Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/gfwBhwcdvVSLJ-bLXlLGo4nRnmM.roa
File: gfwBhwcdvVSLJ-bLXlLGo4nRnmM.roa (raw, json)
Hash identifier: OMeoP9hiuxhz8OmIIFc1JWElngrxOceeC7VvnCsfY3g=
Subject key identifier: 81:FC:01:87:07:1D:BD:54:8B:27:E6:CB:5E:52:C6:A3:89:D1:9E:63
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 018894A5291C15727AF0E36AEDB576D92A88
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/gfwBhwcdvVSLJ-bLXlLGo4nRnmM.roa
Signing time: Wed 07 Jun 2023 06:57:11 +0000
ROA not before: Wed 07 Jun 2023 06:57:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 45.152.33.0/24 maxlen: 24
45.152.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:a5:29:1c:15:72:7a:f0:e3:6a:ed:b5:76:d9:2a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jun 7 06:57:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81fc0187071dbd548b27e6cb5e52c6a389d19e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:22:93:29:d4:54:58:a3:f8:b7:65:f9:b3:dc:
a7:8b:ca:53:f9:8e:19:22:b5:f9:00:f1:7d:c8:01:
b7:44:72:b2:a7:31:70:52:18:18:08:af:e2:c0:e9:
d7:71:2c:79:51:25:af:8d:39:f5:b3:87:4b:9f:05:
d6:81:ea:3d:cd:31:dd:8b:9a:78:4e:eb:a0:96:19:
37:4c:a9:b4:dc:4a:54:cc:72:a6:15:59:e1:34:80:
31:be:94:8e:a4:ca:17:de:d9:24:8a:c9:15:68:6c:
2d:6d:8a:f4:b2:54:1b:4c:61:5f:79:e4:22:c5:0a:
b2:95:7c:9e:93:6a:a7:55:f9:69:a6:3d:e0:3c:3f:
3d:25:72:88:5e:e1:9b:42:11:e6:70:71:77:76:73:
ee:40:1c:f6:24:17:53:8f:9a:44:71:15:6f:d7:80:
6c:68:b4:ac:a1:dc:83:1d:c4:fd:3a:d9:2b:5c:0e:
83:71:0e:e8:01:8a:03:a2:cc:e0:6a:5f:1e:5d:b9:
72:61:48:73:51:20:c6:2d:c1:63:3b:cf:25:b4:f8:
f1:3d:d7:b0:a5:cc:13:a2:a9:e3:45:67:47:f6:01:
10:6c:3e:d8:44:84:5f:b1:f9:cb:d4:d1:db:20:a9:
07:56:71:8d:30:8a:ab:5c:11:b1:f1:da:ed:35:25:
2c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FC:01:87:07:1D:BD:54:8B:27:E6:CB:5E:52:C6:A3:89:D1:9E:63
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/gfwBhwcdvVSLJ-bLXlLGo4nRnmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.32.0/23
Signature Algorithm: sha256WithRSAEncryption
35:67:c0:ce:4a:50:d6:9d:6f:5d:6e:78:a4:ed:e4:4f:08:c9:
c9:ed:95:36:f7:f1:99:15:02:f1:00:ab:00:3c:83:3f:df:9d:
1c:bd:aa:f8:39:a6:f9:74:1a:d9:32:bb:be:01:89:56:55:8b:
68:2b:9a:4f:8a:4f:53:03:0a:70:a1:5f:a8:79:f8:91:8a:be:
6c:6e:a0:35:60:0a:62:92:17:1c:23:23:49:d9:a6:68:fa:b3:
c5:b4:77:60:6f:17:8d:d4:3e:e8:9c:85:53:be:fd:6b:22:4e:
88:15:39:57:e7:1f:00:0d:73:b0:f1:d4:55:56:84:60:e1:75:
71:66:99:47:3e:ac:f7:5d:55:55:2f:ba:20:8e:8c:11:9c:42:
58:00:f7:78:b8:3d:86:69:5a:00:52:46:2c:c8:41:6f:7f:82:
e6:c7:e2:d9:61:86:5e:61:41:1b:77:f3:e7:24:d8:19:b7:ca:
2a:ff:93:c2:71:be:1d:22:5b:d5:be:c6:c1:c3:2a:56:ad:d0:
1c:fb:26:2d:3b:86:e9:3d:cb:46:1e:9d:ab:25:a7:2e:c4:93:
d2:7d:25:6a:b2:d9:fa:b9:62:8e:cb:29:37:0b:f0:a6:14:50:
c9:96:e3:61:05:cf:d9:5f:23:15:b7:ee:55:a3:5b:c9:24:68:
11:0f:6a:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiUpSkcFXJ68ONq7bV22SqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwNjA3MDY1NzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWZjMDE4NzA3MWRiZDU0OGIyN2U2Y2I1ZTUyYzZhMzg5ZDE5ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiKTKdRUWKP4t2X5s9yni8pT+Y4Z
IrX5APF9yAG3RHKypzFwUhgYCK/iwOnXcSx5USWvjTn1s4dLnwXWgeo9zTHdi5p4
Tuuglhk3TKm03EpUzHKmFVnhNIAxvpSOpMoX3tkkiskVaGwtbYr0slQbTGFfeeQi
xQqylXyek2qnVflppj3gPD89JXKIXuGbQhHmcHF3dnPuQBz2JBdTj5pEcRVv14Bs
aLSsodyDHcT9OtkrXA6DcQ7oAYoDoszgal8eXblyYUhzUSDGLcFjO88ltPjxPdew
pcwToqnjRWdH9gEQbD7YRIRfsfnL1NHbIKkHVnGNMIqrXBGx8drtNSUskwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIH8AYcHHb1Uiyfmy15SxqOJ0Z5jMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvZ2Z3Qmh3Y2R2VlNMSi1iTFhsTEdvNG5Sbm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZggMA0G
CSqGSIb3DQEBCwUAA4IBAQA1Z8DOSlDWnW9dbnik7eRPCMnJ7ZU29/GZFQLxAKsA
PIM/350cvar4Oab5dBrZMru+AYlWVYtoK5pPik9TAwpwoV+oefiRir5sbqA1YApi
khccIyNJ2aZo+rPFtHdgbxeN1D7onIVTvv1rIk6IFTlX5x8ADXOw8dRVVoRg4XVx
ZplHPqz3XVVVL7ogjowRnEJYAPd4uD2GaVoAUkYsyEFvf4Lmx+LZYYZeYUEbd/Pn
JNgZt8oq/5PCcb4dIlvVvsbBwypWrdAc+yYtO4bpPctGHp2rJacuxJPSfSVqstn6
uWKOyyk3C/CmFFDJluNhBc/ZXyMVt+5Vo1vJJGgRD2oj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:17 2023 by rpki-client on console-fra.rpki-client.org