Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gnEPyJKs56sUvll6fLKUTb_ZAd4.roa
File: gnEPyJKs56sUvll6fLKUTb_ZAd4.roa (raw, json)
Hash identifier: 1ElwbzyG7V3+qhG5qD8WNqi7iga1XowyzsnZzmv1ED0=
Subject key identifier: 82:71:0F:C8:92:AC:E7:AB:14:BE:59:7A:7C:B2:94:4D:BF:D9:01:DE
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB3D6ED1AEA7208AD65373E9D096E7
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gnEPyJKs56sUvll6fLKUTb_ZAd4.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210027
IP address blocks: 185.180.145.0/24 maxlen: 24
91.236.195.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 14:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3d:6e:d1:ae:a7:20:8a:d6:53:73:e9:d0:96:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82710fc892ace7ab14be597a7cb2944dbfd901de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8f:63:16:91:aa:20:a9:e7:ec:7e:11:c1:da:
a5:8e:94:0c:d8:42:44:e4:31:7a:5c:0e:bc:65:0e:
5c:70:65:91:a5:4e:cd:1e:2f:fb:cb:10:68:a8:af:
c2:0c:d5:a7:eb:2a:8c:ae:3e:2f:a0:2e:de:ea:be:
6a:8a:18:d8:6c:9d:e7:05:07:02:02:d7:89:87:06:
9d:c2:f2:9a:ea:d4:07:ce:3b:10:4d:21:08:17:1f:
6d:f2:50:fe:14:30:ac:7a:82:e5:85:26:0e:4e:21:
c4:12:1b:ec:ed:89:1d:f1:3a:c9:cf:33:a8:e7:39:
8e:03:5c:5b:fd:b4:4b:4d:9c:9f:18:33:35:2c:dd:
7f:64:cc:8e:81:38:70:25:f7:00:ce:54:c6:df:a4:
35:15:26:4b:99:a0:c7:59:a8:c5:29:83:aa:b9:c0:
3a:a6:67:c1:56:7a:ec:a7:51:cf:b2:0e:ce:27:fd:
d1:93:22:d8:f3:cb:14:69:a0:aa:a4:9e:ad:99:91:
40:97:c7:66:89:93:8c:92:d6:bc:03:9c:c5:31:8c:
15:61:bc:c5:4d:ab:aa:f1:1d:93:f4:5c:54:1e:4e:
13:17:24:fc:d4:2f:5f:c9:ee:94:46:06:16:3b:24:
2d:43:e9:d0:f3:1c:49:e6:df:b4:7f:26:0c:9a:a1:
1b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:71:0F:C8:92:AC:E7:AB:14:BE:59:7A:7C:B2:94:4D:BF:D9:01:DE
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gnEPyJKs56sUvll6fLKUTb_ZAd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.195.0/24
176.126.223.0/24
185.180.145.0/24
Signature Algorithm: sha256WithRSAEncryption
92:00:46:b3:39:b0:49:63:54:e1:06:ea:6e:97:fb:5a:a7:02:
41:55:de:f3:7e:dc:c2:c2:33:e8:b3:6c:db:60:3f:61:bd:b9:
05:b6:78:fa:53:90:f1:5a:9a:09:81:74:11:af:03:65:f7:70:
ad:7a:68:af:eb:82:f0:68:e7:7b:be:63:ac:1a:f5:bf:af:ee:
b7:78:c1:01:ff:43:07:6e:7a:43:24:b6:8d:5d:a5:84:75:32:
0e:d8:e0:3c:ff:c3:24:c9:1b:3f:f0:08:10:0c:ee:6c:d9:7a:
70:19:ea:20:57:17:51:95:2b:be:3b:b6:44:ae:90:17:91:31:
93:ea:78:6e:ab:08:57:45:9c:69:e0:f3:a3:39:69:51:81:0f:
49:a6:2a:36:4a:6f:66:3f:a0:7e:01:5f:e9:42:e2:36:54:b2:
b0:23:af:0f:2a:b8:f5:a0:75:3c:3d:f0:48:80:d2:2c:d9:fb:
e2:64:d1:41:cf:db:b4:c4:86:00:9b:55:a5:49:b8:33:26:10:
f1:df:8e:55:45:8b:2a:91:24:89:12:8e:7b:3d:7e:b0:31:aa:
ef:5d:b7:5c:3d:c1:7b:07:bc:ec:9c:c5:ab:4d:6f:25:11:5b:
91:80:64:7a:80:2e:03:65:c9:ee:0b:2a:83:a3:55:61:c0:78:
8e:ce:55:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2z1u0a6nIIrWU3Pp0JbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjcxMGZjODkyYWNlN2FiMTRiZTU5N2E3Y2IyOTQ0ZGJmZDkwMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI9jFpGqIKnn7H4RwdqljpQM2EJE
5DF6XA68ZQ5ccGWRpU7NHi/7yxBoqK/CDNWn6yqMrj4voC7e6r5qihjYbJ3nBQcC
AteJhwadwvKa6tQHzjsQTSEIFx9t8lD+FDCseoLlhSYOTiHEEhvs7Ykd8TrJzzOo
5zmOA1xb/bRLTZyfGDM1LN1/ZMyOgThwJfcAzlTG36Q1FSZLmaDHWajFKYOqucA6
pmfBVnrsp1HPsg7OJ/3RkyLY88sUaaCqpJ6tmZFAl8dmiZOMkta8A5zFMYwVYbzF
Tauq8R2T9FxUHk4TFyT81C9fye6URgYWOyQtQ+nQ8xxJ5t+0fyYMmqEbowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIJxD8iSrOerFL5ZenyylE2/2QHeMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZ25FUHlKS3M1NnNVdmxsNmZMS1VUYl9aQWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+zDAwQA
sH7fAwQAubSRMA0GCSqGSIb3DQEBCwUAA4IBAQCSAEazObBJY1ThBupul/tapwJB
Vd7zftzCwjPos2zbYD9hvbkFtnj6U5DxWpoJgXQRrwNl93Ctemiv64LwaOd7vmOs
GvW/r+63eMEB/0MHbnpDJLaNXaWEdTIO2OA8/8MkyRs/8AgQDO5s2XpwGeogVxdR
lSu+O7ZErpAXkTGT6nhuqwhXRZxp4POjOWlRgQ9Jpio2Sm9mP6B+AV/pQuI2VLKw
I68PKrj1oHU8PfBIgNIs2fviZNFBz9u0xIYAm1WlSbgzJhDx345VRYsqkSSJEo57
PX6wMarvXbdcPcF7B7zsnMWrTW8lEVuRgGR6gC4DZcnuCyqDo1VhwHiOzlVA
-----END CERTIFICATE-----
Generated at Tue Apr 16 19:31:14 2024 by rpki-client on console-ams.rpki-client.org