Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/GaHhFzK7ivGj9lY7CN6nX9LK714.roa
File: GaHhFzK7ivGj9lY7CN6nX9LK714.roa (raw, json)
Hash identifier: 0CqSaO8EC1v6WIENV3igKcPJvKyR6yvokohd73a0zzY=
Subject key identifier: 19:A1:E1:17:32:BB:8A:F1:A3:F6:56:3B:08:DE:A7:5F:D2:CA:EF:5E
Certificate issuer: /CN=8521d103fc73e9075dcf1e22bc8242b70f98c884
Certificate serial: 018C6440EF458C97704041142CC6BD3FB2A4
Authority key identifier: 85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/GaHhFzK7ivGj9lY7CN6nX9LK714.roa
Signing time: Wed 13 Dec 2023 17:37:06 +0000
ROA not before: Wed 13 Dec 2023 17:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47914
IP address blocks: 91.247.0.0/19 maxlen: 24
93.157.232.0/21 maxlen: 24
91.245.128.0/19 maxlen: 24
176.108.192.0/19 maxlen: 24
109.206.128.0/19 maxlen: 24
2001:67c:2704::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:40:ef:45:8c:97:70:40:41:14:2c:c6:bd:3f:b2:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8521d103fc73e9075dcf1e22bc8242b70f98c884
Validity
Not Before: Dec 13 17:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19a1e11732bb8af1a3f6563b08dea75fd2caef5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:55:00:3d:f9:c6:ab:da:dc:95:ff:2a:e2:8d:
9f:4e:bc:19:63:b1:d2:23:ce:08:6a:68:84:80:da:
ac:03:08:11:63:c2:c8:b1:01:84:1b:d4:0e:fb:20:
ee:0d:15:98:fd:2b:d4:33:48:f6:2e:93:d3:07:68:
b7:77:cb:25:21:04:09:3a:95:67:39:bf:f4:4d:b7:
9f:67:ef:26:09:12:09:d4:fb:41:75:9b:ff:05:d3:
82:a5:f5:40:29:11:a8:ed:56:7f:c6:12:25:81:3d:
e8:75:20:99:ee:f9:2a:85:97:28:57:2f:e4:3a:c7:
03:e5:f8:d3:a6:10:b2:b8:93:4f:85:03:e4:89:83:
ee:a6:96:b9:e4:2e:f9:0d:67:d7:d9:1f:45:7b:5d:
e3:83:08:8a:7c:35:26:ef:fd:3c:b4:93:79:b4:25:
90:00:b4:c3:db:01:45:17:fd:cf:17:31:4b:dd:c7:
71:46:de:74:89:65:d9:61:79:17:68:b5:09:8d:f1:
3b:ec:59:6c:33:2d:14:85:80:6c:1f:24:d7:d2:38:
c8:fe:d7:59:16:6c:09:7f:76:6c:dd:6f:29:5e:a5:
e0:c9:8f:e6:06:ea:6a:15:b4:54:b4:61:03:a1:36:
e8:df:4b:0e:dd:25:02:37:c2:74:55:8e:db:37:0d:
67:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A1:E1:17:32:BB:8A:F1:A3:F6:56:3B:08:DE:A7:5F:D2:CA:EF:5E
X509v3 Authority Key Identifier:
keyid:85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/GaHhFzK7ivGj9lY7CN6nX9LK714.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.128.0/19
91.247.0.0/19
93.157.232.0/21
109.206.128.0/19
176.108.192.0/19
IPv6:
2001:67c:2704::/48
Signature Algorithm: sha256WithRSAEncryption
44:42:43:d8:f7:0b:07:f1:70:16:b0:90:1e:d6:04:18:46:55:
d9:bf:bd:ef:69:86:46:b0:0a:31:94:b0:9a:5e:12:52:31:d7:
10:4c:9e:39:9a:cc:42:fa:6d:88:9e:78:35:72:72:df:c8:44:
6b:c2:74:e8:5c:7f:9b:52:fa:7a:89:29:f2:61:05:2c:5a:bd:
38:bf:7f:f2:c9:b3:ca:7a:f6:06:2a:a8:3d:29:73:d3:57:9b:
12:b7:74:bf:61:df:f1:88:66:89:63:81:71:95:db:3c:0d:0d:
c6:16:f8:cd:9e:ed:5f:46:b8:89:a9:80:8b:68:20:1c:27:da:
a8:0e:62:ac:a2:1c:9e:43:e0:49:9e:5d:08:fa:ac:ce:41:9d:
46:19:07:1c:1c:80:b5:2c:ee:3d:39:fe:cf:4f:48:15:ce:5c:
7e:40:ef:f4:f4:20:f8:73:13:bc:5d:7f:44:bc:a5:37:67:22:
b0:28:ac:69:9e:e9:18:54:9e:e9:36:18:cd:d2:43:cc:b8:34:
a6:5f:68:22:da:21:bf:8b:b4:3c:71:f6:54:0d:9d:f3:9b:33:
64:d3:4a:01:0e:cc:bd:4a:ea:8b:68:79:9b:24:e7:4a:9d:17:
e1:ba:ed:8f:4c:a5:27:31:a1:90:29:0e:e8:ed:5a:99:ab:b8:
b9:e7:05:8f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYxkQO9FjJdwQEEULMa9P7KkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjFkMTAzZmM3M2U5MDc1ZGNmMWUyMmJjODI0MmI3MGY5
OGM4ODQwHhcNMjMxMjEzMTczNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWExZTExNzMyYmI4YWYxYTNmNjU2M2IwOGRlYTc1ZmQyY2FlZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVUAPfnGq9rclf8q4o2fTrwZY7HS
I84IamiEgNqsAwgRY8LIsQGEG9QO+yDuDRWY/SvUM0j2LpPTB2i3d8slIQQJOpVn
Ob/0TbefZ+8mCRIJ1PtBdZv/BdOCpfVAKRGo7VZ/xhIlgT3odSCZ7vkqhZcoVy/k
OscD5fjTphCyuJNPhQPkiYPuppa55C75DWfX2R9Fe13jgwiKfDUm7/08tJN5tCWQ
ALTD2wFFF/3PFzFL3cdxRt50iWXZYXkXaLUJjfE77FlsMy0UhYBsHyTX0jjI/tdZ
FmwJf3Zs3W8pXqXgyY/mBupqFbRUtGEDoTbo30sO3SUCN8J0VY7bNw1nzwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBmh4Rcyu4rxo/ZWOwjep1/Syu9eMB8GA1UdIwQY
MBaAFIUh0QP8c+kHXc8eIryCQrcPmMiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUt
ZTQwZGUwODQxM2ZhLzEvR2FIaEZ6SzdpdkdqOWxZN0NONm5YOUxLNzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUtZTQwZGUwODQxM2Zh
LzEvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQFW/WAAwQF
W/cAAwQDXZ3oAwQFbc6AAwQFsGzAMA8EAgACMAkDBwAgAQZ8JwQwDQYJKoZIhvcN
AQELBQADggEBAERCQ9j3CwfxcBawkB7WBBhGVdm/ve9phkawCjGUsJpeElIx1xBM
njmazEL6bYieeDVyct/IRGvCdOhcf5tS+nqJKfJhBSxavTi/f/LJs8p69gYqqD0p
c9NXmxK3dL9h3/GIZoljgXGV2zwNDcYW+M2e7V9GuImpgItoIBwn2qgOYqyiHJ5D
4EmeXQj6rM5BnUYZBxwcgLUs7j05/s9PSBXOXH5A7/T0IPhzE7xdf0S8pTdnIrAo
rGme6RhUnuk2GM3SQ8y4NKZfaCLaIb+LtDxx9lQNnfObM2TTSgEOzL1K6otoeZsk
50qdF+G67Y9MpScxoZApDujtWpmruLnnBY8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:49 2024 by rpki-client on console-ams.rpki-client.org