Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/GoaStji4pEfEKaPz6MzfFmYXrA8.roa
File: GoaStji4pEfEKaPz6MzfFmYXrA8.roa (raw, json)
Hash identifier: N2V10I8RkVVBCij2ouoQI0C66l5js1A+USyh/Cz3QfU=
Subject key identifier: 1A:86:92:B6:38:B8:A4:47:C4:29:A3:F3:E8:CC:DF:16:66:17:AC:0F
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A9303BC81172A2A325D8FC26EF4ED7797
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/GoaStji4pEfEKaPz6MzfFmYXrA8.roa
Signing time: Thu 14 Sep 2023 09:26:50 +0000
ROA not before: Thu 14 Sep 2023 09:26:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202
IP address blocks: 185.148.224.0/23 maxlen: 24
109.234.0.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 12:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:03:bc:81:17:2a:2a:32:5d:8f:c2:6e:f4:ed:77:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 14 09:26:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a8692b638b8a447c429a3f3e8ccdf166617ac0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:49:2d:72:6d:67:cb:84:0c:fb:2b:79:6e:b0:
34:6a:9c:83:8a:81:57:27:19:0f:48:38:fa:11:2e:
e6:90:6f:d2:77:9b:28:4d:b0:96:59:24:cb:aa:d8:
67:64:b1:4b:8f:65:03:17:bf:1e:2b:e9:f4:5c:c3:
03:5f:ef:51:f1:99:87:01:50:36:7d:91:ba:dc:6f:
a0:34:cf:e9:16:d1:7e:63:9a:9d:33:f2:15:ef:7e:
d8:74:e9:d3:b0:a1:78:2e:41:5c:8e:e7:3c:e9:03:
04:b0:07:d7:d7:65:ce:eb:4f:d2:1b:a7:fb:bf:7a:
8c:a7:4c:2c:a6:26:3b:b2:9e:22:9b:d1:60:9e:7a:
fe:cf:5a:d0:97:c9:24:d7:4f:29:5b:e2:77:92:c4:
d4:88:24:65:a3:63:58:2b:79:25:d6:13:83:df:a7:
2a:ca:39:9a:46:81:16:80:f6:18:b5:f8:1f:dc:73:
ef:d1:c6:85:1f:81:df:0f:cb:b4:a2:34:d8:ef:70:
69:20:05:00:83:68:f8:5c:2d:ec:67:85:a6:fd:e8:
84:7b:da:b4:19:e2:bb:19:f5:18:f8:17:78:3f:17:
43:32:55:7f:a8:84:30:5a:39:45:1f:fc:4e:88:04:
0c:38:18:39:47:58:83:34:b0:c3:c7:53:3a:32:d5:
ce:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:86:92:B6:38:B8:A4:47:C4:29:A3:F3:E8:CC:DF:16:66:17:AC:0F
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/GoaStji4pEfEKaPz6MzfFmYXrA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.0.0/21
185.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
72:bb:a7:b7:85:46:f4:d5:9c:29:26:ec:78:6b:de:fb:27:ca:
7c:fe:b1:ae:1e:bb:26:f7:81:b6:6f:79:be:f0:f1:95:68:6e:
f9:d1:d7:16:5e:b9:1e:92:88:b5:48:2d:9e:ba:f0:25:b7:c4:
98:96:7d:fa:28:3b:f8:b6:69:ac:f6:e8:07:8b:8f:4f:c0:e2:
12:4f:7b:71:66:c6:fa:44:24:eb:82:a7:9a:6d:df:68:dd:12:
7c:bc:0d:c6:e6:95:57:07:84:d8:58:07:0d:c0:be:09:b4:1c:
0c:eb:1a:ab:ed:46:3e:fd:c5:31:20:08:7d:14:8e:46:03:49:
58:8e:9b:16:ce:6e:4f:b1:96:e6:c1:95:44:33:37:45:30:0d:
88:2b:df:8f:23:5e:a5:7f:d4:86:ad:03:4c:cd:18:af:16:66:
18:94:a6:4f:33:01:9e:18:79:83:a2:ed:5f:2e:16:dd:8f:79:
39:71:f7:a2:06:e7:cd:eb:92:81:6d:a5:4b:ac:00:d9:af:5f:
c7:98:ab:b9:10:a7:ab:d8:06:0e:0b:5a:b2:e7:c0:e0:84:e8:
1e:20:d6:01:de:4d:10:35:cb:c3:d4:4b:1f:d8:bc:36:f9:68:
2b:1e:a3:91:9e:bc:25:a9:2e:16:95:61:27:65:35:52:52:67:
19:fb:b6:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqTA7yBFyoqMl2Pwm707XeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTE0MDkyNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTg2OTJiNjM4YjhhNDQ3YzQyOWEzZjNlOGNjZGYxNjY2MTdhYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0ktcm1ny4QM+yt5brA0apyDioFX
JxkPSDj6ES7mkG/Sd5soTbCWWSTLqthnZLFLj2UDF78eK+n0XMMDX+9R8ZmHAVA2
fZG63G+gNM/pFtF+Y5qdM/IV737YdOnTsKF4LkFcjuc86QMEsAfX12XO60/SG6f7
v3qMp0wspiY7sp4im9Fgnnr+z1rQl8kk108pW+J3ksTUiCRlo2NYK3kl1hOD36cq
yjmaRoEWgPYYtfgf3HPv0caFH4HfD8u0ojTY73BpIAUAg2j4XC3sZ4Wm/eiEe9q0
GeK7GfUY+Bd4PxdDMlV/qIQwWjlFH/xOiAQMOBg5R1iDNLDDx1M6MtXOKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBqGkrY4uKRHxCmj8+jM3xZmF6wPMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvR29hU3RqaTRwRWZFS2FQejZNemZGbVlYckE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbeoAAwQB
uZTgMA0GCSqGSIb3DQEBCwUAA4IBAQByu6e3hUb01ZwpJux4a977J8p8/rGuHrsm
94G2b3m+8PGVaG750dcWXrkekoi1SC2euvAlt8SYln36KDv4tmms9ugHi49PwOIS
T3txZsb6RCTrgqeabd9o3RJ8vA3G5pVXB4TYWAcNwL4JtBwM6xqr7UY+/cUxIAh9
FI5GA0lYjpsWzm5PsZbmwZVEMzdFMA2IK9+PI16lf9SGrQNMzRivFmYYlKZPMwGe
GHmDou1fLhbdj3k5cfeiBufN65KBbaVLrADZr1/HmKu5EKer2AYOC1qy58DghOge
INYB3k0QNcvD1Esf2Lw2+WgrHqORnrwlqS4WlWEnZTVSUmcZ+7Zy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:51 2024 by rpki-client on console-ams.rpki-client.org