Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/gYxv1QqMp6LSoO7knlbqW0L813o.roa
File: gYxv1QqMp6LSoO7knlbqW0L813o.roa (raw, json)
Hash identifier: wyxwBYMzlBt7rnqasrNno1jo7ZJzNbrmlBNVEPsMyoQ=
Subject key identifier: 81:8C:6F:D5:0A:8C:A7:A2:D2:A0:EE:E4:9E:56:EA:5B:42:FC:D7:7A
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 018A64C0709C7403C84401C144A2FE626508
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/gYxv1QqMp6LSoO7knlbqW0L813o.roa
Signing time: Tue 05 Sep 2023 09:50:47 +0000
ROA not before: Tue 05 Sep 2023 09:50:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 185.249.55.0/24 maxlen: 24
5.172.176.0/24 maxlen: 24
89.107.8.0/24 maxlen: 24
195.225.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 06:39:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:c0:70:9c:74:03:c8:44:01:c1:44:a2:fe:62:65:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Sep 5 09:50:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=818c6fd50a8ca7a2d2a0eee49e56ea5b42fcd77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2f:2a:9d:25:bb:bd:48:90:1c:c1:3e:b0:8a:
5b:9e:e2:d3:ff:24:00:f3:51:b9:52:d8:33:92:42:
d3:9b:47:70:79:da:47:de:12:17:fc:c5:8e:6c:cb:
62:bd:76:80:aa:10:0a:3b:54:4f:b5:df:d4:58:f2:
8a:bf:e6:48:85:e5:3d:b8:bb:b8:2b:18:e1:b8:94:
7c:e2:36:b3:97:09:8a:1f:0b:39:f5:fc:df:75:02:
71:4c:de:32:43:1b:10:40:23:8c:ef:63:b9:1a:00:
d3:ab:c5:92:11:b5:6b:67:fb:f5:0c:88:76:6b:a1:
bd:dd:f2:10:d7:a4:08:0e:e2:bc:3b:c8:ac:3a:b0:
a1:43:6c:52:94:24:a0:87:4b:37:ff:cb:72:85:f1:
ab:5a:8e:4c:82:d9:4d:8e:57:fd:15:a0:b6:5c:03:
cf:0b:59:7a:3d:96:9f:ee:a3:f2:a7:bb:a6:f7:e8:
36:12:79:3f:89:d9:82:60:4b:6d:2d:46:db:e6:1b:
73:f0:a6:d7:91:93:c4:42:7c:66:2e:47:c4:b1:6e:
f7:a2:67:ff:55:fd:f5:69:47:3e:5c:03:91:e1:ca:
0a:bb:3e:8e:44:2a:a1:ad:ac:60:c1:21:b1:e5:3d:
de:44:ed:49:30:e2:81:6e:ff:3d:a0:a6:a9:20:4a:
55:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8C:6F:D5:0A:8C:A7:A2:D2:A0:EE:E4:9E:56:EA:5B:42:FC:D7:7A
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/gYxv1QqMp6LSoO7knlbqW0L813o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.176.0/24
89.107.8.0/24
185.249.55.0/24
195.225.97.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:1d:de:cb:ad:20:8c:16:87:90:af:28:a4:cc:e8:79:47:20:
2f:61:54:fb:59:f8:33:e8:05:e9:cf:2c:ae:0c:b7:5e:e6:8a:
0c:47:77:f9:22:be:28:8f:3c:85:ab:29:b6:55:a3:65:46:d5:
bd:01:1a:a4:8b:5e:c2:3b:49:2f:57:9c:6a:81:3e:ce:30:8a:
37:28:06:8e:b4:2e:3d:d9:d6:a5:97:fe:b1:4d:98:72:33:0e:
0e:27:db:f7:d4:dd:2a:c6:bd:eb:3d:98:e0:87:f2:81:13:f4:
db:8c:86:6b:34:c9:e8:8b:d9:9c:f1:a9:df:db:d8:9b:a3:2d:
2a:74:4d:0d:5f:69:7a:5b:9b:5c:08:b1:2c:1d:32:e9:0c:f8:
90:e6:c1:42:4f:f0:7b:e1:1d:44:e3:b6:96:e3:66:17:20:d4:
0a:70:a1:4d:08:be:d5:7a:52:09:54:e7:0a:07:b9:1a:54:a7:
d2:7e:be:7f:87:43:54:d7:a8:2f:10:b7:6c:b1:f0:cd:29:96:
43:15:52:54:67:3a:14:8d:ce:bd:f6:bb:6b:d5:38:65:84:47:
16:fc:6f:04:af:39:ba:3e:0d:12:59:91:fc:cf:32:9b:e5:46:
00:67:42:f4:53:71:6a:de:b7:13:46:d9:75:82:3f:2c:07:e1:
2e:25:57:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpkwHCcdAPIRAHBRKL+YmUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjMwOTA1MDk1MDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MThjNmZkNTBhOGNhN2EyZDJhMGVlZTQ5ZTU2ZWE1YjQyZmNkNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy8qnSW7vUiQHME+sIpbnuLT/yQA
81G5UtgzkkLTm0dwedpH3hIX/MWObMtivXaAqhAKO1RPtd/UWPKKv+ZIheU9uLu4
KxjhuJR84jazlwmKHws59fzfdQJxTN4yQxsQQCOM72O5GgDTq8WSEbVrZ/v1DIh2
a6G93fIQ16QIDuK8O8isOrChQ2xSlCSgh0s3/8tyhfGrWo5MgtlNjlf9FaC2XAPP
C1l6PZaf7qPyp7um9+g2Enk/idmCYEttLUbb5htz8KbXkZPEQnxmLkfEsW73omf/
Vf31aUc+XAOR4coKuz6ORCqhraxgwSGx5T3eRO1JMOKBbv89oKapIEpVSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIGMb9UKjKei0qDu5J5W6ltC/Nd6MB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvZ1l4djFRcU1wNkxTb083a25sYnFXMEw4MTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABaywAwQA
WWsIAwQAufk3AwQAw+FhMA0GCSqGSIb3DQEBCwUAA4IBAQA9Hd7LrSCMFoeQryik
zOh5RyAvYVT7Wfgz6AXpzyyuDLde5ooMR3f5Ir4ojzyFqym2VaNlRtW9ARqki17C
O0kvV5xqgT7OMIo3KAaOtC492dall/6xTZhyMw4OJ9v31N0qxr3rPZjgh/KBE/Tb
jIZrNMnoi9mc8anf29iboy0qdE0NX2l6W5tcCLEsHTLpDPiQ5sFCT/B74R1E47aW
42YXINQKcKFNCL7VelIJVOcKB7kaVKfSfr5/h0NU16gvELdssfDNKZZDFVJUZzoU
jc699rtr1ThlhEcW/G8Erzm6Pg0SWZH8zzKb5UYAZ0L0U3Fq3rcTRtl1gj8sB+Eu
JVdY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:49 2024 by rpki-client on console-ams.rpki-client.org