Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/gCWRuDv50J458de0KEZH_WMPkRg.roa
File: gCWRuDv50J458de0KEZH_WMPkRg.roa (raw, json)
Hash identifier: RL6vEuxhkwOyeg2rdH5JRd96Od+emCCc+OPL+KUTQIE=
Subject key identifier: 80:25:91:B8:3B:F9:D0:9E:39:F1:D7:B4:28:46:47:FD:63:0F:91:18
Certificate issuer: /CN=adc8a9bbc2bc3a4c8bb876ccdd95fd865250b6db
Certificate serial: 018CC3B690CA02A271F22B8B1074196CEF09
Authority key identifier: AD:C8:A9:BB:C2:BC:3A:4C:8B:B8:76:CC:DD:95:FD:86:52:50:B6:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rcipu8K8OkyLuHbM3ZX9hlJQtts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/gCWRuDv50J458de0KEZH_WMPkRg.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 45.148.220.0/24 maxlen: 24
81.90.111.0/24 maxlen: 24
81.90.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 08:14:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:90:ca:02:a2:71:f2:2b:8b:10:74:19:6c:ef:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adc8a9bbc2bc3a4c8bb876ccdd95fd865250b6db
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=802591b83bf9d09e39f1d7b4284647fd630f9118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e2:15:1a:4a:c7:fd:29:4f:47:e6:fb:5e:6c:
35:13:a3:d9:a4:e7:91:20:8b:59:e1:f3:53:4a:d8:
85:cf:82:78:56:1a:e2:a8:cb:b6:c5:b2:ad:c7:02:
5c:1f:19:23:ea:84:4b:b9:b8:bf:3b:55:e4:6c:94:
23:5d:0a:1c:ca:42:9e:d8:f3:45:83:58:83:b4:cd:
9a:90:ea:56:de:cf:e3:a3:29:da:aa:d8:90:69:d0:
9d:bc:e6:e9:f0:e1:ba:3f:9c:57:2f:f6:01:d2:61:
1a:ae:2e:2a:65:7e:16:8b:d4:9f:e4:9a:d8:b2:47:
86:06:b6:68:98:a5:a2:31:3a:21:46:6a:08:ca:b8:
80:3c:54:e7:8e:f4:a4:65:9b:aa:c0:6d:0c:84:d1:
dd:07:65:2e:6b:47:0d:71:48:91:fa:05:78:f4:0e:
5e:25:dc:3d:38:57:25:c4:2e:fb:23:cb:c9:70:db:
a7:76:22:8b:d7:50:ad:80:72:17:6e:98:3e:bb:c8:
2a:c5:a9:40:7c:a0:fc:26:f3:20:d0:9d:7b:09:7d:
9a:50:78:3e:2a:68:85:82:a4:70:2f:20:4a:39:f5:
15:34:32:20:c5:11:09:ed:cc:9b:0a:3f:0d:02:48:
50:93:96:cf:3a:81:f9:57:72:9d:06:6d:50:0f:0b:
1c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:25:91:B8:3B:F9:D0:9E:39:F1:D7:B4:28:46:47:FD:63:0F:91:18
X509v3 Authority Key Identifier:
keyid:AD:C8:A9:BB:C2:BC:3A:4C:8B:B8:76:CC:DD:95:FD:86:52:50:B6:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rcipu8K8OkyLuHbM3ZX9hlJQtts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/gCWRuDv50J458de0KEZH_WMPkRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/rcipu8K8OkyLuHbM3ZX9hlJQtts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.220.0/24
81.90.110.0/23
Signature Algorithm: sha256WithRSAEncryption
02:47:f0:4d:97:6f:1c:f3:e7:49:3b:2d:8e:e7:56:c8:dc:14:
26:81:bc:41:2e:c9:25:21:ba:00:fb:42:f6:7e:1c:22:fa:50:
a3:2f:bb:b3:30:70:a1:d2:d5:cd:b3:be:96:f1:e4:fa:dd:71:
e8:15:69:1a:c4:c1:d4:76:18:06:76:c0:eb:7a:ac:e6:45:90:
23:93:ff:ca:a2:78:8c:ba:cf:b1:45:ea:5b:8a:31:8d:66:cc:
3b:6a:75:3d:11:71:e4:99:0c:20:b7:4d:bb:54:49:6c:fc:ff:
36:1a:28:55:ef:4e:3b:7d:24:97:91:e1:8e:f8:c8:77:30:71:
af:c0:d5:24:6c:6d:55:65:58:2e:1c:0d:8d:36:e3:14:8e:51:
be:6b:d5:d9:b2:a2:d1:e7:e4:fe:fa:b5:95:ee:ff:5a:87:ba:
e9:c6:3a:81:f6:7c:9b:bd:1b:7c:a2:ff:9d:71:31:e7:99:24:
47:99:70:e8:4c:f0:1a:ab:6c:8c:08:4e:d8:f3:76:ab:92:8f:
61:46:39:4d:e3:d1:30:41:60:ba:d0:36:4f:d5:f5:14:48:31:
9f:0f:70:27:15:84:44:e4:a7:33:f0:26:85:6e:33:ff:93:3a:
e1:f2:7c:da:ed:19:f4:c1:a8:cc:c2:7c:f3:9c:d6:3c:d1:b2:
a5:a4:52:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtpDKAqJx8iuLEHQZbO8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYzhhOWJiYzJiYzNhNGM4YmI4NzZjY2RkOTVmZDg2NTI1
MGI2ZGIwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDI1OTFiODNiZjlkMDllMzlmMWQ3YjQyODQ2NDdmZDYzMGY5MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleIVGkrH/SlPR+b7Xmw1E6PZpOeR
IItZ4fNTStiFz4J4VhriqMu2xbKtxwJcHxkj6oRLubi/O1XkbJQjXQocykKe2PNF
g1iDtM2akOpW3s/joynaqtiQadCdvObp8OG6P5xXL/YB0mEari4qZX4Wi9Sf5JrY
skeGBrZomKWiMTohRmoIyriAPFTnjvSkZZuqwG0MhNHdB2Uua0cNcUiR+gV49A5e
Jdw9OFclxC77I8vJcNundiKL11CtgHIXbpg+u8gqxalAfKD8JvMg0J17CX2aUHg+
KmiFgqRwLyBKOfUVNDIgxREJ7cybCj8NAkhQk5bPOoH5V3KdBm1QDwscBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIAlkbg7+dCeOfHXtChGR/1jD5EYMB8GA1UdIwQY
MBaAFK3IqbvCvDpMi7h2zN2V/YZSULbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmNpcHU4SzhPa3lMdUhiTTNaWDlobEpRdHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS84Njc3MmUtNWU2Yi00MDZjLThhOWUt
MTY1NGE4MGRiYzM2LzEvZ0NXUnVEdjUwSjQ1OGRlMEtFWkhfV01Qa1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS84Njc3MmUtNWU2Yi00MDZjLThhOWUtMTY1NGE4MGRiYzM2
LzEvcmNpcHU4SzhPa3lMdUhiTTNaWDlobEpRdHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZTcAwQB
UVpuMA0GCSqGSIb3DQEBCwUAA4IBAQACR/BNl28c8+dJOy2O51bI3BQmgbxBLskl
IboA+0L2fhwi+lCjL7uzMHCh0tXNs76W8eT63XHoFWkaxMHUdhgGdsDreqzmRZAj
k//KoniMus+xRepbijGNZsw7anU9EXHkmQwgt027VEls/P82GihV7047fSSXkeGO
+Mh3MHGvwNUkbG1VZVguHA2NNuMUjlG+a9XZsqLR5+T++rWV7v9ah7rpxjqB9nyb
vRt8ov+dcTHnmSRHmXDoTPAaq2yMCE7Y83arko9hRjlN49EwQWC60DZP1fUUSDGf
D3AnFYRE5Kcz8CaFbjP/kzrh8nza7Rn0wajMwnzznNY80bKlpFIr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:30 2024 by rpki-client on console-fra.rpki-client.org