Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa
File: gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa (raw, json)
Hash identifier: ihLpsFXP5uvDrTCY76pQ2cz2HiPUdX3KZ1QUTWG0+1A=
Subject key identifier: 83:34:95:81:B9:EA:06:91:AE:D9:05:02:ED:68:BC:73:5D:4C:DD:58
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018BCCC139AE8183084C1B265261EBAB6E1D
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa
Signing time: Tue 14 Nov 2023 07:34:57 +0000
ROA not before: Tue 14 Nov 2023 07:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 188.191.98.0/24 maxlen: 24
91.225.227.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:c1:39:ae:81:83:08:4c:1b:26:52:61:eb:ab:6e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Nov 14 07:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83349581b9ea0691aed90502ed68bc735d4cdd58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a4:5e:6d:aa:d1:70:e0:67:23:5d:52:a6:f4:
59:52:06:7c:60:77:48:72:cc:d6:28:f3:a9:e1:7b:
54:a0:bd:0b:7f:77:f7:09:51:5f:ba:53:8a:19:09:
7d:7b:84:ed:83:b2:37:0e:b2:e0:d2:f0:3a:e7:76:
db:a6:3c:2c:56:8b:04:b8:42:bf:33:1a:61:4c:6a:
e4:92:53:79:96:90:c8:a2:09:7d:e8:46:77:c6:cf:
32:be:98:57:47:d9:e0:b7:d3:74:97:4b:f3:e9:47:
1f:e4:c1:80:3d:56:0b:9e:14:0a:2a:32:d7:b9:e9:
42:35:59:61:4a:98:3f:70:de:98:fb:59:87:1c:c5:
d0:12:c8:8f:0c:05:bc:aa:f7:04:46:3b:bc:2b:a4:
8e:3e:c2:bc:72:31:27:fa:19:f8:70:60:3c:04:b0:
c5:e2:a0:35:ac:0d:01:b8:4e:75:a7:41:1b:20:21:
ac:e2:ee:a4:73:2a:63:8d:64:d5:7a:fa:24:50:3d:
1d:98:ac:20:57:a8:28:ec:40:43:73:47:f6:f3:03:
d0:3a:0c:f1:46:72:f3:ab:11:81:6b:71:e9:da:a7:
8f:14:6f:98:d1:87:10:7d:14:01:44:59:70:fe:d9:
9b:78:0f:a3:05:b9:d1:47:8a:0e:55:db:59:c9:8a:
28:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:34:95:81:B9:EA:06:91:AE:D9:05:02:ED:68:BC:73:5D:4C:DD:58
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/gzSVgbnqBpGu2QUC7Wi8c11M3Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.226.0/23
188.191.98.0/24
188.191.101.0/24
188.191.103.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
48:5a:fa:19:b5:8e:3b:aa:26:4a:2c:6a:f9:54:cd:3a:5d:71:
3c:37:1c:b3:5e:69:1d:b1:97:b4:64:ac:c5:d5:53:e2:5c:c5:
ae:bd:93:5b:3e:21:55:f2:a9:97:31:7f:7d:74:d3:81:50:d2:
ee:ce:09:eb:1c:34:93:88:9a:49:07:36:6b:78:5d:e2:e0:46:
51:2c:7d:ac:fe:af:78:6b:7a:01:55:6d:91:e1:7b:59:df:6a:
5f:a3:0d:d0:20:21:cc:a7:0a:d4:30:aa:80:58:c5:f5:d3:fb:
e5:3e:0b:1e:f1:2c:d5:6d:03:38:63:45:b4:76:ae:02:b3:b3:
5b:e0:cb:c8:7e:33:0f:bb:ad:47:02:da:cd:b2:5e:0e:3e:ab:
64:5d:82:44:9e:d2:c8:07:bf:90:e2:cc:58:7a:75:4b:e9:91:
16:5b:27:55:63:5e:6a:89:72:34:a1:ad:62:7d:92:ce:6d:71:
62:f5:6c:29:93:1e:be:5d:9f:c9:93:cf:e3:a4:ba:7c:f3:e8:
19:80:7f:a3:cc:fe:c9:82:c2:c2:42:8f:db:c7:8a:f5:59:22:
3a:c5:31:6d:f1:06:55:1f:17:ad:41:97:c5:d8:a5:cf:48:11:
7d:c0:b3:ed:35:10:c7:cb:d9:b0:42:a9:0f:8e:0f:2d:81:ab:
8b:94:98:6f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYvMwTmugYMITBsmUmHrq24dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMxMTE0MDczNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM0OTU4MWI5ZWEwNjkxYWVkOTA1MDJlZDY4YmM3MzVkNGNkZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aRebarRcOBnI11SpvRZUgZ8YHdI
cszWKPOp4XtUoL0Lf3f3CVFfulOKGQl9e4Ttg7I3DrLg0vA653bbpjwsVosEuEK/
MxphTGrkklN5lpDIogl96EZ3xs8yvphXR9ngt9N0l0vz6Ucf5MGAPVYLnhQKKjLX
uelCNVlhSpg/cN6Y+1mHHMXQEsiPDAW8qvcERju8K6SOPsK8cjEn+hn4cGA8BLDF
4qA1rA0BuE51p0EbICGs4u6kcypjjWTVevokUD0dmKwgV6go7EBDc0f28wPQOgzx
RnLzqxGBa3Hp2qePFG+Y0YcQfRQBRFlw/tmbeA+jBbnRR4oOVdtZyYooaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIM0lYG56gaRrtkFAu1ovHNdTN1YMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvZ3pTVmdibnFCcEd1MlFVQzdXaThjMTFNM1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBW+HiAwQA
vL9iAwQAvL9lAwQAvL9nMAwDBAC8v20DBAC8v24wDQYJKoZIhvcNAQELBQADggEB
AEha+hm1jjuqJkosavlUzTpdcTw3HLNeaR2xl7RkrMXVU+Jcxa69k1s+IVXyqZcx
f31004FQ0u7OCescNJOImkkHNmt4XeLgRlEsfaz+r3hregFVbZHhe1nfal+jDdAg
IcynCtQwqoBYxfXT++U+Cx7xLNVtAzhjRbR2rgKzs1vgy8h+Mw+7rUcC2s2yXg4+
q2RdgkSe0sgHv5DizFh6dUvpkRZbJ1VjXmqJcjShrWJ9ks5tcWL1bCmTHr5dn8mT
z+Okunzz6BmAf6PM/smCwsJCj9vHivVZIjrFMW3xBlUfF61Bl8XYpc9IEX3As+01
EMfL2bBCqQ+ODy2Bq4uUmG8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org