Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/gGDJT_FOhf6CzjONqKtachSbOMY.roa
File: gGDJT_FOhf6CzjONqKtachSbOMY.roa (raw, json)
Hash identifier: C+IpwL2tXa7PX5uKvdozg/dFLMoRI/kagFv0v9WuO10=
Subject key identifier: 80:60:C9:4F:F1:4E:85:FE:82:CE:33:8D:A8:AB:5A:72:14:9B:38:C6
Certificate issuer: /CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Certificate serial: 018AF0FEE706B355AD963F13ED6880D33299
Authority key identifier: 07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/gGDJT_FOhf6CzjONqKtachSbOMY.roa
Signing time: Mon 02 Oct 2023 15:25:51 +0000
ROA not before: Mon 02 Oct 2023 15:25:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34914
IP address blocks: 89.222.34.0/23 maxlen: 23
89.222.32.0/23 maxlen: 23
89.222.2.0/23 maxlen: 23
89.222.0.0/19 maxlen: 19
89.222.0.0/17 maxlen: 17
Validation: Failed, certificate revoked on Tue 03 Oct 2023 08:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:fe:e7:06:b3:55:ad:96:3f:13:ed:68:80:d3:32:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Validity
Not Before: Oct 2 15:25:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8060c94ff14e85fe82ce338da8ab5a72149b38c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:60:a9:96:98:47:08:96:5b:74:67:02:92:d1:
98:36:3e:ab:cf:6d:a1:70:70:e2:7b:bb:75:c3:e4:
70:4b:55:e6:dd:3c:0e:6b:a0:6c:58:fe:03:3a:8e:
db:5e:a4:48:d6:0e:d9:1f:b8:48:c7:be:44:85:70:
18:7f:ea:5a:3f:d1:48:22:c3:28:37:84:e1:f7:e7:
1a:b7:1b:6c:6c:2a:67:b0:2c:fe:0a:ec:24:ca:27:
d8:0f:47:30:58:19:04:1e:73:b6:77:d8:7a:1e:4a:
b9:6d:73:88:2a:3b:6d:67:3d:88:3b:03:80:f3:fb:
86:ab:52:45:67:4f:cd:39:99:71:3a:47:72:d6:7f:
0b:77:4f:2e:aa:6b:77:1b:05:a9:11:0b:38:a8:cb:
56:83:9f:9c:a7:a7:f5:c9:e4:0c:bb:14:03:07:c9:
30:db:e1:68:3e:c7:61:ae:da:96:ae:1a:c6:c6:61:
6c:a2:61:6a:11:bd:72:77:cc:17:50:c2:b0:da:d3:
f5:4e:b6:5c:c5:e0:46:6d:14:2f:de:6c:0c:b3:6f:
33:06:b0:46:0a:c0:b0:0a:4f:a8:6f:6b:d7:a4:2b:
b4:73:84:66:a4:78:6f:a4:25:cd:37:e5:be:71:26:
9a:a1:fc:2e:f2:c2:42:c1:f7:3c:ae:d9:73:e0:52:
c6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:60:C9:4F:F1:4E:85:FE:82:CE:33:8D:A8:AB:5A:72:14:9B:38:C6
X509v3 Authority Key Identifier:
keyid:07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/gGDJT_FOhf6CzjONqKtachSbOMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.222.0.0/17
Signature Algorithm: sha256WithRSAEncryption
7f:54:c9:ab:cd:20:b4:e4:fc:f3:e8:ea:67:53:05:9e:db:51:
8d:71:d7:2d:4f:25:ed:b4:14:6f:03:fe:de:31:c6:0b:93:15:
d8:9e:76:de:5f:5d:b5:45:ca:cd:42:00:a1:a4:16:4f:56:7d:
0a:34:cf:06:ef:34:7d:21:62:a2:d7:e1:b3:ae:65:30:5c:9f:
b5:ab:8e:24:53:8c:34:2e:19:c9:76:03:1a:5f:b1:42:3e:1f:
38:b1:20:76:f2:ee:f1:39:f3:3b:36:13:f6:7c:3a:d6:c4:88:
7d:2b:59:da:4d:b6:43:43:ff:54:cb:52:8d:93:65:e4:95:c7:
e6:ba:2e:d9:f3:9c:a4:09:d2:dc:92:e4:ee:73:60:6a:c3:cf:
b6:02:01:a9:e0:cc:4d:9b:84:16:15:76:73:25:d3:8d:60:be:
ee:40:a6:3b:bb:93:9c:1f:e2:5c:3e:62:7d:05:3d:65:7f:6c:
78:2c:41:5d:70:78:42:b4:9c:43:c7:06:95:6e:e1:f4:e2:66:
bd:24:06:11:bd:7d:8c:6a:39:45:bb:68:e9:70:b5:1d:66:03:
17:c9:55:1a:6d:98:f2:35:8e:df:9e:92:ca:49:cb:01:dd:5f:
db:65:43:a9:cc:47:25:10:60:05:5e:d9:fc:70:80:5b:6b:7f:
b6:3f:c5:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrw/ucGs1Wtlj8T7WiA0zKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTMyOTk5YzQ3ZWIzMWQ1ZmJmMTZlY2MzODcyZWFlZmQ0
M2JhZDcwHhcNMjMxMDAyMTUyNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDYwYzk0ZmYxNGU4NWZlODJjZTMzOGRhOGFiNWE3MjE0OWIzOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGCplphHCJZbdGcCktGYNj6rz22h
cHDie7t1w+RwS1Xm3TwOa6BsWP4DOo7bXqRI1g7ZH7hIx75EhXAYf+paP9FIIsMo
N4Th9+catxtsbCpnsCz+CuwkyifYD0cwWBkEHnO2d9h6Hkq5bXOIKjttZz2IOwOA
8/uGq1JFZ0/NOZlxOkdy1n8Ld08uqmt3GwWpEQs4qMtWg5+cp6f1yeQMuxQDB8kw
2+FoPsdhrtqWrhrGxmFsomFqEb1yd8wXUMKw2tP1TrZcxeBGbRQv3mwMs28zBrBG
CsCwCk+ob2vXpCu0c4RmpHhvpCXNN+W+cSaaofwu8sJCwfc8rtlz4FLGVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBgyU/xToX+gs4zjairWnIUmzjGMB8GA1UdIwQY
MBaAFAejKZnEfrMdX78W7MOHLq79Q7rXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzIt
MmZiMjk1OGFiOGJiLzEvZ0dESlRfRk9oZjZDempPTnFLdGFjaFNiT01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzItMmZiMjk1OGFiOGJi
LzEvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHWd4AMA0G
CSqGSIb3DQEBCwUAA4IBAQB/VMmrzSC05Pzz6OpnUwWe21GNcdctTyXttBRvA/7e
McYLkxXYnnbeX121RcrNQgChpBZPVn0KNM8G7zR9IWKi1+GzrmUwXJ+1q44kU4w0
LhnJdgMaX7FCPh84sSB28u7xOfM7NhP2fDrWxIh9K1naTbZDQ/9Uy1KNk2Xklcfm
ui7Z85ykCdLckuTuc2Bqw8+2AgGp4MxNm4QWFXZzJdONYL7uQKY7u5OcH+JcPmJ9
BT1lf2x4LEFdcHhCtJxDxwaVbuH04ma9JAYRvX2MajlFu2jpcLUdZgMXyVUabZjy
NY7fnpLKScsB3V/bZUOpzEclEGAFXtn8cIBba3+2P8Ue
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org