Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/gYOaepbMpiPSjffkJ59w4bIJG74.roa
File: gYOaepbMpiPSjffkJ59w4bIJG74.roa (raw, json)
Hash identifier: 1QcGIm6r/DVYXER5xIpIlZRDA5ZA6Wh5VG+Pk6hV+8s=
Subject key identifier: 81:83:9A:7A:96:CC:A6:23:D2:8D:F7:E4:27:9F:70:E1:B2:09:1B:BE
Certificate issuer: /CN=efad344eb5f7eb1dee4b8f8435fb5b9d87663e9d
Certificate serial: 018CD0680AAA6F195260A32E58AC87FA328F
Authority key identifier: EF:AD:34:4E:B5:F7:EB:1D:EE:4B:8F:84:35:FB:5B:9D:87:66:3E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7600TrX36x3uS4-ENftbnYdmPp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/gYOaepbMpiPSjffkJ59w4bIJG74.roa
Signing time: Wed 03 Jan 2024 17:38:48 +0000
ROA not before: Wed 03 Jan 2024 17:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 145.1.240.0/20 maxlen: 20
149.74.0.0/16 maxlen: 16
1.178.232.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 05 Jan 2024 13:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:68:0a:aa:6f:19:52:60:a3:2e:58:ac:87:fa:32:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efad344eb5f7eb1dee4b8f8435fb5b9d87663e9d
Validity
Not Before: Jan 3 17:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81839a7a96cca623d28df7e4279f70e1b2091bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:34:c3:a3:45:f3:f9:21:ee:68:d9:d0:d8:9f:
a4:3e:24:09:c4:e7:7d:df:c5:aa:23:33:12:0c:ac:
c7:1c:37:bc:b2:8b:d1:72:6f:00:10:32:e7:fe:9c:
71:97:b8:ba:a4:39:8d:9c:5d:d9:48:95:2d:e4:6d:
83:84:6c:1f:fc:2e:77:f8:70:1d:b0:ea:a8:75:5f:
54:15:fe:02:5c:b7:8a:bf:40:75:14:a4:a4:d2:89:
12:01:9c:93:bd:86:a0:04:c8:3c:8f:b7:c1:e3:ae:
4d:eb:d0:11:e0:7c:94:cb:b7:57:2d:80:6c:03:cc:
fb:24:d2:86:9c:86:bf:a0:25:79:e8:81:ae:5f:cd:
0b:da:52:26:9a:0b:15:49:c6:50:6f:56:4b:e3:a3:
99:0e:cb:9f:55:ee:21:0f:a5:20:ba:a6:65:bb:9d:
ab:1b:26:3e:2b:2f:3a:6d:7b:4a:c2:03:21:78:c3:
35:b4:48:df:30:97:fa:9e:3c:f7:10:1c:51:56:fc:
0f:75:0b:dc:30:3d:d6:ed:46:dc:6a:9b:fa:dd:8d:
95:10:7c:01:81:d3:ac:a8:17:40:16:f2:d5:e8:19:
e9:f1:35:ee:80:09:2e:74:ed:7d:b8:ef:5c:f2:0f:
c1:40:79:17:e8:2d:40:0b:69:d5:d8:b6:f9:a4:d7:
a2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:83:9A:7A:96:CC:A6:23:D2:8D:F7:E4:27:9F:70:E1:B2:09:1B:BE
X509v3 Authority Key Identifier:
keyid:EF:AD:34:4E:B5:F7:EB:1D:EE:4B:8F:84:35:FB:5B:9D:87:66:3E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7600TrX36x3uS4-ENftbnYdmPp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/gYOaepbMpiPSjffkJ59w4bIJG74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/7600TrX36x3uS4-ENftbnYdmPp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.178.232.0/21
145.1.240.0/20
149.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:90:8c:10:01:4f:eb:c1:34:b3:1c:61:57:4c:7c:0e:e2:1d:
4f:c1:c6:2f:9a:ee:82:3c:e9:97:93:04:89:19:3c:4d:24:fa:
a1:52:4f:c6:70:68:31:21:8e:e0:dd:57:84:8d:b7:db:62:15:
5f:ba:85:6f:0c:11:c2:3f:9e:c1:f1:ba:f0:29:8c:18:46:de:
23:68:2c:38:84:4d:ce:ad:2f:11:0c:84:79:8b:cf:36:72:16:
98:05:83:ee:3b:33:1a:5a:10:75:cc:bb:bb:2d:47:f7:98:57:
a0:be:43:63:d9:4e:17:a3:2f:4f:2e:3f:fd:13:64:b6:64:bf:
42:34:36:8c:52:d7:69:b5:93:a6:bb:d6:4f:47:6f:3b:e5:d8:
a3:e0:e1:d1:93:84:0f:27:59:56:ab:7b:c4:70:3d:57:70:da:
fe:35:43:85:03:6b:db:92:e3:5f:52:8c:4f:91:85:37:97:e5:
e1:81:4b:2b:db:61:bf:c7:8a:d2:b2:1e:fa:a7:55:f1:57:ad:
f5:c0:68:06:d5:f5:3d:b6:28:6f:78:8e:17:6e:c4:9f:a3:c4:
3d:34:f9:e8:33:3f:4f:b4:ab:5a:5c:66:c6:0a:2a:1f:13:90:
21:c7:d5:51:c9:9e:2c:f2:67:3b:56:1f:17:ee:d4:2a:53:75:
d3:49:81:74
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzQaAqqbxlSYKMuWKyH+jKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWQzNDRlYjVmN2ViMWRlZTRiOGY4NDM1ZmI1YjlkODc2
NjNlOWQwHhcNMjQwMTAzMTczODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTgzOWE3YTk2Y2NhNjIzZDI4ZGY3ZTQyNzlmNzBlMWIyMDkxYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDTDo0Xz+SHuaNnQ2J+kPiQJxOd9
38WqIzMSDKzHHDe8sovRcm8AEDLn/pxxl7i6pDmNnF3ZSJUt5G2DhGwf/C53+HAd
sOqodV9UFf4CXLeKv0B1FKSk0okSAZyTvYagBMg8j7fB465N69AR4HyUy7dXLYBs
A8z7JNKGnIa/oCV56IGuX80L2lImmgsVScZQb1ZL46OZDsufVe4hD6UguqZlu52r
GyY+Ky86bXtKwgMheMM1tEjfMJf6njz3EBxRVvwPdQvcMD3W7Ubcapv63Y2VEHwB
gdOsqBdAFvLV6Bnp8TXugAkudO19uO9c8g/BQHkX6C1AC2nV2Lb5pNeiMQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFIGDmnqWzKYj0o335CefcOGyCRu+MB8GA1UdIwQY
MBaAFO+tNE619+sd7kuPhDX7W52HZj6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzYwMFRyWDM2eDN1UzQtRU5mdGJuWWRtUHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xYTgzMGEtZjA2MS00Y2RjLWJhZmIt
YTJmZTlmMDE1ZDcxLzEvZ1lPYWVwYk1waVBTamZma0o1OXc0YklKRzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xYTgzMGEtZjA2MS00Y2RjLWJhZmItYTJmZTlmMDE1ZDcx
LzEvNzYwMFRyWDM2eDN1UzQtRU5mdGJuWWRtUHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQDAbLoAwQE
kQHwAwMAlUowDQYJKoZIhvcNAQELBQADggEBAAOQjBABT+vBNLMcYVdMfA7iHU/B
xi+a7oI86ZeTBIkZPE0k+qFST8ZwaDEhjuDdV4SNt9tiFV+6hW8MEcI/nsHxuvAp
jBhG3iNoLDiETc6tLxEMhHmLzzZyFpgFg+47MxpaEHXMu7stR/eYV6C+Q2PZThej
L08uP/0TZLZkv0I0NoxS12m1k6a71k9Hbzvl2KPg4dGThA8nWVare8RwPVdw2v41
Q4UDa9uS419SjE+RhTeX5eGBSyvbYb/HitKyHvqnVfFXrfXAaAbV9T22KG94jhdu
xJ+jxD00+egzP0+0q1pcZsYKKh8TkCHH1VHJnizyZztWHxfu1CpTddNJgXQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:42 2024 by rpki-client on console-fra.rpki-client.org