Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/GSho5qoeN09MCDf0-zTlZUxOq88.roa
File: GSho5qoeN09MCDf0-zTlZUxOq88.roa (raw, json)
Hash identifier: kMiDEl1JF+nFDMmnn6Z1eE5h0FgBzKk9KupQs+/zd84=
Subject key identifier: 19:28:68:E6:AA:1E:37:4F:4C:08:37:F4:FB:34:E5:65:4C:4E:AB:CF
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018D7EC6D1990EE9C15102AB45F5DCE822AD
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/GSho5qoeN09MCDf0-zTlZUxOq88.roa
Signing time: Tue 06 Feb 2024 14:16:15 +0000
ROA not before: Tue 06 Feb 2024 14:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.103.120.0/21 maxlen: 24
95.111.128.0/20 maxlen: 20
95.111.144.0/20 maxlen: 20
171.22.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 12:07:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:c6:d1:99:0e:e9:c1:51:02:ab:45:f5:dc:e8:22:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 6 14:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=192868e6aa1e374f4c0837f4fb34e5654c4eabcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4e:27:e2:04:05:4a:c4:56:ac:8d:9f:6e:91:
48:1c:c6:f1:12:7b:34:59:5e:1b:88:33:70:16:f0:
56:23:f4:f1:30:1e:6e:37:3d:6a:db:ba:6f:19:50:
f7:48:7e:59:f1:d3:f5:a8:1f:6d:f1:94:b8:10:87:
63:ae:ae:f9:3a:62:b5:ae:ee:e8:15:b1:df:3d:58:
f2:ab:89:6c:d1:70:16:b4:85:c0:b6:a2:05:47:28:
f1:ab:42:c4:ae:76:7d:99:d0:1f:40:d7:0c:6e:dd:
43:4f:a0:1f:0f:98:75:b1:5c:2c:32:fa:95:c9:df:
07:e1:c6:76:c1:45:d0:2f:3b:34:20:ad:77:d2:57:
89:cb:f9:73:7c:1d:28:03:cb:17:4b:9e:a5:4a:57:
43:e1:3f:f0:89:94:b9:e6:8f:29:1a:1b:f9:bf:f9:
7a:a8:23:00:8f:be:5a:f1:08:a6:36:54:6e:01:fd:
04:3f:33:f8:11:49:d1:34:89:4d:41:39:66:ef:77:
d5:63:d3:84:3a:1c:af:4c:f5:18:25:62:36:af:52:
8f:aa:df:ab:af:ee:0a:a1:e1:4c:ac:4c:f3:03:06:
c6:28:a8:3b:d0:90:56:9e:58:26:83:0c:a9:7c:98:
15:3e:57:15:3a:16:35:cc:b9:28:bb:0a:2e:a3:09:
f5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:28:68:E6:AA:1E:37:4F:4C:08:37:F4:FB:34:E5:65:4C:4E:AB:CF
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/GSho5qoeN09MCDf0-zTlZUxOq88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/19
171.22.144.0/24
Signature Algorithm: sha256WithRSAEncryption
65:00:1d:8c:15:4a:bb:37:aa:f2:db:b2:60:c0:16:28:58:0d:
25:b1:81:2a:16:69:57:79:09:9f:8d:55:41:bc:09:5f:e4:b2:
ba:db:ac:11:58:29:6a:dc:fa:9e:f6:51:01:53:86:61:e0:3b:
cc:12:e9:61:b1:4d:2a:ea:ee:b9:22:9a:17:71:22:89:1f:4d:
5d:19:0a:12:d0:48:c6:61:67:79:f8:37:3c:60:3d:a0:eb:69:
d8:08:8c:19:58:8b:08:e6:25:d1:2b:9e:dc:c9:eb:f9:17:7f:
d7:18:5f:3f:35:88:6d:bc:cb:9d:30:c7:9f:89:e1:8c:aa:d0:
89:fa:52:62:78:ba:0e:17:86:6c:8f:b7:2b:d8:ca:ea:79:61:
56:2b:b4:bb:73:98:53:7a:bb:f1:f8:f8:e0:a8:41:ce:64:87:
05:7b:2c:77:18:c6:0c:77:fe:68:11:f3:bd:44:f2:c8:45:45:
fc:f5:6f:45:f9:d1:47:02:6f:ea:ab:b8:05:9f:aa:a6:3c:39:
44:b7:a9:12:45:c3:c6:4d:a8:fa:01:e6:44:75:f3:a1:d6:ec:
e0:63:e2:7d:8c:70:98:ba:cf:f9:df:60:39:06:72:2e:5e:0f:
36:63:fe:a9:3f:3c:d3:1f:eb:02:c3:1c:c2:25:d0:70:9a:5b:
c2:da:15:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1+xtGZDunBUQKrRfXc6CKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjQwMjA2MTQxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTI4NjhlNmFhMWUzNzRmNGMwODM3ZjRmYjM0ZTU2NTRjNGVhYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk4n4gQFSsRWrI2fbpFIHMbxEns0
WV4biDNwFvBWI/TxMB5uNz1q27pvGVD3SH5Z8dP1qB9t8ZS4EIdjrq75OmK1ru7o
FbHfPVjyq4ls0XAWtIXAtqIFRyjxq0LErnZ9mdAfQNcMbt1DT6AfD5h1sVwsMvqV
yd8H4cZ2wUXQLzs0IK130leJy/lzfB0oA8sXS56lSldD4T/wiZS55o8pGhv5v/l6
qCMAj75a8QimNlRuAf0EPzP4EUnRNIlNQTlm73fVY9OEOhyvTPUYJWI2r1KPqt+r
r+4KoeFMrEzzAwbGKKg70JBWnlgmgwypfJgVPlcVOhY1zLkouwouown1vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBkoaOaqHjdPTAg39Ps05WVMTqvPMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvR1NobzVxb2VOMDlNQ0RmMC16VGxaVXhPcTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW2d4AwQF
X2+AAwQAqxaQMA0GCSqGSIb3DQEBCwUAA4IBAQBlAB2MFUq7N6ry27JgwBYoWA0l
sYEqFmlXeQmfjVVBvAlf5LK626wRWClq3Pqe9lEBU4Zh4DvMEulhsU0q6u65IpoX
cSKJH01dGQoS0EjGYWd5+Dc8YD2g62nYCIwZWIsI5iXRK57cyev5F3/XGF8/NYht
vMudMMefieGMqtCJ+lJieLoOF4Zsj7cr2MrqeWFWK7S7c5hTervx+PjgqEHOZIcF
eyx3GMYMd/5oEfO9RPLIRUX89W9F+dFHAm/qq7gFn6qmPDlEt6kSRcPGTaj6AeZE
dfOh1uzgY+J9jHCYus/532A5BnIuXg82Y/6pPzzTH+sCwxzCJdBwmlvC2hV5
-----END CERTIFICATE-----
Generated at Tue Apr 16 16:50:20 2024 by rpki-client on console-ams.rpki-client.org