Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/i-GIIHdgFVHqGNB50xjTUrIdnNM.roa
File: i-GIIHdgFVHqGNB50xjTUrIdnNM.roa (raw, json)
Hash identifier: gKZugA0mGgYWPUoeciQCgx0O2G8LkxYbQA5vHhVHWQ4=
Subject key identifier: 8B:E1:88:20:77:60:15:51:EA:18:D0:79:D3:18:D3:52:B2:1D:9C:D3
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 01871E484A6600A9DFB4BC7A708DE99BCDCD
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/i-GIIHdgFVHqGNB50xjTUrIdnNM.roa
Signing time: Sun 26 Mar 2023 14:17:46 +0000
ROA not before: Sun 26 Mar 2023 14:17:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 194.246.36.0/24 maxlen: 24
45.143.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1e:48:4a:66:00:a9:df:b4:bc:7a:70:8d:e9:9b:cd:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Mar 26 14:17:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8be1882077601551ea18d079d318d352b21d9cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ab:64:ba:87:f3:72:0f:5c:d2:f0:96:4c:bf:
91:a3:11:5e:09:02:f5:df:f3:75:70:06:77:3d:5d:
a4:c0:61:7d:7d:7f:c7:6f:be:33:61:d3:8f:c9:24:
eb:1a:46:1b:c4:18:37:52:4e:e6:41:05:c9:96:e0:
77:33:31:a1:f8:ec:cb:45:e0:bf:10:ca:d7:82:66:
36:b5:77:98:f5:ea:8d:d9:0e:94:98:c8:bd:a1:eb:
09:91:e9:bc:86:f9:ed:fc:9f:b3:6f:69:6b:04:60:
7b:95:40:5a:9f:0d:46:df:bb:0e:16:b4:6d:13:b4:
a1:be:5a:bc:e1:a2:ca:2e:ae:b7:2f:99:47:74:cb:
66:c5:6e:f3:2a:2c:e3:ae:0e:23:93:fe:86:c2:7a:
fc:34:b5:11:7e:69:e4:9a:70:1c:98:e0:36:1d:fa:
a9:12:de:f2:c9:df:0b:2a:2f:67:79:05:b6:fd:fc:
6e:76:c2:b0:dc:db:a9:d4:c7:b8:74:72:58:03:0d:
72:d1:41:87:03:03:ea:ee:fc:47:16:e9:0f:0b:d1:
26:ba:bd:1c:55:37:d4:e3:b7:28:30:38:08:c9:15:
bd:e9:38:46:b3:cd:2d:bc:1e:9e:c0:1f:80:77:1d:
c1:c1:fa:e7:15:ac:f5:a8:be:ac:81:bb:1b:86:b0:
37:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E1:88:20:77:60:15:51:EA:18:D0:79:D3:18:D3:52:B2:1D:9C:D3
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/i-GIIHdgFVHqGNB50xjTUrIdnNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.161.0/24
194.246.36.0/24
Signature Algorithm: sha256WithRSAEncryption
56:46:5e:a3:04:9d:e8:08:bc:92:b4:4e:ee:3e:08:b7:12:f8:
64:dd:d9:29:43:0a:e8:5e:46:4f:6b:4d:bc:93:74:ff:61:09:
97:cd:82:ea:3c:ca:af:81:ab:8e:40:c3:0a:22:c4:01:5c:9a:
06:4d:9d:09:61:5f:4c:65:ae:fa:c3:23:24:01:83:cc:a3:95:
f2:10:2d:5e:1c:d0:cd:85:c4:06:a9:57:48:51:28:5c:3b:e9:
8b:ab:35:5c:56:72:55:a0:c0:41:f7:bf:18:96:47:e5:ae:63:
07:14:4c:9b:7f:32:53:2c:e7:d5:52:44:a6:80:5e:18:40:9e:
f3:0c:4e:c8:ee:21:f1:73:b2:8f:5f:12:b4:24:13:d6:68:9f:
10:66:bf:d0:21:bf:de:ca:1f:f4:c1:40:bb:2d:6b:14:40:0c:
9c:9c:57:b1:15:e5:3e:ec:07:e6:f5:27:96:ad:ad:20:77:3c:
87:3e:ac:4e:7a:89:6d:1b:6b:60:c8:27:22:e3:ff:6d:fb:71:
19:49:47:d1:6b:bd:ac:3b:db:f5:fa:a6:d0:50:56:ef:65:0e:
b4:32:57:f7:c2:75:a2:75:89:ff:e5:27:63:52:e3:ee:fd:6f:
8a:4e:83:9b:d9:31:1a:a5:73:27:26:06:53:94:c1:5a:40:ba:
0f:a0:be:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYceSEpmAKnftLx6cI3pm83NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjMwMzI2MTQxNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmUxODgyMDc3NjAxNTUxZWExOGQwNzlkMzE4ZDM1MmIyMWQ5Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuatkuofzcg9c0vCWTL+RoxFeCQL1
3/N1cAZ3PV2kwGF9fX/Hb74zYdOPySTrGkYbxBg3Uk7mQQXJluB3MzGh+OzLReC/
EMrXgmY2tXeY9eqN2Q6UmMi9oesJkem8hvnt/J+zb2lrBGB7lUBanw1G37sOFrRt
E7Shvlq84aLKLq63L5lHdMtmxW7zKizjrg4jk/6Gwnr8NLURfmnkmnAcmOA2Hfqp
Et7yyd8LKi9neQW2/fxudsKw3Nup1Me4dHJYAw1y0UGHAwPq7vxHFukPC9Emur0c
VTfU47coMDgIyRW96ThGs80tvB6ewB+Adx3BwfrnFaz1qL6sgbsbhrA30QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIvhiCB3YBVR6hjQedMY01KyHZzTMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvaS1HSUlIZGdGVkhxR05CNTB4alRVcklkbk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY+hAwQA
wvYkMA0GCSqGSIb3DQEBCwUAA4IBAQBWRl6jBJ3oCLyStE7uPgi3Evhk3dkpQwro
XkZPa028k3T/YQmXzYLqPMqvgauOQMMKIsQBXJoGTZ0JYV9MZa76wyMkAYPMo5Xy
EC1eHNDNhcQGqVdIUShcO+mLqzVcVnJVoMBB978YlkflrmMHFEybfzJTLOfVUkSm
gF4YQJ7zDE7I7iHxc7KPXxK0JBPWaJ8QZr/QIb/eyh/0wUC7LWsUQAycnFexFeU+
7Afm9SeWra0gdzyHPqxOeoltG2tgyCci4/9t+3EZSUfRa72sO9v1+qbQUFbvZQ60
Mlf3wnWidYn/5SdjUuPu/W+KToOb2TEapXMnJgZTlMFaQLoPoL75
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:46 2024 by rpki-client on console-ams.rpki-client.org