Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/GOzyCbKtc8UXvNTg2xKFKLW9Efk.roa
File: GOzyCbKtc8UXvNTg2xKFKLW9Efk.roa (raw, json)
Hash identifier: H0S4eAtcWzBYut+pZgSh5fRoQTiS+r4UUly/TNLr53E=
Subject key identifier: 18:EC:F2:09:B2:AD:73:C5:17:BC:D4:E0:DB:12:85:28:B5:BD:11:F9
Certificate issuer: /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial: 018CC3B70877071FB05C70DC8BD5FF6F3192
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/GOzyCbKtc8UXvNTg2xKFKLW9Efk.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.158.127.0/24 maxlen: 24
45.158.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:08:77:07:1f:b0:5c:70:dc:8b:d5:ff:6f:31:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18ecf209b2ad73c517bcd4e0db128528b5bd11f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:29:ba:2b:d8:89:09:f5:d9:38:45:67:c5:f9:
5f:52:ab:3d:d6:10:c2:90:62:3f:4d:9c:14:45:39:
a8:9d:0f:41:6e:a6:73:4f:28:f9:51:29:87:a6:17:
94:ed:91:6d:18:12:8f:6e:3e:c2:62:fd:de:fa:0c:
83:69:ba:75:f6:7c:99:b0:20:a7:bc:a7:cd:03:09:
c5:ef:4e:ce:ed:57:73:1e:b6:89:d1:68:48:9c:f1:
68:05:a5:07:5b:3e:89:d2:6e:ae:07:20:69:dd:4c:
a8:c5:46:d2:18:d8:ad:00:a9:11:db:9c:99:2d:9c:
28:ad:2b:2b:c7:d9:13:de:23:68:58:be:04:1e:a8:
79:61:10:2e:db:ed:6a:96:82:18:63:e8:6b:f2:31:
a9:fa:ee:43:8d:dc:f1:00:a5:bf:d4:b7:d1:6a:97:
46:4c:90:cf:6d:4d:01:d5:42:3b:e2:b6:41:b3:83:
ce:06:c8:5f:65:7d:dc:41:4d:0e:0e:5e:37:6f:26:
d5:d1:5e:a4:12:29:2d:ee:cf:07:c6:8a:ba:b7:76:
ff:bb:94:b4:11:fe:73:fd:68:be:5a:f4:78:e1:2c:
42:87:ec:b8:ba:f3:c6:ee:58:3a:17:43:57:53:b9:
1f:85:77:49:bb:f8:1c:fb:c2:c0:af:52:5b:32:af:
8c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:EC:F2:09:B2:AD:73:C5:17:BC:D4:E0:DB:12:85:28:B5:BD:11:F9
X509v3 Authority Key Identifier:
keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/GOzyCbKtc8UXvNTg2xKFKLW9Efk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.126.0/23
Signature Algorithm: sha256WithRSAEncryption
59:f3:17:4a:3e:a0:a4:08:ab:b8:ae:15:fc:27:22:57:14:d1:
34:0b:0c:d7:04:4d:88:59:55:8b:ce:46:2c:0f:68:2d:fc:3a:
0b:7d:4e:88:d6:38:a6:a1:c5:63:eb:fc:af:77:bb:24:cd:a1:
4e:9c:08:be:35:59:a3:e2:b1:d4:d6:ef:3b:2a:86:fd:2b:f1:
8e:f6:5d:6e:4f:a5:30:ea:20:f0:4b:4f:6c:44:69:19:98:78:
87:a4:2a:39:d4:13:0b:a2:25:6b:2b:37:52:81:04:f7:7e:c8:
6b:7a:43:ec:e7:cd:52:1f:13:7c:5d:3b:fe:d7:61:93:7f:77:
f6:25:36:d1:47:af:4b:b5:4d:ea:1e:ba:7b:75:78:92:61:f1:
84:34:d7:81:77:a4:41:1b:ae:0d:88:52:b9:11:61:1a:90:fd:
ec:4a:0e:d5:e2:fd:9f:d9:a9:37:d7:78:3c:30:32:bb:ae:6f:
e5:66:ca:2e:33:e5:58:de:b2:73:e0:d6:4a:43:76:3f:ec:7c:
2b:39:80:61:e0:df:59:18:6e:ed:5d:68:73:4e:db:14:2f:87:
f8:c7:8f:c2:2d:81:5b:70:8b:7d:f2:2e:d6:38:4c:23:81:07:
90:89:e6:a8:bb:b5:1b:53:6a:4a:34:a6:71:0b:32:1b:74:66:
cc:bc:8b:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtwh3Bx+wXHDci9X/bzGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGVjZjIwOWIyYWQ3M2M1MTdiY2Q0ZTBkYjEyODUyOGI1YmQxMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySm6K9iJCfXZOEVnxflfUqs91hDC
kGI/TZwURTmonQ9BbqZzTyj5USmHpheU7ZFtGBKPbj7CYv3e+gyDabp19nyZsCCn
vKfNAwnF707O7VdzHraJ0WhInPFoBaUHWz6J0m6uByBp3UyoxUbSGNitAKkR25yZ
LZworSsrx9kT3iNoWL4EHqh5YRAu2+1qloIYY+hr8jGp+u5DjdzxAKW/1LfRapdG
TJDPbU0B1UI74rZBs4POBshfZX3cQU0ODl43bybV0V6kEikt7s8Hxoq6t3b/u5S0
Ef5z/Wi+WvR44SxCh+y4uvPG7lg6F0NXU7kfhXdJu/gc+8LAr1JbMq+M1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjs8gmyrXPFF7zU4NsShSi1vRH5MB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvR096eUNiS3RjOFVYdk5UZzJ4S0ZLTFc5RWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ5+MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ8xdKPqCkCKu4rhX8JyJXFNE0CwzXBE2IWVWLzkYs
D2gt/DoLfU6I1jimocVj6/yvd7skzaFOnAi+NVmj4rHU1u87Kob9K/GO9l1uT6Uw
6iDwS09sRGkZmHiHpCo51BMLoiVrKzdSgQT3fshrekPs581SHxN8XTv+12GTf3f2
JTbRR69LtU3qHrp7dXiSYfGENNeBd6RBG64NiFK5EWEakP3sSg7V4v2f2ak313g8
MDK7rm/lZsouM+VY3rJz4NZKQ3Y/7HwrOYBh4N9ZGG7tXWhzTtsUL4f4x4/CLYFb
cIt98i7WOEwjgQeQieaou7UbU2pKNKZxCzIbdGbMvIs5
-----END CERTIFICATE-----
Generated at Wed Jan 3 22:08:44 2024 by rpki-client on console-fra.rpki-client.org