Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/gSO04MDYbnFXI0dpunX8fVYAwU8.roa
File: gSO04MDYbnFXI0dpunX8fVYAwU8.roa (raw, json)
Hash identifier: 42a7f7AcOITOPk6s4Zqhdnj88GXoAaB6OlXboo5nrr4=
Subject key identifier: 81:23:B4:E0:C0:D8:6E:71:57:23:47:69:BA:75:FC:7D:56:00:C1:4F
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 01856C4A7828CFCE4141A80B5239624F35C1
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/gSO04MDYbnFXI0dpunX8fVYAwU8.roa
Signing time: Sun 01 Jan 2023 07:44:57 +0000
ROA not before: Sun 01 Jan 2023 07:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35950
IP address blocks: 153.112.217.0/24 maxlen: 24
153.112.216.0/23 maxlen: 23
153.112.216.0/24 maxlen: 24
153.112.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:78:28:cf:ce:41:41:a8:0b:52:39:62:4f:35:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 07:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8123b4e0c0d86e7157234769ba75fc7d5600c14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:31:1c:01:3f:d0:4e:0b:ef:c8:77:f6:43:58:
ba:b0:d8:4b:8b:b4:7d:7e:57:bc:bf:64:1d:92:4f:
53:a2:ad:36:38:22:98:93:9a:78:7e:96:32:c3:58:
0e:3f:b6:f8:d8:18:0e:03:95:8a:35:6b:b0:63:52:
33:77:98:38:39:ff:0d:2f:81:0d:b8:9b:71:49:7a:
75:b7:7f:8e:6b:ca:a7:fc:9b:89:cc:49:f2:51:dd:
77:e8:11:24:c3:d2:f2:c9:83:55:1b:dc:49:fc:ee:
b8:1c:b8:fa:7a:9b:a2:d7:d6:57:2f:0f:4b:df:d5:
62:74:b5:fe:2c:0d:29:4d:a5:0d:3b:44:77:ad:af:
1e:46:45:1c:d9:48:ba:65:f5:43:9e:ba:4b:10:82:
5c:28:a8:b3:40:3c:92:c3:c1:4c:ef:9c:75:ba:ab:
0e:5e:3d:07:40:91:3b:a0:96:98:0d:12:ec:3b:66:
f3:00:22:f9:42:9b:3b:c9:e6:8b:98:f5:da:86:e1:
50:31:6b:19:b7:85:73:75:29:1a:be:78:a4:12:01:
21:1a:36:40:87:fa:6b:7e:36:ae:00:77:c8:c9:65:
31:1a:d5:b8:be:d7:49:8a:d7:ef:82:e9:84:6b:68:
6f:29:f9:1a:53:d4:66:1d:8f:4a:73:11:57:c3:39:
4e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:23:B4:E0:C0:D8:6E:71:57:23:47:69:BA:75:FC:7D:56:00:C1:4F
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/gSO04MDYbnFXI0dpunX8fVYAwU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.216.0/23
153.112.223.0/24
Signature Algorithm: sha256WithRSAEncryption
22:20:a2:69:ce:ae:eb:de:a5:e3:ed:04:d5:77:92:3d:b2:e9:
5b:87:ad:d7:39:cb:ea:45:52:9b:cc:43:65:b4:c1:e0:04:93:
8f:eb:41:d4:d5:62:90:0d:13:87:52:37:b5:76:41:9d:cd:16:
68:01:68:92:0f:5c:b5:da:7e:da:e1:70:52:be:71:7a:08:3b:
c0:f3:87:e6:47:9c:64:f2:bf:62:ea:ef:5b:79:71:16:7b:78:
5f:0a:88:cd:40:78:f8:c6:31:93:01:85:cf:fb:bc:95:ff:98:
f2:8b:7a:86:ef:ae:2e:7f:8d:a5:b8:1d:9a:ab:c9:76:30:12:
b0:d0:09:e3:f2:d9:fa:b1:e0:b8:98:66:87:ed:92:53:de:5c:
f3:d3:40:ca:66:d5:fe:d5:bb:74:bd:61:3e:13:cd:43:1c:e5:
31:21:e2:a6:2a:d5:31:f6:b8:48:26:58:30:9f:73:4a:fa:b8:
0a:a6:4d:f2:35:27:ac:b6:28:08:b4:80:80:8d:4e:57:ad:bb:
19:13:4f:cb:c2:9c:30:93:f5:e6:56:bf:5e:82:2f:75:8f:95:
40:fc:89:03:fc:7b:38:0e:0a:00:b1:e0:40:8f:49:63:72:a2:
b8:a3:4f:2a:5e:db:cb:29:22:90:25:74:c5:ab:32:88:52:0d:
70:87:9c:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsSngoz85BQagLUjliTzXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjMwMTAxMDc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTIzYjRlMGMwZDg2ZTcxNTcyMzQ3NjliYTc1ZmM3ZDU2MDBjMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjEcAT/QTgvvyHf2Q1i6sNhLi7R9
fle8v2Qdkk9Toq02OCKYk5p4fpYyw1gOP7b42BgOA5WKNWuwY1Izd5g4Of8NL4EN
uJtxSXp1t3+Oa8qn/JuJzEnyUd136BEkw9LyyYNVG9xJ/O64HLj6epui19ZXLw9L
39VidLX+LA0pTaUNO0R3ra8eRkUc2Ui6ZfVDnrpLEIJcKKizQDySw8FM75x1uqsO
Xj0HQJE7oJaYDRLsO2bzACL5Qps7yeaLmPXahuFQMWsZt4VzdSkavnikEgEhGjZA
h/prfjauAHfIyWUxGtW4vtdJitfvgumEa2hvKfkaU9RmHY9KcxFXwzlO3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIEjtODA2G5xVyNHabp1/H1WAMFPMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvZ1NPMDRNRFlibkZYSTBkcHVuWDhmVllBd1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmXDYAwQA
mXDfMA0GCSqGSIb3DQEBCwUAA4IBAQAiIKJpzq7r3qXj7QTVd5I9sulbh63XOcvq
RVKbzENltMHgBJOP60HU1WKQDROHUje1dkGdzRZoAWiSD1y12n7a4XBSvnF6CDvA
84fmR5xk8r9i6u9beXEWe3hfCojNQHj4xjGTAYXP+7yV/5jyi3qG764uf42luB2a
q8l2MBKw0Anj8tn6seC4mGaH7ZJT3lzz00DKZtX+1bt0vWE+E81DHOUxIeKmKtUx
9rhIJlgwn3NK+rgKpk3yNSestigItICAjU5XrbsZE0/Lwpwwk/XmVr9egi91j5VA
/IkD/Hs4DgoAseBAj0ljcqK4o08qXtvLKSKQJXTFqzKIUg1wh5xQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:17 2024 by rpki-client on console-ams.rpki-client.org