Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/051f88-857c-4e4b-bd3d-f1b893887884/1/gcER4XnqK7B1dpCvzRRWwU6vcxY.roa
File: gcER4XnqK7B1dpCvzRRWwU6vcxY.roa (raw, json)
Hash identifier: Ag505WqdrzariQmiZ8OG7jC1NezTe0XJtLzx8MzZja4=
Subject key identifier: 81:C1:11:E1:79:EA:2B:B0:75:76:90:AF:CD:14:56:C1:4E:AF:73:16
Certificate issuer: /CN=fb0aee0e1bf8212c0225e785b394f0416bb32bb7
Certificate serial: 01856B9C6BC19B499633C6B5CD27EC12D30C
Authority key identifier: FB:0A:EE:0E:1B:F8:21:2C:02:25:E7:85:B3:94:F0:41:6B:B3:2B:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wruDhv4ISwCJeeFs5TwQWuzK7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/051f88-857c-4e4b-bd3d-f1b893887884/1/gcER4XnqK7B1dpCvzRRWwU6vcxY.roa
Signing time: Sun 01 Jan 2023 04:34:51 +0000
ROA not before: Sun 01 Jan 2023 04:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212629
IP address blocks: 185.145.108.0/22 maxlen: 22
2a07:48c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:6b:c1:9b:49:96:33:c6:b5:cd:27:ec:12:d3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb0aee0e1bf8212c0225e785b394f0416bb32bb7
Validity
Not Before: Jan 1 04:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81c111e179ea2bb0757690afcd1456c14eaf7316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:13:d6:f5:8d:9b:d6:3d:a8:08:06:12:4c:7f:
71:97:c1:34:b6:4c:6f:46:80:be:78:33:5e:f8:28:
3a:a2:1e:6d:52:e2:f1:70:3c:8b:9c:b7:5d:d2:87:
89:4a:8a:17:86:70:b7:7c:50:26:1c:7c:05:2a:82:
20:83:14:9d:e3:f4:22:e3:99:1f:5f:a7:20:c7:81:
87:a6:c0:21:cf:56:68:71:f9:bf:b3:1f:34:e7:a7:
0d:b6:7b:d7:41:15:0e:0b:4f:80:16:ba:8c:2b:6d:
d8:6d:a3:25:45:0a:77:43:6d:c9:28:46:ea:46:bf:
0f:36:b2:33:fc:60:55:d2:fc:c8:fc:26:59:3f:1f:
00:6b:51:99:8c:1d:d3:c6:89:6f:c2:f7:38:d0:24:
61:f7:71:59:ba:ee:00:b5:69:79:d4:60:4e:0d:25:
30:9f:d6:61:fa:5f:eb:3a:49:08:40:93:19:81:eb:
92:4b:71:ff:7d:83:c0:2f:10:89:1d:36:3b:61:e5:
24:4b:e4:e0:a5:5e:f7:fb:ff:f9:ac:bd:6d:fa:d3:
85:73:fa:aa:26:34:54:3a:29:fb:61:d8:c2:4e:12:
9f:41:79:10:4b:25:87:34:c7:39:30:00:86:13:6d:
a7:66:76:a8:81:cc:33:aa:98:c9:0d:f7:0c:85:41:
db:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C1:11:E1:79:EA:2B:B0:75:76:90:AF:CD:14:56:C1:4E:AF:73:16
X509v3 Authority Key Identifier:
keyid:FB:0A:EE:0E:1B:F8:21:2C:02:25:E7:85:B3:94:F0:41:6B:B3:2B:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wruDhv4ISwCJeeFs5TwQWuzK7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/051f88-857c-4e4b-bd3d-f1b893887884/1/gcER4XnqK7B1dpCvzRRWwU6vcxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/051f88-857c-4e4b-bd3d-f1b893887884/1/1-wruDhv4ISwCJeeFs5TwQWuzK7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.108.0/22
IPv6:
2a07:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:72:98:99:48:fd:e2:83:04:0c:ca:8b:9b:29:17:10:47:34:
01:d7:29:e0:a3:9a:b1:b7:3d:74:d4:0c:1d:6b:37:13:ce:46:
ed:0d:3d:21:a7:83:e8:d3:36:72:43:bb:e7:92:41:52:bc:7a:
17:b7:55:04:78:91:f6:b2:ca:ae:fb:6b:f1:cd:99:ca:d1:16:
1d:35:71:44:72:59:f5:80:6d:f0:40:eb:8e:9b:69:37:35:af:
92:86:36:77:7d:6d:29:dd:1a:10:07:46:c1:c2:c6:0d:6a:3c:
bc:4c:e4:6e:da:ea:05:2f:22:9e:bd:92:a0:66:98:b3:8b:52:
10:ec:d5:f2:ec:2c:cb:36:07:a4:29:95:f5:8b:ad:1f:7e:85:
06:f5:5a:b9:d7:35:e0:06:7d:72:0b:f5:93:8f:d2:3e:d3:9c:
3b:0e:bb:55:0e:00:01:b6:9e:28:6f:44:5f:53:2b:ed:58:70:
fe:05:1d:f8:1d:fd:c1:b6:a7:0f:01:c8:6f:de:97:73:40:1a:
4d:1a:a2:10:0e:05:6f:8e:51:38:b8:0e:50:b3:40:fa:ad:d6:
80:62:24:7a:46:ba:cb:13:c6:f2:9c:bf:0b:49:52:65:cd:fd:
3a:d2:b1:66:88:32:59:61:04:7c:ed:84:ac:54:1e:9b:bd:05:
20:65:26:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrnGvBm0mWM8a1zSfsEtMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMGFlZTBlMWJmODIxMmMwMjI1ZTc4NWIzOTRmMDQxNmJi
MzJiYjcwHhcNMjMwMTAxMDQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWMxMTFlMTc5ZWEyYmIwNzU3NjkwYWZjZDE0NTZjMTRlYWY3MzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhPW9Y2b1j2oCAYSTH9xl8E0tkxv
RoC+eDNe+Cg6oh5tUuLxcDyLnLdd0oeJSooXhnC3fFAmHHwFKoIggxSd4/Qi45kf
X6cgx4GHpsAhz1Zocfm/sx8056cNtnvXQRUOC0+AFrqMK23YbaMlRQp3Q23JKEbq
Rr8PNrIz/GBV0vzI/CZZPx8Aa1GZjB3Txolvwvc40CRh93FZuu4AtWl51GBODSUw
n9Zh+l/rOkkIQJMZgeuSS3H/fYPALxCJHTY7YeUkS+TgpV73+//5rL1t+tOFc/qq
JjRUOin7YdjCThKfQXkQSyWHNMc5MACGE22nZnaogcwzqpjJDfcMhUHbfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIHBEeF56iuwdXaQr80UVsFOr3MWMB8GA1UdIwQY
MBaAFPsK7g4b+CEsAiXnhbOU8EFrsyu3MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13cnVEaHY0SVN3Q0plZUZzNVR3UVd1eks3Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvMDUxZjg4LTg1N2MtNGU0Yi1iZDNk
LWYxYjg5Mzg4Nzg4NC8xL2djRVI0WG5xSzdCMWRwQ3Z6UlJXd1U2dmN4WS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvMDUxZjg4LTg1N2MtNGU0Yi1iZDNkLWYxYjg5Mzg4Nzg4
NC8xLzEtd3J1RGh2NElTd0NKZWVGczVUd1FXdXpLN2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5kWww
DQQCAAIwBwMFAyoHSMAwDQYJKoZIhvcNAQELBQADggEBAC9ymJlI/eKDBAzKi5sp
FxBHNAHXKeCjmrG3PXTUDB1rNxPORu0NPSGng+jTNnJDu+eSQVK8ehe3VQR4kfay
yq77a/HNmcrRFh01cURyWfWAbfBA646baTc1r5KGNnd9bSndGhAHRsHCxg1qPLxM
5G7a6gUvIp69kqBmmLOLUhDs1fLsLMs2B6QplfWLrR9+hQb1WrnXNeAGfXIL9ZOP
0j7TnDsOu1UOAAG2nihvRF9TK+1YcP4FHfgd/cG2pw8ByG/el3NAGk0aohAOBW+O
UTi4DlCzQPqt1oBiJHpGussTxvKcvwtJUmXN/TrSsWaIMllhBHzthKxUHpu9BSBl
JuQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:19 2024 by rpki-client on console-ams.rpki-client.org