Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tx_GCwAUH7y6XgBdo3kufi5ycLE.roa
File: tx_GCwAUH7y6XgBdo3kufi5ycLE.roa (raw, json)
Hash identifier: 3bBlcuNRO/SuAmfmHvUvM9YKz0tCYfIbwqZWs38SrUQ=
Subject key identifier: B7:1F:C6:0B:00:14:1F:BC:BA:5E:00:5D:A3:79:2E:7E:2E:72:70:B1
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709542250F9E5D5AB0EDA2A101502085
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tx_GCwAUH7y6XgBdo3kufi5ycLE.roa
Signing time: Mon 02 Jan 2023 03:45:07 +0000
ROA not before: Mon 02 Jan 2023 03:45:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49442
IP address blocks: 95.47.120.0/23 maxlen: 23
93.171.0.0/23 maxlen: 24
95.46.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 08 Aug 2023 14:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:42:25:0f:9e:5d:5a:b0:ed:a2:a1:01:50:20:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b71fc60b00141fbcba5e005da3792e7e2e7270b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c1:8a:9c:a4:46:45:fd:df:8a:83:f7:18:8e:
d8:00:f2:a6:c9:93:78:f4:7b:e8:1f:eb:41:73:c0:
74:01:47:25:13:8e:cd:0d:d5:3c:50:00:09:4c:cb:
8f:f6:da:f8:92:83:0f:3b:90:8b:e0:e5:1c:4e:7c:
f3:62:3a:cd:80:14:4f:53:c8:f7:c4:03:75:79:a2:
05:1c:67:7b:68:78:0d:7d:77:75:21:21:6b:bd:c3:
78:5a:f1:b8:eb:b8:54:be:7e:02:ff:08:87:ef:63:
bb:3d:9b:c1:8f:e5:eb:33:26:97:6f:fe:dc:8b:9a:
3e:59:ab:cc:c5:37:a9:9b:95:be:9c:73:03:56:19:
cc:13:74:9c:5a:65:2f:30:bb:a1:d3:cc:7f:c4:a1:
dd:73:cb:15:b1:f0:8d:b6:28:51:33:89:51:a0:17:
33:e6:c8:6d:ef:8a:eb:1f:3b:b9:28:d5:f1:95:ab:
8a:27:8e:2d:0c:96:0d:07:51:e4:af:de:c9:bb:c0:
d6:b9:24:77:86:e8:14:6d:3f:d8:5b:5d:6d:1f:70:
f5:97:09:cf:fa:fc:78:f2:49:84:7f:9b:94:5c:81:
04:59:28:e7:b0:38:c4:32:3c:cb:65:28:d8:37:f0:
15:0a:a1:3f:66:65:6c:e6:c6:92:8f:7a:88:ec:19:
8b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1F:C6:0B:00:14:1F:BC:BA:5E:00:5D:A3:79:2E:7E:2E:72:70:B1
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tx_GCwAUH7y6XgBdo3kufi5ycLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.0.0/23
95.46.100.0/22
95.47.120.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:63:0c:56:20:25:b7:f0:a9:fc:1e:a3:8d:79:db:0c:f7:fe:
93:99:c1:5a:04:ce:3b:99:29:dc:a5:e0:bb:32:7f:cc:a3:8e:
c3:6c:e8:f0:83:a1:a1:fd:26:fc:c7:c5:7f:d7:84:97:db:30:
74:d2:a2:77:6c:47:e8:52:36:33:8c:61:6a:56:de:70:e9:99:
16:34:a7:63:8d:d0:37:f3:34:76:51:80:1a:da:6f:9b:84:c1:
97:51:18:85:8a:84:88:0d:8d:50:ba:59:f5:c5:ae:eb:91:59:
f0:76:ce:9c:37:c9:2c:47:60:ef:b9:81:c3:4f:2c:7a:90:83:
0b:38:4f:56:77:e6:67:63:a2:e9:25:77:ea:29:0a:e0:1d:dd:
87:81:73:d6:87:69:03:a2:8a:88:9a:4b:46:d2:cc:8f:28:f6:
28:30:e8:97:02:73:d1:21:24:73:3e:57:6f:8e:d5:3d:b1:c6:
ef:b9:91:54:04:12:58:0b:21:4d:9b:31:f2:48:40:c7:09:16:
a3:16:60:23:97:c3:38:0c:3a:58:ce:20:67:04:43:54:79:9d:
fc:1b:e1:9b:9d:0c:53:88:16:58:6c:9a:73:6f:35:ab:b8:67:
3f:a5:09:a8:72:e6:c5:01:0d:df:2d:5b:72:2e:ad:b2:b4:3b:
b6:ca:ef:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlUIlD55dWrDtoqEBUCCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFmYzYwYjAwMTQxZmJjYmE1ZTAwNWRhMzc5MmU3ZTJlNzI3MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcGKnKRGRf3fioP3GI7YAPKmyZN4
9HvoH+tBc8B0AUclE47NDdU8UAAJTMuP9tr4koMPO5CL4OUcTnzzYjrNgBRPU8j3
xAN1eaIFHGd7aHgNfXd1ISFrvcN4WvG467hUvn4C/wiH72O7PZvBj+XrMyaXb/7c
i5o+WavMxTepm5W+nHMDVhnME3ScWmUvMLuh08x/xKHdc8sVsfCNtihRM4lRoBcz
5sht74rrHzu5KNXxlauKJ44tDJYNB1Hkr97Ju8DWuSR3hugUbT/YW11tH3D1lwnP
+vx48kmEf5uUXIEEWSjnsDjEMjzLZSjYN/AVCqE/ZmVs5saSj3qI7BmL8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLcfxgsAFB+8ul4AXaN5Ln4ucnCxMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdHhfR0N3QVVIN3k2WGdCZG8za3VmaTV5Y0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXasAAwQC
Xy5kAwQBXy94MA0GCSqGSIb3DQEBCwUAA4IBAQCuYwxWICW38Kn8HqONedsM9/6T
mcFaBM47mSncpeC7Mn/Mo47DbOjwg6Gh/Sb8x8V/14SX2zB00qJ3bEfoUjYzjGFq
Vt5w6ZkWNKdjjdA38zR2UYAa2m+bhMGXURiFioSIDY1Quln1xa7rkVnwds6cN8ks
R2DvuYHDTyx6kIMLOE9Wd+ZnY6LpJXfqKQrgHd2HgXPWh2kDooqImktG0syPKPYo
MOiXAnPRISRzPldvjtU9scbvuZFUBBJYCyFNmzHySEDHCRajFmAjl8M4DDpYziBn
BENUeZ38G+GbnQxTiBZYbJpzbzWruGc/pQmocubFAQ3fLVtyLq2ytDu2yu8w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:38 2024 by rpki-client on console-fra.rpki-client.org