Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/G2UT6T0eApQhepebPrJ_f2bFz2o.roa
File: G2UT6T0eApQhepebPrJ_f2bFz2o.roa (raw, json)
Hash identifier: hRGETILPX/d3hTkyiXuowPxA5Wsl2BCcwEcMel+nD6I=
Subject key identifier: 1B:65:13:E9:3D:1E:02:94:21:7A:97:9B:3E:B2:7F:7F:66:C5:CF:6A
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018972C038B14BF519A3A25905B1F8845B78
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/G2UT6T0eApQhepebPrJ_f2bFz2o.roa
Signing time: Thu 20 Jul 2023 10:02:27 +0000
ROA not before: Thu 20 Jul 2023 10:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 45.8.98.0/24 maxlen: 24
94.198.221.0/24 maxlen: 24
92.118.115.0/24 maxlen: 24
94.198.220.0/23 maxlen: 23
94.198.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:c0:38:b1:4b:f5:19:a3:a2:59:05:b1:f8:84:5b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 20 10:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b6513e93d1e0294217a979b3eb27f7f66c5cf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:39:9b:96:8f:53:62:ce:e0:c3:25:f1:54:db:
70:10:c8:d7:59:b7:b6:10:b7:35:b6:ff:85:a8:8b:
0d:b1:1c:78:53:61:d0:ae:00:ce:30:9d:d5:23:b1:
ac:0a:8f:30:ef:0a:49:df:21:4a:20:e3:64:e8:92:
66:08:a6:15:d3:9f:27:89:4b:0c:23:c9:c3:3e:66:
6a:c9:fa:a2:5c:ed:61:36:f4:f0:e4:cf:42:90:ba:
1e:b9:8a:65:07:08:b6:7a:45:fd:ef:ba:c4:50:22:
59:1b:99:79:e8:32:93:0b:1c:aa:37:09:ab:b4:d7:
6e:13:fd:dd:02:d7:fa:9a:ce:98:36:06:02:22:5f:
ae:d4:2c:07:5b:6f:34:46:61:a8:ff:8c:c6:c3:b9:
11:ca:f5:92:7b:a6:57:f2:6f:c0:32:f4:cf:25:c6:
d2:b2:f5:59:45:9c:fd:c7:06:13:a9:1a:7f:2d:bd:
06:c4:1e:9f:c4:6c:e1:91:71:ce:94:c6:95:d8:86:
db:5d:47:01:ac:c3:bb:57:81:10:89:79:be:88:1d:
3c:e2:b5:a0:84:1e:16:81:fe:12:b2:71:f6:eb:17:
1d:16:8b:93:09:7a:ca:37:e2:f6:6c:6d:16:85:e3:
14:f9:b5:a9:3e:bb:87:3c:40:bf:9b:06:2b:54:ed:
a1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:65:13:E9:3D:1E:02:94:21:7A:97:9B:3E:B2:7F:7F:66:C5:CF:6A
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/G2UT6T0eApQhepebPrJ_f2bFz2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.98.0/24
92.118.115.0/24
94.198.220.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:c0:c1:30:7f:ad:bd:6a:fd:80:c8:9c:fa:74:52:a3:a0:c8:
ed:ea:08:7f:1c:d1:74:46:fa:23:39:c1:8b:bd:02:7c:15:e3:
c7:38:ba:b3:5e:c9:40:fa:56:61:e8:d7:b1:17:4d:80:16:ec:
bb:8c:5e:70:51:cc:f7:b6:70:30:61:ff:9f:01:45:d5:57:0c:
b8:19:4f:3f:88:04:ce:0d:72:b0:4e:67:3a:c8:15:64:0f:8a:
48:57:36:94:8f:24:f8:cf:d9:af:0f:3b:6d:9a:16:da:db:d1:
50:db:f2:55:63:9b:21:66:e6:49:d3:21:22:7e:85:0b:d0:ab:
21:d3:44:8b:ce:d2:4f:dd:f8:69:fe:ad:dd:91:84:e7:0a:28:
8d:86:9d:be:2a:9d:69:e8:41:95:c1:32:29:03:5c:78:f2:7a:
94:2a:ba:46:9c:ec:9f:7a:79:2d:58:17:3a:d4:38:e5:08:5b:
18:b8:07:5c:6a:ab:9c:34:35:33:29:10:32:fc:d1:14:43:12:
ac:25:3d:6b:92:9b:e8:b0:1b:ed:06:a4:80:82:47:d6:00:0c:
bf:82:3b:48:db:be:d0:7f:26:8c:4d:50:37:0a:e9:fe:5a:cc:
9c:db:9f:24:cd:4e:b2:94:a0:b8:a2:1a:ce:ec:01:92:21:4f:
ab:8e:fa:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlywDixS/UZo6JZBbH4hFt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzIwMTAwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY1MTNlOTNkMWUwMjk0MjE3YTk3OWIzZWIyN2Y3ZjY2YzVjZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTmblo9TYs7gwyXxVNtwEMjXWbe2
ELc1tv+FqIsNsRx4U2HQrgDOMJ3VI7GsCo8w7wpJ3yFKIONk6JJmCKYV058niUsM
I8nDPmZqyfqiXO1hNvTw5M9CkLoeuYplBwi2ekX977rEUCJZG5l56DKTCxyqNwmr
tNduE/3dAtf6ms6YNgYCIl+u1CwHW280RmGo/4zGw7kRyvWSe6ZX8m/AMvTPJcbS
svVZRZz9xwYTqRp/Lb0GxB6fxGzhkXHOlMaV2IbbXUcBrMO7V4EQiXm+iB084rWg
hB4Wgf4SsnH26xcdFouTCXrKN+L2bG0WheMU+bWpPruHPEC/mwYrVO2hKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBtlE+k9HgKUIXqXmz6yf39mxc9qMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRzJVVDZUMGVBcFFoZXBlYlBySl9mMmJGejJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQhiAwQA
XHZzAwQBXsbcMA0GCSqGSIb3DQEBCwUAA4IBAQA/wMEwf629av2AyJz6dFKjoMjt
6gh/HNF0RvojOcGLvQJ8FePHOLqzXslA+lZh6NexF02AFuy7jF5wUcz3tnAwYf+f
AUXVVwy4GU8/iATODXKwTmc6yBVkD4pIVzaUjyT4z9mvDzttmhba29FQ2/JVY5sh
ZuZJ0yEifoUL0Ksh00SLztJP3fhp/q3dkYTnCiiNhp2+Kp1p6EGVwTIpA1x48nqU
KrpGnOyfenktWBc61DjlCFsYuAdcaqucNDUzKRAy/NEUQxKsJT1rkpvosBvtBqSA
gkfWAAy/gjtI277QfyaMTVA3Cun+Wsyc258kzU6ylKC4ohrO7AGSIU+rjvpa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org