Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/WD5l1zJjWyBq6D79_go6JKDCNzA.roa
File: WD5l1zJjWyBq6D79_go6JKDCNzA.roa (raw, json)
Hash identifier: gopVa3nfbRR/OiPvUjIysXWDRdW+7S5v14DPkduSG4E=
Subject key identifier: 58:3E:65:D7:32:63:5B:20:6A:E8:3E:FD:FE:0A:3A:24:A0:C2:37:30
Certificate issuer: /CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Certificate serial: 018AE6AEA580B77A881A7C5392B464E393F6
Authority key identifier: 1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/WD5l1zJjWyBq6D79_go6JKDCNzA.roa
Signing time: Sat 30 Sep 2023 15:21:59 +0000
ROA not before: Sat 30 Sep 2023 15:21:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50019
IP address blocks: 45.131.197.0/24 maxlen: 24
45.131.198.0/24 maxlen: 24
45.131.199.0/24 maxlen: 24
45.131.196.0/24 maxlen: 24
185.128.112.0/24 maxlen: 24
185.128.113.0/24 maxlen: 24
185.128.114.0/24 maxlen: 24
185.128.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e6:ae:a5:80:b7:7a:88:1a:7c:53:92:b4:64:e3:93:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Validity
Not Before: Sep 30 15:21:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=583e65d732635b206ae83efdfe0a3a24a0c23730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:09:1d:11:85:c8:46:6b:08:01:cc:a5:a5:e2:
ed:9f:ea:fd:36:07:57:89:00:0e:82:3a:eb:5f:19:
ce:eb:21:09:40:d7:2d:77:2f:da:38:04:5f:85:b1:
8d:5e:df:5d:fb:86:91:ad:a0:e3:ec:9c:f3:98:e8:
d1:d3:f4:26:5b:3a:99:f2:02:56:fb:d9:b0:a0:d4:
bf:be:5b:10:d2:8c:ac:b1:9f:d9:f5:ea:3d:7f:77:
3e:96:9b:21:d6:35:b5:16:2d:be:6a:4a:d6:89:2c:
26:42:65:bd:94:f8:99:55:36:f5:74:66:09:fb:56:
e9:2a:23:ce:c5:73:4f:53:4e:0c:69:59:f5:57:c0:
e9:5d:ac:72:36:14:c6:c0:fc:c5:5b:6c:47:d3:91:
73:8f:d4:85:65:60:24:a1:9b:1a:78:46:a9:9e:69:
de:e5:26:48:53:08:b8:67:71:0c:1e:37:d4:25:61:
1d:80:11:34:09:a4:ee:09:a3:61:4a:9c:9f:cb:40:
61:93:da:2c:43:9c:11:62:38:e9:0a:a1:11:c2:cb:
a8:11:e0:f8:fd:9a:4a:1b:76:83:c8:6b:15:bd:5c:
e7:e4:4e:9c:da:c8:19:70:e2:ad:cd:7e:95:42:9a:
4c:7f:40:19:ee:e4:7e:b4:79:8f:b4:b5:28:09:d5:
24:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:3E:65:D7:32:63:5B:20:6A:E8:3E:FD:FE:0A:3A:24:A0:C2:37:30
X509v3 Authority Key Identifier:
keyid:1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/WD5l1zJjWyBq6D79_go6JKDCNzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/GrXCK_U7cFx6K7JzunPj8MBZW3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.196.0/22
185.128.112.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:6c:ae:d1:9f:e2:82:b1:0e:c0:fb:9c:e7:a3:26:39:1b:79:
18:91:29:bc:5d:0d:78:53:f0:d0:8e:30:50:96:b7:8b:e7:a2:
64:71:1a:d5:74:5f:b3:53:50:fd:70:72:58:7f:49:f0:29:29:
65:90:e4:4b:91:af:b7:64:1a:60:ea:33:89:97:53:0d:30:5e:
72:7f:f2:a7:7e:ca:b7:fd:d5:1c:a5:4f:5e:ac:1f:bd:ec:21:
e1:a9:64:d1:b9:af:ae:1e:23:19:07:97:cd:3d:c9:11:be:d9:
02:81:d5:5b:fa:62:01:3b:74:fc:4c:16:9b:d2:7b:1c:cd:f4:
af:57:ef:77:fb:5c:3b:30:80:b9:c5:8d:40:f4:cb:48:9d:98:
3c:25:19:1d:1f:47:e2:8d:95:b5:55:f1:4e:5e:6e:39:a7:2a:
1f:2e:6c:5d:44:a7:53:4b:8a:6a:a4:63:da:f3:0b:76:63:5c:
58:82:39:a9:50:0b:a8:7f:74:2b:51:72:20:84:51:4a:d4:74:
aa:f1:84:d0:e9:e0:62:da:44:36:d1:8a:64:54:64:90:c0:43:
29:f6:42:5a:38:a1:7b:a6:ca:98:08:c8:34:61:6c:a0:fb:c4:
62:58:3b:0a:b2:af:f1:84:81:3f:38:e6:4d:73:8b:85:12:4a:
c6:43:ec:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrmrqWAt3qIGnxTkrRk45P2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjVjMjJiZjUzYjcwNWM3YTJiYjI3M2JhNzNlM2YwYzA1
OTViN2IwHhcNMjMwOTMwMTUyMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODNlNjVkNzMyNjM1YjIwNmFlODNlZmRmZTBhM2EyNGEwYzIzNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQkdEYXIRmsIAcylpeLtn+r9NgdX
iQAOgjrrXxnO6yEJQNctdy/aOARfhbGNXt9d+4aRraDj7JzzmOjR0/QmWzqZ8gJW
+9mwoNS/vlsQ0oyssZ/Z9eo9f3c+lpsh1jW1Fi2+akrWiSwmQmW9lPiZVTb1dGYJ
+1bpKiPOxXNPU04MaVn1V8DpXaxyNhTGwPzFW2xH05Fzj9SFZWAkoZsaeEapnmne
5SZIUwi4Z3EMHjfUJWEdgBE0CaTuCaNhSpyfy0Bhk9osQ5wRYjjpCqERwsuoEeD4
/ZpKG3aDyGsVvVzn5E6c2sgZcOKtzX6VQppMf0AZ7uR+tHmPtLUoCdUkDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFg+ZdcyY1sgaug+/f4KOiSgwjcwMB8GA1UdIwQY
MBaAFBq1wiv1O3Bceiuyc7pz4/DAWVt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JYQ0tfVTdjRng2SzdKenVuUGo4TUJaVzNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83YzhiZjQtNmFiNi00MTk5LWIzYTct
YjRiMWY2Zjk4YTkwLzEvV0Q1bDF6SmpXeUJxNkQ3OV9nbzZKS0RDTnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83YzhiZjQtNmFiNi00MTk5LWIzYTctYjRiMWY2Zjk4YTkw
LzEvR3JYQ0tfVTdjRng2SzdKenVuUGo4TUJaVzNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYPEAwQC
uYBwMA0GCSqGSIb3DQEBCwUAA4IBAQC2bK7Rn+KCsQ7A+5znoyY5G3kYkSm8XQ14
U/DQjjBQlreL56JkcRrVdF+zU1D9cHJYf0nwKSllkORLka+3ZBpg6jOJl1MNMF5y
f/Knfsq3/dUcpU9erB+97CHhqWTRua+uHiMZB5fNPckRvtkCgdVb+mIBO3T8TBab
0nsczfSvV+93+1w7MIC5xY1A9MtInZg8JRkdH0fijZW1VfFOXm45pyofLmxdRKdT
S4pqpGPa8wt2Y1xYgjmpUAuof3QrUXIghFFK1HSq8YTQ6eBi2kQ20YpkVGSQwEMp
9kJaOKF7psqYCMg0YWyg+8RiWDsKsq/xhIE/OOZNc4uFEkrGQ+wf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:03 2024 by rpki-client on console-ams.rpki-client.org