Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/ghch-lyQoLau0D3D6aczFKbur3c.roa
File: ghch-lyQoLau0D3D6aczFKbur3c.roa (raw, json)
Hash identifier: R6pETq4/Iu4FeHyG3WF366rbJdIeb858LjArUL4LAEQ=
Subject key identifier: 82:17:21:FA:5C:90:A0:B6:AE:D0:3D:C3:E9:A7:33:14:A6:EE:AF:77
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018CC5DC122471D97BF8FF0522F85BA7FEDE
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/ghch-lyQoLau0D3D6aczFKbur3c.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400040
IP address blocks: 194.246.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 09:16:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:12:24:71:d9:7b:f8:ff:05:22:f8:5b:a7:fe:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=821721fa5c90a0b6aed03dc3e9a73314a6eeaf77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e1:9f:ac:b3:d8:b7:23:d5:c7:0b:7b:3a:5a:
eb:76:67:37:10:83:d9:26:4c:23:b7:f8:f5:ef:f6:
c3:8a:ac:6e:fd:82:8b:a9:09:ae:00:c9:38:41:70:
6d:87:89:87:78:a5:70:b6:d2:47:a4:ab:5e:db:83:
98:81:0f:1c:91:a2:e1:15:f4:00:fd:73:58:30:bb:
a7:e4:ec:b9:e1:33:6c:02:99:55:9b:97:fa:3c:d7:
ae:f5:4d:59:7b:4b:8c:fc:47:9a:67:9d:be:71:65:
78:07:67:d2:08:f5:27:25:d7:3a:ed:9c:2c:c1:84:
b1:14:e0:2a:e9:50:e0:60:31:c9:ee:86:32:11:ae:
46:f4:48:38:35:6f:57:6e:3d:ab:40:c6:fe:bb:2d:
8c:f6:a8:25:bb:8c:6a:ff:55:91:30:69:cb:32:c1:
88:4a:b6:e5:e0:1e:62:66:33:6b:ff:03:c8:0a:c4:
56:c1:24:27:45:cd:53:4a:85:ba:bc:9e:d3:82:37:
6d:94:0b:02:1c:03:9f:85:85:bf:72:4a:28:5a:04:
c4:d6:92:90:ce:bc:00:ed:d7:25:8d:4a:5b:51:d2:
f3:3d:3b:6c:a8:b2:39:ea:e9:d4:d0:d4:bb:ce:9c:
e3:02:40:4f:3f:98:01:83:4a:b7:87:a7:01:3f:13:
f1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:17:21:FA:5C:90:A0:B6:AE:D0:3D:C3:E9:A7:33:14:A6:EE:AF:77
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/ghch-lyQoLau0D3D6aczFKbur3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.36.0/24
Signature Algorithm: sha256WithRSAEncryption
75:e1:0e:83:42:81:40:d3:6c:52:dc:18:28:8e:16:f3:04:e8:
52:6a:e0:7b:1f:bc:6c:d7:5b:39:ef:29:ee:8b:aa:d0:51:dd:
57:68:65:bb:ae:fe:d9:4c:61:3a:fc:88:a4:f8:6a:c7:96:9b:
fc:b6:fe:c1:66:c7:98:84:ab:27:82:1a:06:ac:13:e8:8f:74:
84:88:e5:34:6a:36:9a:f2:90:47:90:63:82:c3:b1:f4:29:71:
24:7c:69:da:a7:16:c3:de:b6:69:c7:36:06:0d:50:95:48:d4:
94:f8:ea:cb:ef:ce:28:82:a1:41:21:63:58:e5:f0:62:2e:43:
af:49:3c:cd:a9:c6:f1:1b:91:2b:6b:2d:db:6d:64:9a:83:26:
31:3a:e0:b3:93:c9:2c:d1:11:8a:ee:15:21:71:61:40:70:61:
ab:4a:c4:63:c5:6f:33:fb:37:54:88:e4:f6:03:d7:ea:23:88:
88:22:04:9c:b3:21:fa:e5:0e:57:9d:ca:5f:be:fc:ab:14:e2:
97:92:7d:e4:ea:f9:96:f4:1b:41:9f:60:4e:22:e3:70:8a:ab:
7d:09:df:da:5b:ce:db:72:4e:4a:c4:ab:c3:06:9d:a8:fc:b0:
56:93:26:40:96:25:f5:ff:5a:ef:80:7e:c4:4d:59:94:3b:1b:
73:ab:2e:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BIkcdl7+P8FIvhbp/7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE3MjFmYTVjOTBhMGI2YWVkMDNkYzNlOWE3MzMxNGE2ZWVhZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuGfrLPYtyPVxwt7Olrrdmc3EIPZ
Jkwjt/j17/bDiqxu/YKLqQmuAMk4QXBth4mHeKVwttJHpKte24OYgQ8ckaLhFfQA
/XNYMLun5Oy54TNsAplVm5f6PNeu9U1Ze0uM/EeaZ52+cWV4B2fSCPUnJdc67Zws
wYSxFOAq6VDgYDHJ7oYyEa5G9Eg4NW9Xbj2rQMb+uy2M9qglu4xq/1WRMGnLMsGI
Srbl4B5iZjNr/wPICsRWwSQnRc1TSoW6vJ7TgjdtlAsCHAOfhYW/ckooWgTE1pKQ
zrwA7dcljUpbUdLzPTtsqLI56unU0NS7zpzjAkBPP5gBg0q3h6cBPxPxGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIXIfpckKC2rtA9w+mnMxSm7q93MB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvZ2hjaC1seVFvTGF1MEQzRDZhY3pGS2J1cjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvYkMA0G
CSqGSIb3DQEBCwUAA4IBAQB14Q6DQoFA02xS3BgojhbzBOhSauB7H7xs11s57ynu
i6rQUd1XaGW7rv7ZTGE6/Iik+GrHlpv8tv7BZseYhKsnghoGrBPoj3SEiOU0ajaa
8pBHkGOCw7H0KXEkfGnapxbD3rZpxzYGDVCVSNSU+OrL784ogqFBIWNY5fBiLkOv
STzNqcbxG5Eray3bbWSagyYxOuCzk8ks0RGK7hUhcWFAcGGrSsRjxW8z+zdUiOT2
A9fqI4iIIgScsyH65Q5XncpfvvyrFOKXkn3k6vmW9BtBn2BOIuNwiqt9Cd/aW87b
ck5KxKvDBp2o/LBWkyZAliX1/1rvgH7ETVmUOxtzqy6z
-----END CERTIFICATE-----
Generated at Wed May 1 12:49:33 2024 by rpki-client on console-fra.rpki-client.org