Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/gcheMc9XQxMxVQDnt8mKHBdjqjk.roa
File: gcheMc9XQxMxVQDnt8mKHBdjqjk.roa (raw, json)
Hash identifier: c5UmCtZfhtUMiLGbm9otjdRI7m/TcOG3YYJY0IqyTqw=
Subject key identifier: 81:C8:5E:31:CF:57:43:13:31:55:00:E7:B7:C9:8A:1C:17:63:AA:39
Certificate issuer: /CN=3f947c4fd2396d9edb8bc454405e57558d8b9502
Certificate serial: 0185724C61E50E92EB86CB81DB815FBFEA1B
Authority key identifier: 3F:94:7C:4F:D2:39:6D:9E:DB:8B:C4:54:40:5E:57:55:8D:8B:95:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/gcheMc9XQxMxVQDnt8mKHBdjqjk.roa
Signing time: Mon 02 Jan 2023 11:44:46 +0000
ROA not before: Mon 02 Jan 2023 11:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:61:e5:0e:92:eb:86:cb:81:db:81:5f:bf:ea:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f947c4fd2396d9edb8bc454405e57558d8b9502
Validity
Not Before: Jan 2 11:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81c85e31cf574313315500e7b7c98a1c1763aa39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d4:b5:da:64:0c:53:30:4a:53:42:a1:85:ea:
78:a7:27:e5:90:1b:12:23:84:85:6e:72:60:a9:46:
23:f8:51:a9:11:53:78:a6:58:ef:e0:a8:bd:36:5c:
b0:a4:d0:cb:37:f0:2d:ab:10:6e:5f:e4:6c:09:15:
af:a5:ee:ae:c4:0a:ef:dd:12:a2:b0:06:b9:48:ac:
6b:6b:d5:24:af:97:22:8f:3a:68:bf:da:6e:b8:02:
24:73:7b:95:fb:c4:c0:10:3e:70:ce:80:9d:52:5d:
c1:f9:a7:4a:05:0a:92:58:59:d1:b5:68:b6:45:c3:
31:78:d5:cc:c8:af:4a:d2:04:ce:f1:bb:bd:2d:69:
32:2b:e9:8a:3c:6e:1b:27:1e:70:91:53:50:29:7e:
de:76:ec:a6:74:7f:9f:2f:27:f7:88:5d:8e:b1:f7:
6e:5c:0c:ec:7f:47:34:c2:f9:36:0c:5e:14:b4:db:
37:43:ab:ed:84:77:93:f5:e1:87:80:9c:1e:17:b5:
28:59:5f:ee:28:f5:10:90:d6:0b:d9:af:18:b8:b7:
71:51:9d:83:df:d9:d4:00:b7:b4:4c:f7:c5:a8:60:
13:a1:15:29:06:c8:47:65:e7:50:78:58:16:92:e9:
7b:f5:72:eb:41:d7:fd:bc:15:a8:3c:c4:fc:db:25:
6c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C8:5E:31:CF:57:43:13:31:55:00:E7:B7:C9:8A:1C:17:63:AA:39
X509v3 Authority Key Identifier:
keyid:3F:94:7C:4F:D2:39:6D:9E:DB:8B:C4:54:40:5E:57:55:8D:8B:95:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/gcheMc9XQxMxVQDnt8mKHBdjqjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.35.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:41:ac:0e:9b:c2:c1:d1:45:c7:25:7f:1b:bf:2f:93:c2:c5:
4c:69:ae:58:52:3b:d9:cb:ef:29:12:d2:02:8a:33:63:9f:ce:
a6:dc:1b:8f:88:92:2e:d5:e4:a0:5e:b6:2b:6a:08:73:16:09:
90:37:77:07:77:9a:56:86:ca:78:ea:78:24:95:de:87:6d:bf:
c2:05:41:aa:2c:00:b6:75:1b:8f:dc:f9:e1:b3:c8:80:38:76:
87:da:1f:aa:aa:d6:f1:39:1f:b9:80:92:a9:33:ab:80:2b:a7:
22:25:a9:b6:b4:11:36:f4:c4:d4:14:59:0d:d0:8c:ad:0e:d2:
ff:5b:bf:11:11:fb:64:ad:b3:2b:54:bc:e5:c3:df:13:58:56:
64:4a:e0:d1:a6:1d:1d:f0:2b:34:3a:f0:1c:1d:76:9f:b3:55:
b1:dc:5d:06:17:24:e6:36:f7:0d:2f:b8:6e:2f:e7:00:91:7f:
55:3d:5a:c1:11:70:bc:de:fc:ad:03:1a:26:07:3a:4b:81:d2:
87:87:a9:54:c8:4f:29:f4:dc:55:be:23:0a:6a:44:c1:96:74:
87:de:0d:ad:52:d8:e4:c5:e5:ca:7c:f9:fb:78:a8:1c:e5:ae:
f7:bf:0c:6d:d3:eb:8d:9a:ec:59:51:8d:4c:76:73:87:49:79:
70:75:2a:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTGHlDpLrhsuB24Ffv+obMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTQ3YzRmZDIzOTZkOWVkYjhiYzQ1NDQwNWU1NzU1OGQ4
Yjk1MDIwHhcNMjMwMTAyMTE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWM4NWUzMWNmNTc0MzEzMzE1NTAwZTdiN2M5OGExYzE3NjNhYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NS12mQMUzBKU0Khhep4pyflkBsS
I4SFbnJgqUYj+FGpEVN4pljv4Ki9NlywpNDLN/AtqxBuX+RsCRWvpe6uxArv3RKi
sAa5SKxra9Ukr5cijzpov9puuAIkc3uV+8TAED5wzoCdUl3B+adKBQqSWFnRtWi2
RcMxeNXMyK9K0gTO8bu9LWkyK+mKPG4bJx5wkVNQKX7eduymdH+fLyf3iF2Osfdu
XAzsf0c0wvk2DF4UtNs3Q6vthHeT9eGHgJweF7UoWV/uKPUQkNYL2a8YuLdxUZ2D
39nUALe0TPfFqGAToRUpBshHZedQeFgWkul79XLrQdf9vBWoPMT82yVs3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHIXjHPV0MTMVUA57fJihwXY6o5MB8GA1UdIwQY
MBaAFD+UfE/SOW2e24vEVEBeV1WNi5UCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVSOFQ5STViWjdiaThSVVFGNVhWWTJMbFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOWI0NTAtNzI5ZC00OGRlLWFiOGYt
Y2VjNDBlNDI1MjY0LzEvZ2NoZU1jOVhReE14VlFEbnQ4bUtIQmRqcWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOWI0NTAtNzI5ZC00OGRlLWFiOGYtY2VjNDBlNDI1MjY0
LzEvUDVSOFQ5STViWjdiaThSVVFGNVhWWTJMbFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQEjMA0G
CSqGSIb3DQEBCwUAA4IBAQBaQawOm8LB0UXHJX8bvy+TwsVMaa5YUjvZy+8pEtIC
ijNjn86m3BuPiJIu1eSgXrYraghzFgmQN3cHd5pWhsp46ngkld6Hbb/CBUGqLAC2
dRuP3Pnhs8iAOHaH2h+qqtbxOR+5gJKpM6uAK6ciJam2tBE29MTUFFkN0IytDtL/
W78REftkrbMrVLzlw98TWFZkSuDRph0d8Cs0OvAcHXafs1Wx3F0GFyTmNvcNL7hu
L+cAkX9VPVrBEXC83vytAxomBzpLgdKHh6lUyE8p9NxVviMKakTBlnSH3g2tUtjk
xeXKfPn7eKgc5a73vwxt0+uNmuxZUY1MdnOHSXlwdSr7
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:29 2024 by rpki-client on console-fra.rpki-client.org