Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/g7vgw8Egx82lj2XBhPSufFTxYR8.roa
File: g7vgw8Egx82lj2XBhPSufFTxYR8.roa (raw, json)
Hash identifier: rCsDuagNNyJmTkL902ZHieSWsDhN5HxK0avkdpBx7iA=
Subject key identifier: 83:BB:E0:C3:C1:20:C7:CD:A5:8F:65:C1:84:F4:AE:7C:54:F1:61:1F
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0186328CB996E004B46F77DB249B317D5848
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/g7vgw8Egx82lj2XBhPSufFTxYR8.roa
Signing time: Wed 08 Feb 2023 19:42:08 +0000
ROA not before: Wed 08 Feb 2023 19:42:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 89.34.100.0/24 maxlen: 24
45.67.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:32:8c:b9:96:e0:04:b4:6f:77:db:24:9b:31:7d:58:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Feb 8 19:42:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83bbe0c3c120c7cda58f65c184f4ae7c54f1611f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:49:7c:d3:68:8d:8d:1f:57:39:c4:f6:b2:09:
ff:20:73:26:83:b2:93:80:c7:e5:1a:1e:53:fd:00:
ef:9d:73:fa:4d:36:b4:97:7a:0c:8f:f9:ed:b8:71:
e9:7c:d1:ce:a6:7f:1e:96:94:84:80:11:4c:cd:8d:
ce:3d:d2:19:60:cb:aa:24:e8:e9:87:16:11:bf:ce:
b4:57:ef:6b:3e:52:12:71:24:39:c8:fb:e6:77:86:
1f:d1:23:00:43:4f:45:b1:41:5a:09:9c:e1:19:ab:
fc:91:5e:98:0b:4c:76:9e:72:41:0f:45:6c:01:da:
1a:d9:df:06:91:75:54:9d:c7:75:72:85:1b:13:f2:
87:b6:91:5b:28:72:36:6f:5c:9a:ae:4b:71:f0:27:
93:aa:ce:2a:42:6d:e1:f3:ba:c2:b1:c9:78:18:71:
56:a5:e6:91:bb:25:40:e1:a6:de:17:32:63:5d:e9:
99:5c:7f:d8:69:d6:a3:8e:f6:a4:e4:bc:e7:f5:2f:
d9:62:3f:5a:db:33:86:54:1b:f4:90:4c:1d:92:6d:
3d:a9:2e:3d:21:31:50:e3:e2:1a:17:d0:33:ff:58:
3d:1e:fd:43:cb:2a:f6:12:61:f2:1f:ea:3b:2c:c3:
f8:1a:52:b9:68:ef:98:1e:25:8e:df:27:ea:df:a5:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BB:E0:C3:C1:20:C7:CD:A5:8F:65:C1:84:F4:AE:7C:54:F1:61:1F
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/g7vgw8Egx82lj2XBhPSufFTxYR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.37.0/24
89.34.100.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:0d:0b:43:a7:12:13:31:43:76:dd:2a:f6:80:bc:94:f7:c9:
ca:ed:59:27:ab:85:99:b8:23:77:27:c3:5e:45:92:f2:5e:c5:
0e:af:23:1c:9c:b4:4f:18:95:97:a5:f0:71:2e:7f:87:68:6e:
77:bb:aa:c5:90:a4:9e:3d:72:41:a7:2b:00:38:fb:12:de:a5:
a1:9e:33:1c:2b:4b:dd:1d:ce:dd:0f:b5:ae:ed:e2:97:f7:85:
e9:e0:f9:47:5f:3b:a6:e0:49:b8:96:ab:85:a4:07:2b:c4:9b:
80:11:25:d7:a3:62:ab:db:95:5c:30:34:6e:bc:30:34:48:9b:
d4:48:57:33:30:a6:78:08:04:17:ab:c7:c0:e6:d2:f5:f2:3f:
ed:df:26:df:c4:34:ee:79:1e:8a:5f:65:f5:13:98:0f:56:08:
9a:cf:4f:d1:13:d7:76:7f:2d:97:cc:ee:69:cb:1f:49:79:28:
32:95:cb:53:01:63:d8:51:fe:dd:7f:00:8e:d9:40:d6:ec:8e:
f3:26:86:25:c0:3c:0f:74:d7:d4:09:60:3b:d4:6d:c5:c0:a9:
b5:70:de:ae:e4:d4:7c:9a:ea:ec:4a:1c:0e:04:29:d3:fb:c6:
22:d7:3c:89:8f:3d:f0:dd:58:1a:5d:36:87:b0:3b:dc:3f:09:
7f:b4:d6:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYyjLmW4AS0b3fbJJsxfVhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMjA4MTk0MjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2JiZTBjM2MxMjBjN2NkYTU4ZjY1YzE4NGY0YWU3YzU0ZjE2MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUl802iNjR9XOcT2sgn/IHMmg7KT
gMflGh5T/QDvnXP6TTa0l3oMj/ntuHHpfNHOpn8elpSEgBFMzY3OPdIZYMuqJOjp
hxYRv860V+9rPlIScSQ5yPvmd4Yf0SMAQ09FsUFaCZzhGav8kV6YC0x2nnJBD0Vs
Adoa2d8GkXVUncd1coUbE/KHtpFbKHI2b1yarktx8CeTqs4qQm3h87rCscl4GHFW
peaRuyVA4abeFzJjXemZXH/Yadajjvak5Lzn9S/ZYj9a2zOGVBv0kEwdkm09qS49
ITFQ4+IaF9Az/1g9Hv1Dyyr2EmHyH+o7LMP4GlK5aO+YHiWO3yfq36Wl1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIO74MPBIMfNpY9lwYT0rnxU8WEfMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvZzd2Z3c4RWd4ODJsajJYQmhQU3VmRlR4WVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUMlAwQA
WSJkMA0GCSqGSIb3DQEBCwUAA4IBAQC/DQtDpxITMUN23Sr2gLyU98nK7Vknq4WZ
uCN3J8NeRZLyXsUOryMcnLRPGJWXpfBxLn+HaG53u6rFkKSePXJBpysAOPsS3qWh
njMcK0vdHc7dD7Wu7eKX94Xp4PlHXzum4Em4lquFpAcrxJuAESXXo2Kr25VcMDRu
vDA0SJvUSFczMKZ4CAQXq8fA5tL18j/t3ybfxDTueR6KX2X1E5gPVgiaz0/RE9d2
fy2XzO5pyx9JeSgylctTAWPYUf7dfwCO2UDW7I7zJoYlwDwPdNfUCWA71G3FwKm1
cN6u5NR8mursShwOBCnT+8Yi1zyJjz3w3VgaXTaHsDvcPwl/tNZ3
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:35 2024 by rpki-client on console-ams.rpki-client.org