Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/gnMsfZToWEY8Hoz0-UK7xCT0z0U.roa
File: gnMsfZToWEY8Hoz0-UK7xCT0z0U.roa (raw, json)
Hash identifier: g2UN4hzBwETjs2kc18IzspAzGY04iWgNfYvjbbt3Prk=
Subject key identifier: 82:73:2C:7D:94:E8:58:46:3C:1E:8C:F4:F9:42:BB:C4:24:F4:CF:45
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 01856C4A3BBA3E2822997DBA1256B4EEE642
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/gnMsfZToWEY8Hoz0-UK7xCT0z0U.roa
Signing time: Sun 01 Jan 2023 07:44:42 +0000
ROA not before: Sun 01 Jan 2023 07:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.129.18.0/24 maxlen: 24
185.129.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:3b:ba:3e:28:22:99:7d:ba:12:56:b4:ee:e6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 07:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82732c7d94e858463c1e8cf4f942bbc424f4cf45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ad:0e:47:ff:a1:61:72:ef:ad:cd:59:7d:f3:
b0:e3:6a:d8:93:94:7f:71:8d:9e:eb:dc:1e:c8:c9:
c8:b8:69:6a:39:18:84:4f:ce:6d:d6:d5:2f:89:bf:
a5:33:8d:ae:42:01:d8:6f:27:b0:c4:a7:f1:5c:31:
39:63:8d:a9:01:c6:c1:1e:82:f3:04:89:49:82:38:
68:0c:43:a9:a8:f6:04:3f:da:df:e5:54:d7:63:7d:
a4:23:06:bd:97:04:92:ee:18:bd:60:ee:db:98:64:
62:04:29:fe:aa:6b:9f:0f:9a:d8:dd:22:43:d6:de:
47:6f:a6:81:f4:79:26:86:4a:fb:59:dd:d5:c0:14:
52:34:8e:5b:39:f8:51:c5:3f:ea:2f:54:be:ea:13:
be:88:34:eb:6b:60:1b:21:14:4b:dd:35:7b:df:f8:
18:fd:17:2c:c8:c3:14:aa:d4:af:a1:1e:dd:92:b6:
97:92:aa:0a:54:42:c1:d2:a7:08:ce:5b:0f:7f:cc:
20:9c:fc:0f:6f:2d:c3:47:b9:f0:7a:ce:e4:db:9d:
5f:a1:90:f0:9c:23:d5:c4:6a:34:af:20:69:02:16:
ac:c9:c1:79:16:08:38:cc:22:d6:3e:18:57:33:0f:
71:b3:83:5b:31:18:a7:3a:2e:6b:2f:07:72:05:f1:
a2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:73:2C:7D:94:E8:58:46:3C:1E:8C:F4:F9:42:BB:C4:24:F4:CF:45
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/gnMsfZToWEY8Hoz0-UK7xCT0z0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.18.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:44:25:1c:5b:fa:1d:2b:0c:d0:17:a0:5f:e8:d5:1c:95:40:
16:cb:1a:62:b1:4b:07:72:dd:5b:1d:10:5c:29:4d:4c:e9:ca:
55:c3:89:3e:27:44:81:99:68:d2:d6:8d:81:2a:03:67:83:cf:
6b:90:d7:8d:80:8a:cc:f9:5b:32:57:7b:d0:4e:a0:ac:55:1a:
05:1b:78:ec:ee:03:78:f2:91:7c:f7:59:ae:7e:7e:f6:08:93:
ab:09:bf:96:53:71:80:f3:b3:59:37:db:01:67:79:c5:08:5b:
a7:66:e9:2a:70:05:c7:db:cf:4d:ff:a6:ee:c1:2d:ef:28:6b:
dc:4b:33:7b:fd:5c:01:80:68:5f:5f:29:69:2e:cf:cd:a1:a2:
a9:c2:2c:7f:29:c9:ca:72:36:b7:f0:97:d6:28:a8:b4:b6:70:
b4:c7:73:fa:95:22:31:07:09:97:96:73:2a:83:88:dd:7c:39:
dd:44:8a:0d:69:aa:f3:40:78:70:1c:a1:d0:e5:14:61:1c:cf:
bb:c3:26:65:33:70:70:b1:74:15:1b:74:a2:eb:da:fd:cb:20:
45:d5:cb:eb:1d:77:63:2f:b8:7b:40:be:9c:57:e0:33:26:2e:
ff:94:13:00:f1:16:1d:e1:04:23:41:d8:b7:af:69:6c:45:7a:
b9:97:5d:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSju6PigimX26Ela07uZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjMwMTAxMDc0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjczMmM3ZDk0ZTg1ODQ2M2MxZThjZjRmOTQyYmJjNDI0ZjRjZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA260OR/+hYXLvrc1ZffOw42rYk5R/
cY2e69weyMnIuGlqORiET85t1tUvib+lM42uQgHYbyewxKfxXDE5Y42pAcbBHoLz
BIlJgjhoDEOpqPYEP9rf5VTXY32kIwa9lwSS7hi9YO7bmGRiBCn+qmufD5rY3SJD
1t5Hb6aB9Hkmhkr7Wd3VwBRSNI5bOfhRxT/qL1S+6hO+iDTra2AbIRRL3TV73/gY
/RcsyMMUqtSvoR7dkraXkqoKVELB0qcIzlsPf8wgnPwPby3DR7nwes7k251foZDw
nCPVxGo0ryBpAhasycF5Fgg4zCLWPhhXMw9xs4NbMRinOi5rLwdyBfGiDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJzLH2U6FhGPB6M9PlCu8Qk9M9FMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvZ25Nc2ZaVG9XRVk4SG96MC1VSzd4Q1QwejBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYESMA0G
CSqGSIb3DQEBCwUAA4IBAQCdRCUcW/odKwzQF6Bf6NUclUAWyxpisUsHct1bHRBc
KU1M6cpVw4k+J0SBmWjS1o2BKgNng89rkNeNgIrM+VsyV3vQTqCsVRoFG3js7gN4
8pF891mufn72CJOrCb+WU3GA87NZN9sBZ3nFCFunZukqcAXH289N/6buwS3vKGvc
SzN7/VwBgGhfXylpLs/NoaKpwix/KcnKcja38JfWKKi0tnC0x3P6lSIxBwmXlnMq
g4jdfDndRIoNaarzQHhwHKHQ5RRhHM+7wyZlM3BwsXQVG3Si69r9yyBF1cvrHXdj
L7h7QL6cV+AzJi7/lBMA8RYd4QQjQdi3r2lsRXq5l12y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org