Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/g0XTqojDlczTBctI7qnyuMezRP8.roa
File: g0XTqojDlczTBctI7qnyuMezRP8.roa (raw, json)
Hash identifier: ioFBCx+/HkRVjdDKQGMnrtAU4a8yWMyZJHabuSaFui0=
Subject key identifier: 83:45:D3:AA:88:C3:95:CC:D3:05:CB:48:EE:A9:F2:B8:C7:B3:44:FF
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018B607DC07957F06BE2981A0F7B4AAEBD91
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/g0XTqojDlczTBctI7qnyuMezRP8.roa
Signing time: Tue 24 Oct 2023 07:02:15 +0000
ROA not before: Tue 24 Oct 2023 07:02:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39700
IP address blocks: 81.30.38.0/24 maxlen: 24
78.108.128.0/20 maxlen: 24
176.74.224.0/24 maxlen: 24
2001:4cb8::/29 maxlen: 48
2001:4cb9::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:7d:c0:79:57:f0:6b:e2:98:1a:0f:7b:4a:ae:bd:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Oct 24 07:02:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8345d3aa88c395ccd305cb48eea9f2b8c7b344ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ce:c0:3b:4e:57:c4:26:5d:d9:7b:0b:4e:b7:
16:d7:a6:f0:ad:67:c1:56:4d:66:f7:c9:0a:b5:7d:
07:ea:a7:28:e2:41:c5:55:2f:d7:eb:d3:a1:8c:b9:
b9:62:90:88:ad:21:7e:f3:ba:2a:58:67:53:6d:3f:
26:8b:8d:5d:bc:4a:03:49:80:c8:50:de:73:98:b7:
58:87:a7:81:a4:77:7c:fe:5a:c3:24:fb:dd:be:78:
ec:76:5f:f7:cd:b4:e7:09:2a:c3:1e:2a:40:5b:c5:
fc:ab:ea:d6:12:ed:a8:a1:32:fb:71:5d:89:37:9a:
ec:c2:09:79:fa:3c:8c:30:a8:f9:81:7d:d8:85:ec:
87:c3:e9:ea:f4:3f:35:75:cc:b2:2c:e9:ab:94:58:
1e:a6:35:71:63:6f:92:9f:66:89:a9:ca:11:f8:2b:
50:0d:bf:62:66:0e:01:71:f5:bd:28:34:5e:8d:22:
a9:77:96:4c:2b:18:c0:0b:f9:a1:d5:7a:51:24:f2:
41:78:ec:d0:c3:64:7b:cc:7d:bc:4c:3e:5f:00:39:
ab:09:e8:83:3d:20:1e:2d:cc:7f:49:a2:dc:db:82:
2c:02:81:f0:f4:87:bb:ac:e4:9e:b1:51:f0:13:24:
2f:0c:57:49:85:60:02:46:b1:d2:99:8c:b7:15:60:
fa:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:45:D3:AA:88:C3:95:CC:D3:05:CB:48:EE:A9:F2:B8:C7:B3:44:FF
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/g0XTqojDlczTBctI7qnyuMezRP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.128.0/20
81.30.38.0/24
176.74.224.0/24
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
78:92:2e:6b:eb:12:47:0c:30:7a:52:5b:4b:79:0d:08:27:c3:
70:1f:02:2c:db:e1:e3:cb:6e:0e:c4:9b:e7:00:c3:a2:4b:07:
dd:c5:6b:35:a2:1a:2f:73:39:46:96:55:03:f3:76:d0:d7:dc:
38:2f:69:a6:39:7e:5a:4b:27:2f:e6:1c:4c:4e:4a:22:6f:3a:
04:3b:6a:f8:27:d5:de:a1:ba:c0:0f:47:c8:3f:34:bc:f8:34:
58:b6:f7:59:94:e7:3b:d6:39:88:31:1b:56:9b:01:d8:c2:9f:
e1:9c:cc:f4:ba:44:09:7d:35:cd:b2:24:25:04:ed:37:74:8a:
48:67:a0:9c:0b:1e:ae:f8:9a:a1:cb:8a:45:67:23:9e:20:52:
0f:ea:5e:0b:ba:1d:f1:1d:ff:1f:53:33:1a:ca:92:89:aa:b9:
b9:26:5d:b2:7a:95:8a:61:5d:e6:01:9e:c5:80:b6:8d:52:ad:
63:ef:5d:1c:58:e5:54:40:b9:e6:80:63:b8:1b:cf:44:ec:88:
74:61:3b:80:81:99:89:56:ad:e9:46:6f:8c:d9:d3:a7:46:1a:
e9:26:48:b0:50:1a:45:22:6a:e0:f4:c2:b5:95:df:61:db:7a:
62:3f:85:ac:06:73:56:88:11:96:f1:b5:ed:8c:9c:24:3b:95:
73:2c:c6:f5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYtgfcB5V/Br4pgaD3tKrr2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMxMDI0MDcwMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQ1ZDNhYTg4YzM5NWNjZDMwNWNiNDhlZWE5ZjJiOGM3YjM0NGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv87AO05XxCZd2XsLTrcW16bwrWfB
Vk1m98kKtX0H6qco4kHFVS/X69OhjLm5YpCIrSF+87oqWGdTbT8mi41dvEoDSYDI
UN5zmLdYh6eBpHd8/lrDJPvdvnjsdl/3zbTnCSrDHipAW8X8q+rWEu2ooTL7cV2J
N5rswgl5+jyMMKj5gX3YheyHw+nq9D81dcyyLOmrlFgepjVxY2+Sn2aJqcoR+CtQ
Db9iZg4BcfW9KDRejSKpd5ZMKxjAC/mh1XpRJPJBeOzQw2R7zH28TD5fADmrCeiD
PSAeLcx/SaLc24IsAoHw9Ie7rOSesVHwEyQvDFdJhWACRrHSmYy3FWD6CwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFINF06qIw5XM0wXLSO6p8rjHs0T/MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvZzBYVHFvakRsY3pUQmN0STdxbnl1TWV6UlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETmyAAwQA
UR4mAwQAsErgMA0EAgACMAcDBQMgAUy4MA0GCSqGSIb3DQEBCwUAA4IBAQB4ki5r
6xJHDDB6UltLeQ0IJ8NwHwIs2+Hjy24OxJvnAMOiSwfdxWs1ohovczlGllUD83bQ
19w4L2mmOX5aSycv5hxMTkoibzoEO2r4J9XeobrAD0fIPzS8+DRYtvdZlOc71jmI
MRtWmwHYwp/hnMz0ukQJfTXNsiQlBO03dIpIZ6CcCx6u+Jqhy4pFZyOeIFIP6l4L
uh3xHf8fUzMaypKJqrm5Jl2yepWKYV3mAZ7FgLaNUq1j710cWOVUQLnmgGO4G89E
7Ih0YTuAgZmJVq3pRm+M2dOnRhrpJkiwUBpFImrg9MK1ld9h23piP4WsBnNWiBGW
8bXtjJwkO5VzLMb1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org