Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/GX_57mLTvYoF1GPB5LXe3v9DcNk.roa
File: GX_57mLTvYoF1GPB5LXe3v9DcNk.roa (raw, json)
Hash identifier: LcpuxXw+cb+0eAU8r/GFzK6+4YDaBQMqOlWO8ASshxk=
Subject key identifier: 19:7F:F9:EE:62:D3:BD:8A:05:D4:63:C1:E4:B5:DE:DE:FF:43:70:D9
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018BFD1F32634DCC8DF00358875919B7E49E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/GX_57mLTvYoF1GPB5LXe3v9DcNk.roa
Signing time: Thu 23 Nov 2023 16:59:22 +0000
ROA not before: Thu 23 Nov 2023 16:59:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56630
IP address blocks: 185.232.168.0/24 maxlen: 24
45.132.255.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Nov 2023 16:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:1f:32:63:4d:cc:8d:f0:03:58:87:59:19:b7:e4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 23 16:59:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=197ff9ee62d3bd8a05d463c1e4b5dedeff4370d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e9:68:94:d6:99:5f:f0:42:32:ed:5a:d7:d8:
ff:45:41:ea:ce:e2:2a:01:4d:ac:15:77:44:bb:71:
da:10:67:a0:49:c0:26:c5:85:0a:78:ea:c9:fd:7d:
04:5a:e8:fb:39:8c:fd:dc:58:72:1a:a9:d6:f7:42:
b0:c7:7d:1e:7f:b2:fb:77:e8:59:cd:92:e6:e5:8c:
2e:9e:3b:ce:cd:d1:45:c2:ac:4f:8d:82:8f:19:d0:
f2:36:6b:c4:d1:58:0d:71:cb:72:5e:ab:59:a4:8b:
3b:39:60:f0:08:f9:0c:ac:a7:02:2e:a2:45:c9:a1:
45:07:7c:0b:9c:b4:e1:d6:c8:4f:0d:54:62:d3:aa:
8f:f8:60:39:9a:67:e2:74:08:3b:35:12:2e:ef:cc:
d8:11:9c:56:2e:67:7f:4a:49:52:fd:d2:ad:34:48:
2c:41:bb:10:6a:d4:cc:41:45:7f:4f:e6:e4:c2:fc:
c0:6f:44:86:4c:18:4f:65:92:40:b3:42:0a:d9:ea:
d9:66:7e:78:90:eb:95:3c:69:c9:1d:fa:e6:f5:21:
d5:55:d2:cf:11:13:4f:c9:56:95:c8:7c:e8:2f:55:
68:30:ed:fc:b1:eb:d2:11:7f:bf:a8:ec:46:cd:fe:
ea:49:52:d3:b6:51:08:f0:f4:6c:30:d9:a7:16:a1:
1b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7F:F9:EE:62:D3:BD:8A:05:D4:63:C1:E4:B5:DE:DE:FF:43:70:D9
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/GX_57mLTvYoF1GPB5LXe3v9DcNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.255.0/24
185.40.5.0/24
185.117.117.0/24
185.232.168.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c0:0c:be:fc:57:97:9f:87:61:9f:4a:e2:2e:59:08:fc:02:
7a:99:05:c6:ae:aa:7f:0c:44:84:ac:6e:c3:20:e4:6d:e5:4c:
10:c6:80:be:cf:90:64:32:dc:47:94:00:a4:76:06:45:45:9f:
f6:3a:a3:5a:72:ce:6e:90:53:80:c0:75:71:ec:a6:c1:46:65:
c9:56:05:d9:49:89:c2:a4:dd:b1:9c:b4:c5:39:c6:bb:9d:f5:
0e:c4:ff:c0:b4:c7:c2:6f:df:1f:9f:c6:a7:16:14:6d:1e:28:
80:88:e0:d1:cb:f3:43:0c:40:5d:b0:7e:fb:cd:cf:13:74:16:
a0:1f:59:46:4c:48:07:cd:b3:95:cf:21:92:ce:f5:cb:80:3c:
2c:6c:e3:f7:e1:49:3e:44:c3:b7:f6:ea:7d:3b:f2:13:a8:19:
89:d2:75:c7:a4:ef:48:5e:19:1a:7f:90:8c:60:e8:4c:4b:50:
37:61:6d:1c:44:91:9b:1f:1a:a9:01:15:f2:08:5e:8b:ca:18:
8a:c5:0b:60:16:36:8c:e1:36:9b:39:4b:88:a9:e2:ca:07:96:
5b:51:f6:bd:4a:6c:b9:a2:e4:93:3e:fa:7a:19:d1:84:4b:6d:
04:02:0a:3c:f7:dc:20:d4:44:76:a6:3e:95:7d:20:d5:85:f7:
85:82:41:7c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYv9HzJjTcyN8ANYh1kZt+SeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTIzMTY1OTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTdmZjllZTYyZDNiZDhhMDVkNDYzYzFlNGI1ZGVkZWZmNDM3MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOlolNaZX/BCMu1a19j/RUHqzuIq
AU2sFXdEu3HaEGegScAmxYUKeOrJ/X0EWuj7OYz93FhyGqnW90Kwx30ef7L7d+hZ
zZLm5YwunjvOzdFFwqxPjYKPGdDyNmvE0VgNcctyXqtZpIs7OWDwCPkMrKcCLqJF
yaFFB3wLnLTh1shPDVRi06qP+GA5mmfidAg7NRIu78zYEZxWLmd/SklS/dKtNEgs
QbsQatTMQUV/T+bkwvzAb0SGTBhPZZJAs0IK2erZZn54kOuVPGnJHfrm9SHVVdLP
ERNPyVaVyHzoL1VoMO38sevSEX+/qOxGzf7qSVLTtlEI8PRsMNmnFqEbjQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBl/+e5i072KBdRjweS13t7/Q3DZMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvR1hfNTdtTFR2WW9GMUdQQjVMWGUzdjlEY05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYT/AwQA
uSgFAwQAuXV1AwQAueioAwQAwjU3MA0GCSqGSIb3DQEBCwUAA4IBAQCAwAy+/FeX
n4dhn0riLlkI/AJ6mQXGrqp/DESErG7DIORt5UwQxoC+z5BkMtxHlACkdgZFRZ/2
OqNacs5ukFOAwHVx7KbBRmXJVgXZSYnCpN2xnLTFOca7nfUOxP/AtMfCb98fn8an
FhRtHiiAiODRy/NDDEBdsH77zc8TdBagH1lGTEgHzbOVzyGSzvXLgDwsbOP34Uk+
RMO39up9O/ITqBmJ0nXHpO9IXhkaf5CMYOhMS1A3YW0cRJGbHxqpARXyCF6LyhiK
xQtgFjaM4TabOUuIqeLKB5ZbUfa9Smy5ouSTPvp6GdGES20EAgo899wg1ER2pj6V
fSDVhfeFgkF8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:09 2024 by rpki-client on console-ams.rpki-client.org