Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/GEUWxHvkau-HwfW6acsFE4AQncg.roa
File: GEUWxHvkau-HwfW6acsFE4AQncg.roa (raw, json)
Hash identifier: vx+USsLfMrzYC3y1DaFAWujFmeBziCemG3FHqCyJYDo=
Subject key identifier: 18:45:16:C4:7B:E4:6A:EF:87:C1:F5:BA:69:CB:05:13:80:10:9D:C8
Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial: 018B28254FFF3419F3C2CBB04F09DC063DB6
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/GEUWxHvkau-HwfW6acsFE4AQncg.roa
Signing time: Fri 13 Oct 2023 08:26:55 +0000
ROA not before: Fri 13 Oct 2023 08:26:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39767
IP address blocks: 78.158.72.0/21 maxlen: 21
78.158.80.0/20 maxlen: 21
185.90.140.0/22 maxlen: 22
194.104.123.0/24 maxlen: 24
194.88.12.0/23 maxlen: 23
2a05:e200::/29 maxlen: 30
Validation: Failed, certificate revoked on Fri 13 Oct 2023 09:52:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:25:4f:ff:34:19:f3:c2:cb:b0:4f:09:dc:06:3d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Validity
Not Before: Oct 13 08:26:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=184516c47be46aef87c1f5ba69cb051380109dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:15:bb:a7:b7:00:77:33:5d:f4:7e:90:40:08:
e3:de:23:f2:61:b6:3e:a0:00:8f:35:43:35:c7:97:
33:3e:b3:e2:3b:d8:ca:c2:50:28:de:fc:4d:37:9c:
7c:dc:b2:93:d3:39:30:be:45:69:da:59:7b:89:02:
95:f2:73:f2:2b:f0:fa:84:1f:9f:36:db:c7:39:7c:
0b:aa:ee:85:88:2a:e1:a9:06:16:56:6d:0f:ce:2c:
af:6d:9e:6b:60:9b:c8:a3:4b:6c:60:2d:c8:07:ce:
ba:b0:4b:9c:a7:bf:c3:a2:36:32:bf:12:de:54:28:
86:b4:53:03:27:ae:8a:ab:84:df:a1:68:c9:3b:f4:
ca:cf:b9:c8:f1:d7:64:da:4e:e8:0a:85:7a:2b:78:
0c:55:4e:6d:80:4e:cf:b4:b7:18:a0:9d:97:30:6a:
69:c5:82:ec:7b:d5:a0:d8:59:fa:7a:ee:08:72:d3:
5c:cc:d0:24:41:82:79:9d:41:f3:5e:91:7b:c4:81:
ef:41:32:6e:8d:36:04:d3:cd:0c:6a:82:45:f0:77:
c7:d7:2f:2c:3d:59:d0:2e:75:53:78:c7:05:6f:fa:
b4:cd:be:7f:a8:2e:e0:ee:75:0b:ad:9b:cb:fa:aa:
15:f6:36:e2:1d:b8:63:bd:11:5b:61:96:66:55:fa:
1a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:45:16:C4:7B:E4:6A:EF:87:C1:F5:BA:69:CB:05:13:80:10:9D:C8
X509v3 Authority Key Identifier:
keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/GEUWxHvkau-HwfW6acsFE4AQncg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.72.0-78.158.95.255
185.90.140.0/22
194.88.12.0/23
194.104.123.0/24
IPv6:
2a05:e200::/29
Signature Algorithm: sha256WithRSAEncryption
8e:cc:f5:d9:1c:ff:75:9a:6c:ec:16:ee:f5:c7:e4:1e:26:a5:
2a:a9:71:52:23:81:eb:e6:2c:65:d6:64:25:fd:2e:cc:2c:37:
19:5e:9a:7c:fa:f1:fa:27:2c:f8:4d:9e:b5:f8:55:77:d6:8d:
a3:dd:02:af:0e:38:6f:42:ac:42:a9:8d:bd:67:ca:fd:ce:a6:
36:1d:14:e8:54:89:99:5c:0d:51:82:ca:a6:4c:dd:5d:0e:d1:
1f:bb:fc:21:f6:27:89:c0:05:74:65:1e:94:cf:c9:e4:a7:b8:
80:8b:93:3b:e5:08:47:55:e2:bd:dc:d5:16:d9:04:f8:ac:96:
92:61:aa:6a:a2:af:8a:80:6d:e8:5d:76:ab:79:32:26:19:e4:
67:c1:15:ac:1b:9f:c8:4b:40:87:5b:1b:8a:71:62:ed:81:69:
71:3b:74:92:62:f7:bf:d0:4d:ac:2c:89:2f:8e:42:e2:33:5d:
62:5d:18:77:17:6a:ba:d9:38:1f:40:da:f4:6b:4d:b8:57:fd:
1e:e5:51:68:6a:48:b9:49:86:64:81:cf:b0:71:34:58:e7:f9:
46:09:5f:d1:3d:bd:19:94:74:58:07:a1:16:7f:cd:88:66:55:
21:a1:7e:cb:44:f3:eb:78:3f:a7:d3:6d:89:53:b7:f0:c2:39:
cd:46:4c:3d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYsoJU//NBnzwsuwTwncBj22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjMxMDEzMDgyNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQ1MTZjNDdiZTQ2YWVmODdjMWY1YmE2OWNiMDUxMzgwMTA5ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhW7p7cAdzNd9H6QQAjj3iPyYbY+
oACPNUM1x5czPrPiO9jKwlAo3vxNN5x83LKT0zkwvkVp2ll7iQKV8nPyK/D6hB+f
NtvHOXwLqu6FiCrhqQYWVm0PziyvbZ5rYJvIo0tsYC3IB866sEucp7/DojYyvxLe
VCiGtFMDJ66Kq4TfoWjJO/TKz7nI8ddk2k7oCoV6K3gMVU5tgE7PtLcYoJ2XMGpp
xYLse9Wg2Fn6eu4IctNczNAkQYJ5nUHzXpF7xIHvQTJujTYE080MaoJF8HfH1y8s
PVnQLnVTeMcFb/q0zb5/qC7g7nULrZvL+qoV9jbiHbhjvRFbYZZmVfoaewIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBhFFsR75Grvh8H1umnLBROAEJ3IMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvR0VVV3hIdmthdS1Id2ZXNmFjc0ZFNEFRbmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBANOnkgD
BAVOnkADBAK5WowDBAHCWAwDBADCaHswDQQCAAIwBwMFAyoF4gAwDQYJKoZIhvcN
AQELBQADggEBAI7M9dkc/3WabOwW7vXH5B4mpSqpcVIjgevmLGXWZCX9LswsNxle
mnz68fonLPhNnrX4VXfWjaPdAq8OOG9CrEKpjb1nyv3OpjYdFOhUiZlcDVGCyqZM
3V0O0R+7/CH2J4nABXRlHpTPyeSnuICLkzvlCEdV4r3c1RbZBPislpJhqmqir4qA
behddqt5MiYZ5GfBFawbn8hLQIdbG4pxYu2BaXE7dJJi97/QTawsiS+OQuIzXWJd
GHcXarrZOB9A2vRrTbhX/R7lUWhqSLlJhmSBz7BxNFjn+UYJX9E9vRmUdFgHoRZ/
zYhmVSGhfstE8+t4P6fTbYlTt/DCOc1GTD0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:33 2024 by rpki-client on console-ams.rpki-client.org