Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gMHV8cfWtfgbx38C1AnjDuw3dik.roa
File: gMHV8cfWtfgbx38C1AnjDuw3dik.roa (raw, json)
Hash identifier: /LecN+O6UciJFlrOw/4m/KdwJbWn+aqMzxh5+DdLGWo=
Subject key identifier: 80:C1:D5:F1:C7:D6:B5:F8:1B:C7:7F:02:D4:09:E3:0E:EC:37:76:29
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01907422D7B1C68951BFDBD648A5074FB912
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gMHV8cfWtfgbx38C1AnjDuw3dik.roa
Signing time: Tue 02 Jul 2024 15:49:18 +0000
ROA not before: Tue 02 Jul 2024 15:49:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134176
IP address blocks: 45.138.109.0/24 maxlen: 32
79.174.20.0/24 maxlen: 32
85.209.254.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
185.236.80.0/24 maxlen: 32
194.49.108.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sun 03 Nov 2024 11:43:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:74:22:d7:b1:c6:89:51:bf:db:d6:48:a5:07:4f:b9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jul 2 15:49:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80c1d5f1c7d6b5f81bc77f02d409e30eec377629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:3c:cc:12:73:2a:0f:57:17:83:11:b5:8a:
e4:5b:e9:58:b7:4d:9c:3f:19:f8:e7:8f:89:70:9c:
a0:86:a3:ac:3f:fd:b4:2f:07:46:d1:26:bc:c4:59:
cd:57:a7:7a:90:84:ac:6b:e6:6e:69:34:b0:04:03:
65:7e:6a:3f:9a:15:59:ff:f3:7e:1c:4e:2e:84:5c:
9f:f9:76:0e:32:15:da:10:52:aa:07:f1:1d:53:c0:
d7:c2:d5:25:36:56:fc:5e:65:d2:17:07:78:39:4d:
fe:d7:c1:64:2c:55:96:4c:ec:00:81:36:1c:9b:1b:
25:1f:6d:53:94:40:e1:32:ac:dd:a5:ca:43:ab:69:
cd:a5:80:ea:f2:5c:b5:21:cd:a7:b5:4c:4e:51:c4:
7f:38:5f:ef:b1:9e:cf:0a:14:b1:de:9a:63:1a:67:
09:3a:06:39:df:07:ad:79:93:35:b3:22:02:60:00:
2a:16:5b:2e:dd:bd:fa:ad:b2:8f:b7:4c:e9:02:ae:
43:a1:6b:08:c8:e2:d8:5e:2e:75:79:84:cc:2c:be:
24:5d:70:9c:50:75:02:63:fe:bf:32:42:f7:0d:02:
6b:00:bc:a7:5c:12:fa:cb:54:1d:76:0f:0f:9b:ad:
a8:a0:7f:9d:1a:66:09:ed:5b:e1:07:20:54:3e:99:
4b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C1:D5:F1:C7:D6:B5:F8:1B:C7:7F:02:D4:09:E3:0E:EC:37:76:29
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gMHV8cfWtfgbx38C1AnjDuw3dik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.109.0/24
79.174.20.0/24
85.209.254.0/24
185.190.81.0/24
185.236.80.0/24
194.49.108.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:3f:30:a9:62:59:06:1c:7d:b9:cf:15:e9:50:f7:3d:d7:55:
86:ee:a1:b6:94:75:2e:8c:42:26:43:0b:bb:b0:2d:af:3c:31:
51:69:bc:1e:8c:51:51:76:3d:ad:40:8d:d8:72:4d:e8:2a:4d:
94:48:8e:48:f1:90:8e:01:8e:38:40:29:f0:bd:32:6f:1b:2a:
75:f3:73:27:37:7a:f7:5c:9a:17:d0:4f:ef:6a:4e:10:8f:76:
4c:b1:40:14:e9:73:11:c2:e7:5c:d4:cc:5b:c9:ec:e6:e3:24:
7f:01:5f:25:94:cb:a1:83:ce:54:93:b5:44:f9:7d:7f:d0:c8:
d0:f7:55:6c:69:21:d4:0c:03:30:d5:89:3f:6c:2f:4c:c0:df:
8c:aa:1b:db:4e:3b:86:30:08:e0:7b:c8:72:f6:61:e2:3e:d2:
1a:99:a1:13:2f:0d:fd:12:ef:d9:86:e1:ee:34:08:8b:08:cc:
33:96:ee:b9:1d:26:f9:b1:44:4c:1e:4e:17:95:68:7c:da:03:
4f:03:31:3a:fb:e7:a3:f4:91:32:2c:0c:5a:3b:65:7f:b5:55:
5a:39:cd:43:70:81:20:ad:40:1f:07:9d:6f:bf:e6:e5:77:eb:
ea:5a:bf:5f:3d:4f:35:8a:13:e7:72:b0:77:48:a7:28:92:2e:
7f:05:d3:d5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZB0ItexxolRv9vWSKUHT7kSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwNzAyMTU0OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGMxZDVmMWM3ZDZiNWY4MWJjNzdmMDJkNDA5ZTMwZWVjMzc3NjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmQ8zBJzKg9XF4MRtYrkW+lYt02c
Pxn454+JcJyghqOsP/20LwdG0Sa8xFnNV6d6kISsa+ZuaTSwBANlfmo/mhVZ//N+
HE4uhFyf+XYOMhXaEFKqB/EdU8DXwtUlNlb8XmXSFwd4OU3+18FkLFWWTOwAgTYc
mxslH21TlEDhMqzdpcpDq2nNpYDq8ly1Ic2ntUxOUcR/OF/vsZ7PChSx3ppjGmcJ
OgY53weteZM1syICYAAqFlsu3b36rbKPt0zpAq5DoWsIyOLYXi51eYTMLL4kXXCc
UHUCY/6/MkL3DQJrALynXBL6y1Qddg8Pm62ooH+dGmYJ7VvhByBUPplLlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIDB1fHH1rX4G8d/AtQJ4w7sN3YpMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZ01IVjhjZld0ZmdieDM4QzFBbmpEdXczZGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYptAwQA
T64UAwQAVdH+AwQAub5RAwQAuexQAwQAwjFsMA0GCSqGSIb3DQEBCwUAA4IBAQCa
PzCpYlkGHH25zxXpUPc911WG7qG2lHUujEImQwu7sC2vPDFRabwejFFRdj2tQI3Y
ck3oKk2USI5I8ZCOAY44QCnwvTJvGyp183MnN3r3XJoX0E/vak4Qj3ZMsUAU6XMR
wudc1Mxbyezm4yR/AV8llMuhg85Uk7VE+X1/0MjQ91VsaSHUDAMw1Yk/bC9MwN+M
qhvbTjuGMAjge8hy9mHiPtIamaETLw39Eu/ZhuHuNAiLCMwzlu65HSb5sURMHk4X
lWh82gNPAzE6++ej9JEyLAxaO2V/tVVaOc1DcIEgrUAfB51vv+bld+vqWr9fPU81
ihPncrB3SKcoki5/BdPV
Generated at Sun Nov 3 14:28:08 2024 by rpki-client on console-ams.rpki-client.org