Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/GOWt8xq96UkYXYVGKRafNekDRnQ.roa
File: GOWt8xq96UkYXYVGKRafNekDRnQ.roa (raw, json)
Hash identifier: 4jgjuoq6cq3dMUpCBXJnhFdvYNFEPP3AxeLjMhRG5Ro=
Subject key identifier: 18:E5:AD:F3:1A:BD:E9:49:18:5D:85:46:29:16:9F:35:E9:03:46:74
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187DB975FDDFA5C9CDE1D7C31A763273C89
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/GOWt8xq96UkYXYVGKRafNekDRnQ.roa
Signing time: Tue 02 May 2023 08:32:23 +0000
ROA not before: Tue 02 May 2023 08:32:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56309
IP address blocks: 203.159.92.0/22 maxlen: 22
141.98.16.0/22 maxlen: 24
45.154.24.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:97:5f:dd:fa:5c:9c:de:1d:7c:31:a7:63:27:3c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 2 08:32:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18e5adf31abde949185d854629169f35e9034674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b2:81:02:83:d4:3d:d7:be:72:74:d4:e6:e0:
1c:8c:96:87:5e:3f:b0:08:9e:ff:3b:33:73:f7:d5:
0a:b9:b9:17:f3:bf:3b:f5:58:c8:4d:dd:f0:10:dd:
e5:79:0c:71:92:77:fd:53:2f:a9:30:7f:bd:78:c7:
05:66:56:bb:15:86:1b:a3:f7:6b:84:58:85:da:b4:
e4:ae:a3:23:0a:e8:ac:0c:28:6a:ce:ba:ce:9b:af:
7f:b7:b8:a9:91:e1:1e:b9:94:24:b0:4e:c6:f8:5e:
70:b3:f2:3d:a4:71:4e:ff:67:0c:d0:f8:13:3b:fa:
bc:61:37:aa:14:eb:5a:86:65:6c:8f:dc:ff:76:21:
ed:44:1c:d9:b3:0e:9e:3e:94:0f:62:18:96:1b:14:
6a:11:d8:19:24:09:ce:14:49:8d:d7:85:a8:b9:db:
bd:f2:03:a0:80:3d:42:c5:5e:ed:21:40:cb:f1:d8:
7d:64:25:17:56:46:41:ff:41:1f:e3:78:e5:0d:4c:
1a:1f:2c:08:62:bb:35:3d:e4:6e:a3:27:c3:ce:a0:
8c:19:3f:03:78:fb:68:9a:15:86:c3:d5:e3:9c:96:
31:17:f9:ae:59:0c:a2:d1:6e:99:41:21:ae:5f:fe:
7d:cd:43:56:47:c1:96:d4:0c:bc:7d:70:06:65:1c:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E5:AD:F3:1A:BD:E9:49:18:5D:85:46:29:16:9F:35:E9:03:46:74
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/GOWt8xq96UkYXYVGKRafNekDRnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.24.0/22
141.98.16.0/22
203.159.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:7f:75:5e:1d:c4:8f:84:1e:f6:7a:07:e2:16:c2:eb:c9:9f:
80:0a:83:b2:61:71:1a:7a:59:b7:08:cd:4b:e7:7d:dc:e3:78:
ce:a2:fa:74:d8:ce:d2:66:f8:56:a9:5e:d4:aa:3e:2c:5e:44:
05:6c:62:ee:7b:ee:e2:e7:62:8e:34:52:7a:5c:03:e3:b8:06:
ba:f4:4b:14:21:fa:3a:39:f8:53:e4:4f:8b:d8:b1:30:a5:15:
32:6f:93:90:db:34:f7:f9:86:34:8b:92:81:68:4c:de:7d:52:
9c:2b:97:f8:27:ce:3d:83:5e:73:65:61:76:78:09:75:36:4f:
4e:41:76:66:23:94:a5:6a:a3:58:d1:09:34:b2:0a:78:2e:10:
41:d0:84:9a:59:06:86:9e:c4:4c:44:31:f2:76:96:00:5e:59:
bc:5a:de:c5:fe:f6:dd:d4:87:41:76:0c:fe:3f:d9:16:7d:60:
b5:4c:39:a2:e2:a0:ef:00:dc:db:f6:cb:c9:55:bc:67:1f:47:
99:f9:f6:d9:a9:e8:59:f1:40:f5:6c:58:8a:1d:f7:6e:29:d1:
24:12:d7:76:90:71:8a:83:e9:8b:3e:0c:32:18:4a:7e:e1:bb:
87:c0:ef:1d:fa:44:8a:93:48:b8:de:0f:55:3d:e0:62:7b:6b:
e8:32:89:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfbl1/d+lyc3h18MadjJzyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTAyMDgzMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGU1YWRmMzFhYmRlOTQ5MTg1ZDg1NDYyOTE2OWYzNWU5MDM0Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLKBAoPUPde+cnTU5uAcjJaHXj+w
CJ7/OzNz99UKubkX87879VjITd3wEN3leQxxknf9Uy+pMH+9eMcFZla7FYYbo/dr
hFiF2rTkrqMjCuisDChqzrrOm69/t7ipkeEeuZQksE7G+F5ws/I9pHFO/2cM0PgT
O/q8YTeqFOtahmVsj9z/diHtRBzZsw6ePpQPYhiWGxRqEdgZJAnOFEmN14Woudu9
8gOggD1CxV7tIUDL8dh9ZCUXVkZB/0Ef43jlDUwaHywIYrs1PeRuoyfDzqCMGT8D
ePtomhWGw9XjnJYxF/muWQyi0W6ZQSGuX/59zUNWR8GW1Ay8fXAGZRy7zwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBjlrfMavelJGF2FRikWnzXpA0Z0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvR09XdDh4cTk2VWtZWFlWR0tSYWZOZWtEUm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZoYAwQC
jWIQAwQCy59cMA0GCSqGSIb3DQEBCwUAA4IBAQALf3VeHcSPhB72egfiFsLryZ+A
CoOyYXEaelm3CM1L533c43jOovp02M7SZvhWqV7Uqj4sXkQFbGLue+7i52KONFJ6
XAPjuAa69EsUIfo6OfhT5E+L2LEwpRUyb5OQ2zT3+YY0i5KBaEzefVKcK5f4J849
g15zZWF2eAl1Nk9OQXZmI5SlaqNY0Qk0sgp4LhBB0ISaWQaGnsRMRDHydpYAXlm8
Wt7F/vbd1IdBdgz+P9kWfWC1TDmi4qDvANzb9svJVbxnH0eZ+fbZqehZ8UD1bFiK
HfduKdEkEtd2kHGKg+mLPgwyGEp+4buHwO8d+kSKk0i43g9VPeBie2voMonS
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org