:2a:fe:f6:d7:91:00:
53:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:18:D1:B0:67:30:00:90:C4:1F:A6:C9:C7:01:73:7E:0A:4B:E5:84
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GBjRsGcwAJDEH6bJxwFzfgpL5YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
45.86.16.0/22
91.242.81.0/24
171.22.52.0/22
185.212.11.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:99:45:5f:74:fb:06:92:62:ac:87:74:20:de:fb:6d:a0:5c:
0d:ae:56:c6:31:11:19:fc:22:86:73:ed:89:55:7b:1d:17:d4:
85:1b:14:f6:1c:c5:01:57:83:78:2f:91:4d:29:5e:a7:d8:47:
b0:c1:90:09:78:81:9f:c8:11:0c:11:c6:c9:cb:67:04:4c:9c:
f6:ce:95:8e:04:c1:66:c6:dc:3e:4c:07:d7:5b:1b:ad:eb:54:
a9:7b:59:ed:c4:7c:89:9e:12:9c:cb:8a:71:52:50:bd:fd:c0:
a0:fb:2a:05:12:2d:5f:dc:6f:4a:25:97:44:7e:a7:f9:9c:7d:
31:21:c2:cb:6d:4a:23:83:22:0a:33:c8:80:a4:71:da:5f:56:
ff:c9:24:3f:b5:ca:14:ac:e8:dc:f0:06:94:c7:ad:8e:16:f6:
fa:bc:e7:0b:50:50:8b:89:fe:fc:4b:1b:b2:fc:8d:75:8d:a8:
0a:00:aa:f3:8f:5e:d5:82:dc:92:e9:ff:97:13:7e:4a:6f:07:
0d:31:0a:c7:ba:da:72:fc:e0:a2:85:cd:81:b6:0f:e9:d9:48:
74:18:e7:fc:6e:29:59:ea:bc:b2:4e:b4:b2:14:dd:39:76:1f:
8f:5a:b0:cf:34:15:5a:18:bd:1c:ce:02:56:48:c1:a6:f2:e0:
72:7d:67:13
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYd208A+/q9jCMHAXA20Fj7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNDEyMTg1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE4ZDFiMDY3MzAwMDkwYzQxZmE2YzljNzAxNzM3ZTBhNGJlNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobKGXkzOxL+afM/zQoZdye09Tkcs
085Fw+GW/0/0WRvjXUGty8Cxt8hOtSO6ddtT1V1/qxoDfui9rLbuwhvIOSHZ2o3I
Bv4HFj4wou0odgk2dWD9a+/RxY8SfrVXZFeWvpJoWrYaqlguuoiv3F9tlKig1YLG
Ir3k4wxPNS1nbZh0rSU2JYe98R1Jm2dtYfHLV/gRVlpAz7+3cC/msfKgXVUaNT2g
t6NU/tdKnQFpOvSocnvGCsqIzZGuPmqL80fr0yzIBMtAOgjSRtwletCG4ZT54Z84
yBa+9RTBEZuL52Oiv8tn5f6XW/wollnhmQKMrsc4ecsxXRUq/vbXkQBTiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBgY0bBnMACQxB+myccBc34KS+WEMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvR0JqUnNHY3dBSkRFSDZiSnh3RnpmZ3BMNVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALUN1AwQC
LVYQAwQAW/JRAwQCqxY0AwQAudQLMA0GCSqGSIb3DQEBCwUAA4IBAQCPmUVfdPsG
kmKsh3Qg3vttoFwNrlbGMREZ/CKGc+2JVXsdF9SFGxT2HMUBV4N4L5FNKV6n2Eew
wZAJeIGfyBEMEcbJy2cETJz2zpWOBMFmxtw+TAfXWxut61Spe1ntxHyJnhKcy4px
UlC9/cCg+yoFEi1f3G9KJZdEfqf5nH0xIcLLbUojgyIKM8iApHHaX1b/ySQ/tcoU
rOjc8AaUx62OFvb6vOcLUFCLif78Sxuy/I11jagKAKrzj17VgtyS6f+XE35KbwcN
MQrHutpy/OCihc2Btg/p2Uh0GOf8bilZ6ryyTrSyFN05dh+PWrDPNBVaGL0czgJW
SMGm8uByfWcT
-----END CERTIFICATE-----
Generated at Wed Nov 15 18:57:55 2023 by rpki-client on console-fra.rpki-client.org