Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/GZ7KS0MHAc8NtcmmLVLcjs_B4Zc.roa
File: GZ7KS0MHAc8NtcmmLVLcjs_B4Zc.roa (raw, json)
Hash identifier: y6Peiz/sgOli1Zhb48jXs085G8Uah62TAaUuiQjc+Fg=
Subject key identifier: 19:9E:CA:4B:43:07:01:CF:0D:B5:C9:A6:2D:52:DC:8E:CF:C1:E1:97
Certificate issuer: /CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Certificate serial: 018996E660C7845B009CC096975C83A39495
Authority key identifier: D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/GZ7KS0MHAc8NtcmmLVLcjs_B4Zc.roa
Signing time: Thu 27 Jul 2023 10:30:27 +0000
ROA not before: Thu 27 Jul 2023 10:30:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201193
IP address blocks: 45.143.84.0/24 maxlen: 24
45.143.84.0/22 maxlen: 24
45.143.85.0/24 maxlen: 24
45.143.87.0/24 maxlen: 24
45.143.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:e6:60:c7:84:5b:00:9c:c0:96:97:5c:83:a3:94:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Validity
Not Before: Jul 27 10:30:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=199eca4b430701cf0db5c9a62d52dc8ecfc1e197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5a:2d:43:75:7a:95:e6:23:a8:16:90:d7:d3:
89:d1:0b:1f:6c:b5:16:ed:11:af:18:4e:bb:07:ad:
78:67:f9:49:b7:90:51:67:49:33:fd:c9:62:08:14:
29:f0:d9:0c:55:33:42:27:4b:8b:e7:69:20:17:52:
bb:4b:98:df:09:8a:67:bd:a7:c1:08:11:16:56:a4:
c4:64:f0:4c:b5:59:3d:95:a1:99:9c:75:6f:b1:de:
d7:d4:7e:14:5d:6f:ca:e1:bd:55:cc:f2:5b:ec:92:
8b:59:8b:dd:79:c2:8a:ec:58:b6:a3:4d:8e:1e:35:
7d:9b:de:a4:2b:5e:9c:da:68:5a:43:8a:62:7e:e0:
4a:3c:dd:7f:e8:aa:0b:7b:d8:1e:9c:61:56:7a:66:
f5:d6:e6:78:5f:b7:64:3b:09:f1:96:79:e8:7b:9d:
f2:c5:f7:2f:0a:3c:6a:de:7f:05:68:09:d8:3c:ea:
c1:bb:de:c7:ec:4e:9a:f4:7b:f2:65:6a:ab:19:93:
a8:d0:63:77:bd:b4:65:82:8f:d1:c6:c4:67:8e:3b:
67:6a:9e:51:ee:c1:54:a5:c0:a9:19:1a:1c:a8:eb:
75:f4:c8:e2:84:b1:69:b5:a0:c9:74:ba:29:f5:6d:
93:4e:ae:f6:68:6c:5e:1f:9b:15:1c:09:04:f5:50:
7a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:9E:CA:4B:43:07:01:CF:0D:B5:C9:A6:2D:52:DC:8E:CF:C1:E1:97
X509v3 Authority Key Identifier:
keyid:D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/GZ7KS0MHAc8NtcmmLVLcjs_B4Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.84.0/22
Signature Algorithm: sha256WithRSAEncryption
73:5d:46:82:63:b3:c7:f5:89:fb:14:5a:ed:18:41:46:45:87:
4e:dd:61:50:5f:b0:d1:ff:41:6f:cb:13:39:89:ac:76:02:11:
48:61:ea:7c:a3:41:60:ed:a1:b5:60:b4:28:d8:7d:0c:66:05:
21:23:f1:77:96:20:05:0e:46:c2:14:cd:b9:66:15:96:39:e8:
37:09:1a:6b:21:e2:fa:23:ea:c6:15:97:8e:ce:f5:fe:26:82:
82:cc:c2:89:c6:d7:19:22:13:37:99:7d:cd:3d:f6:a1:9a:b4:
0a:13:38:12:a8:e6:ca:10:d3:cf:87:74:c5:85:df:d7:b6:d0:
12:1f:7d:f7:bd:d2:7d:4e:95:4e:3a:66:7d:25:cc:b3:51:0d:
be:26:19:bf:5d:c1:ff:f8:d3:c3:76:1e:37:63:93:2a:a2:27:
4e:71:46:d4:4c:0f:e7:07:b1:35:61:d8:55:a9:e8:14:7a:99:
aa:6f:31:4f:33:d9:98:5e:d3:fc:2c:e8:1b:bb:41:7e:f6:55:
53:21:2d:35:fb:1b:60:ff:3e:1d:ee:d5:97:b2:39:9c:61:3a:
f1:33:a8:eb:5c:f9:7e:4c:29:4f:59:bb:64:92:ec:15:da:2c:
5e:c2:06:43:67:d9:2e:6f:8e:05:af:c2:82:2b:c5:5d:41:14:
42:f7:01:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmW5mDHhFsAnMCWl1yDo5SVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NDI4NGI5NDMyNWY1MDYwZjhhMGU4N2MxYmUyODI3Nzg4
ZjE4ZjkwHhcNMjMwNzI3MTAzMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTllY2E0YjQzMDcwMWNmMGRiNWM5YTYyZDUyZGM4ZWNmYzFlMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFotQ3V6leYjqBaQ19OJ0QsfbLUW
7RGvGE67B614Z/lJt5BRZ0kz/cliCBQp8NkMVTNCJ0uL52kgF1K7S5jfCYpnvafB
CBEWVqTEZPBMtVk9laGZnHVvsd7X1H4UXW/K4b1VzPJb7JKLWYvdecKK7Fi2o02O
HjV9m96kK16c2mhaQ4pifuBKPN1/6KoLe9genGFWemb11uZ4X7dkOwnxlnnoe53y
xfcvCjxq3n8FaAnYPOrBu97H7E6a9HvyZWqrGZOo0GN3vbRlgo/RxsRnjjtnap5R
7sFUpcCpGRocqOt19MjihLFptaDJdLop9W2TTq72aGxeH5sVHAkE9VB6KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmeyktDBwHPDbXJpi1S3I7PweGXMB8GA1UdIwQY
MBaAFNlChLlDJfUGD4oOh8G+KCd4jxj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQt
OTVkNTk0NjVlOWE4LzEvR1o3S1MwTUhBYzhOdGNtbUxWTGNqc19CNFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQtOTVkNTk0NjVlOWE4
LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY9UMA0G
CSqGSIb3DQEBCwUAA4IBAQBzXUaCY7PH9Yn7FFrtGEFGRYdO3WFQX7DR/0FvyxM5
iax2AhFIYep8o0Fg7aG1YLQo2H0MZgUhI/F3liAFDkbCFM25ZhWWOeg3CRprIeL6
I+rGFZeOzvX+JoKCzMKJxtcZIhM3mX3NPfahmrQKEzgSqObKENPPh3TFhd/XttAS
H333vdJ9TpVOOmZ9JcyzUQ2+Jhm/XcH/+NPDdh43Y5MqoidOcUbUTA/nB7E1YdhV
qegUepmqbzFPM9mYXtP8LOgbu0F+9lVTIS01+xtg/z4d7tWXsjmcYTrxM6jrXPl+
TClPWbtkkuwV2ixewgZDZ9kub44Fr8KCK8VdQRRC9wHv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:40 2024 by rpki-client on console-ams.rpki-client.org