Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/GJo9cYU1xYU1RmStaZbNkcS3aVU.roa
File: GJo9cYU1xYU1RmStaZbNkcS3aVU.roa (raw, json)
Hash identifier: bEhZME+PYezkheKEgMxzKBVlCx5oMnLVumhYs2CzXks=
Subject key identifier: 18:9A:3D:71:85:35:C5:85:35:46:64:AD:69:96:CD:91:C4:B7:69:55
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018D0C1380B37861345BDA015AA1B20D9315
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/GJo9cYU1xYU1RmStaZbNkcS3aVU.roa
Signing time: Mon 15 Jan 2024 07:43:41 +0000
ROA not before: Mon 15 Jan 2024 07:43:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 188.191.98.0/24 maxlen: 24
91.225.227.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.100.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 16:43:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:13:80:b3:78:61:34:5b:da:01:5a:a1:b2:0d:93:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 15 07:43:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=189a3d718535c585354664ad6996cd91c4b76955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e8:44:50:cc:e4:f3:e9:95:1c:2e:1b:ce:39:
5d:f7:f2:5f:32:a9:ed:7e:f7:10:88:38:55:df:a8:
82:36:02:d8:27:6d:24:f6:2e:c6:f4:d8:2d:cd:77:
6a:3f:de:2b:f1:a8:8f:79:66:38:18:cf:e7:0a:f0:
cb:6d:2a:b1:e2:7f:9d:66:8b:79:bb:18:ef:00:79:
0b:1e:7b:c2:6d:83:0f:dc:ff:e7:c3:98:f1:5e:67:
a4:c4:94:3a:d1:de:58:0e:74:fc:17:70:6b:1a:e5:
a7:da:a7:af:5e:c9:58:2a:e8:2b:4b:a2:4c:67:90:
e2:fe:f4:c5:9e:a7:c9:3f:6c:87:04:53:0c:1a:54:
44:dd:b7:24:e3:27:70:4f:73:00:3d:2e:4e:de:da:
13:f2:70:1d:a4:1b:3d:2b:1e:0e:21:ae:22:6b:de:
5a:d1:94:e1:37:ac:8c:19:10:87:30:68:82:2a:01:
fb:08:5e:87:32:ff:bc:d0:82:12:8e:f6:a1:99:56:
24:bc:6a:9e:55:db:a0:44:12:74:49:4b:90:e1:20:
c4:b4:c3:b2:36:c2:7e:cc:4e:4c:c1:58:15:77:7f:
15:01:0d:30:32:0c:f1:df:2e:ee:3c:b9:c7:11:3d:
88:4d:3f:5e:81:99:23:49:d7:14:24:8d:3e:7e:9a:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9A:3D:71:85:35:C5:85:35:46:64:AD:69:96:CD:91:C4:B7:69:55
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/GJo9cYU1xYU1RmStaZbNkcS3aVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.226.0/23
188.191.98.0/24
188.191.100.0/23
188.191.103.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
17:b4:aa:4f:2a:40:28:ff:e9:69:f8:ba:ed:04:e0:d7:d2:e2:
e4:8b:6d:13:9b:66:9e:28:2d:2a:89:cc:f5:eb:57:01:66:24:
d8:bb:3d:cb:b5:0a:46:42:10:3c:c5:80:67:0f:1e:5b:8f:e5:
4b:f2:ef:48:bb:f4:17:36:aa:bc:18:fb:a7:83:f1:e0:37:a0:
01:bd:27:47:d3:12:a4:21:55:62:f2:9f:46:07:56:82:46:12:
9c:0d:38:50:61:21:39:46:60:67:98:a2:a9:31:79:a0:19:4c:
86:61:e3:5c:88:c6:25:fd:46:11:39:86:ec:d9:60:c6:1d:a3:
47:83:2a:ba:ca:51:c4:ce:bc:25:0f:fa:24:db:f4:af:9f:a6:
09:5e:50:85:73:db:c4:82:1b:d9:29:7c:ed:85:02:c7:84:32:
d6:a6:6a:d8:89:fc:5d:0e:42:65:9b:95:c3:41:be:cb:2b:c1:
af:d5:95:6d:4f:bc:0c:83:bb:55:00:cd:cb:d7:fd:eb:e9:17:
1c:dc:f0:a6:ac:6a:3f:5d:c9:51:1e:33:cd:57:2d:2d:23:10:
2a:fb:2d:b7:38:6b:8a:1b:27:23:05:5f:29:20:a0:78:db:0e:
22:5c:d4:d9:e2:c7:05:30:a8:4c:83:72:97:e8:68:13:a1:c0:
d4:cf:3f:2c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0ME4CzeGE0W9oBWqGyDZMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTE1MDc0MzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODlhM2Q3MTg1MzVjNTg1MzU0NjY0YWQ2OTk2Y2Q5MWM0Yjc2OTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+hEUMzk8+mVHC4bzjld9/JfMqnt
fvcQiDhV36iCNgLYJ20k9i7G9NgtzXdqP94r8aiPeWY4GM/nCvDLbSqx4n+dZot5
uxjvAHkLHnvCbYMP3P/nw5jxXmekxJQ60d5YDnT8F3BrGuWn2qevXslYKugrS6JM
Z5Di/vTFnqfJP2yHBFMMGlRE3bck4ydwT3MAPS5O3toT8nAdpBs9Kx4OIa4ia95a
0ZThN6yMGRCHMGiCKgH7CF6HMv+80IISjvahmVYkvGqeVdugRBJ0SUuQ4SDEtMOy
NsJ+zE5MwVgVd38VAQ0wMgzx3y7uPLnHET2ITT9egZkjSdcUJI0+fpqVQQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBiaPXGFNcWFNUZkrWmWzZHEt2lVMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvR0pvOWNZVTF4WVUxUm1TdGFaYk5rY1MzYVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBW+HiAwQA
vL9iAwQBvL9kAwQAvL9nMAwDBAC8v20DBAC8v24wDQYJKoZIhvcNAQELBQADggEB
ABe0qk8qQCj/6Wn4uu0E4NfS4uSLbRObZp4oLSqJzPXrVwFmJNi7Pcu1CkZCEDzF
gGcPHluP5Uvy70i79Bc2qrwY+6eD8eA3oAG9J0fTEqQhVWLyn0YHVoJGEpwNOFBh
ITlGYGeYoqkxeaAZTIZh41yIxiX9RhE5huzZYMYdo0eDKrrKUcTOvCUP+iTb9K+f
pgleUIVz28SCG9kpfO2FAseEMtamatiJ/F0OQmWblcNBvssrwa/VlW1PvAyDu1UA
zcvX/evpFxzc8Kasaj9dyVEeM81XLS0jECr7Lbc4a4obJyMFXykgoHjbDiJc1Nni
xwUwqEyDcpfoaBOhwNTPPyw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org