Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/Ut7jPJlwlkLXiE1ZdXj-ls0PJAw.roa
File: Ut7jPJlwlkLXiE1ZdXj-ls0PJAw.roa (raw, json)
Hash identifier: P7uomF//q8tnyIxjm4va/PEU47rn1irczbFIMHSfuEA=
Subject key identifier: 52:DE:E3:3C:99:70:96:42:D7:88:4D:59:75:78:FE:96:CD:0F:24:0C
Certificate issuer: /CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Certificate serial: 01857295D12A4DB53F930D48EF9123FAE1FB
Authority key identifier: 82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/Ut7jPJlwlkLXiE1ZdXj-ls0PJAw.roa
Signing time: Mon 02 Jan 2023 13:04:58 +0000
ROA not before: Mon 02 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 92.43.168.0/23 maxlen: 23
92.43.168.0/24 maxlen: 24
92.43.169.0/24 maxlen: 24
92.43.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:d1:2a:4d:b5:3f:93:0d:48:ef:91:23:fa:e1:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Validity
Not Before: Jan 2 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52dee33c99709642d7884d597578fe96cd0f240c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:49:7b:eb:4f:3b:9e:99:09:6b:af:cd:ab:
46:50:2b:ce:84:37:c7:06:21:df:f6:47:ed:dd:61:
22:27:95:39:b5:d4:02:37:a9:d0:52:60:72:9f:93:
fb:14:2c:62:f6:67:a2:16:d7:32:a2:09:34:f8:05:
7e:61:92:b7:eb:ee:83:94:25:69:f2:5e:5b:85:06:
4e:b9:bc:ea:e2:59:80:97:2b:55:8e:39:7c:ff:3f:
d6:c9:99:2b:36:5e:34:7a:7a:ab:09:0d:96:05:63:
ae:82:5c:df:44:be:38:26:e7:87:8d:c4:99:a3:ce:
0e:be:64:87:7a:91:6c:ae:df:ce:f1:bc:4d:bb:9f:
7d:ea:ad:df:fd:3d:e4:73:74:46:17:c1:cb:38:48:
c1:cd:a4:92:f2:d0:6f:b4:05:0a:8a:d5:ad:40:7f:
9c:b9:15:85:9c:91:38:38:5e:ab:23:78:6b:38:ee:
4f:db:92:e6:e3:3b:eb:da:6a:1c:b8:da:49:17:2c:
88:a7:32:90:28:7d:c0:5a:e1:cb:7b:aa:62:e3:7d:
1c:88:70:50:aa:78:73:36:59:ab:eb:16:db:40:bc:
c2:ad:68:6f:77:60:6f:b9:62:a5:15:74:12:fc:23:
32:13:2d:70:cc:ed:d9:57:44:a9:a8:b7:7b:4b:df:
b5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DE:E3:3C:99:70:96:42:D7:88:4D:59:75:78:FE:96:CD:0F:24:0C
X509v3 Authority Key Identifier:
keyid:82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/Ut7jPJlwlkLXiE1ZdXj-ls0PJAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/gtf-cxLvtCvY0ezYKsdhkeomw1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.168.0/23
92.43.171.0/24
Signature Algorithm: sha256WithRSAEncryption
98:99:74:ae:36:9d:f1:83:9b:e3:6a:23:ee:9a:12:f3:91:aa:
90:bf:62:de:54:a1:22:64:c5:16:71:04:4f:3d:0b:6e:25:6e:
4c:89:98:60:bc:aa:ef:17:94:b3:60:22:12:40:8c:67:62:c5:
ab:fb:d3:5a:f3:d6:de:b8:28:7a:1e:0e:37:f3:8d:bd:19:cf:
1e:ba:77:67:30:0e:a8:6b:c5:77:27:23:1e:19:35:16:0d:46:
03:f3:8b:94:9c:35:1e:84:68:5d:ab:fe:69:50:bf:02:37:4c:
ce:61:8b:2d:62:d6:99:3f:81:cc:76:7c:c8:d6:d3:6f:44:d2:
54:e9:d8:87:4a:27:9e:ea:e0:8d:ba:a5:f0:39:11:14:b8:26:
c8:40:42:c5:11:69:04:85:5e:39:a5:d6:24:64:ff:da:f5:70:
26:6a:83:76:68:92:1e:6a:21:f9:cf:77:e2:72:dd:7c:c4:0b:
a7:6c:16:5a:36:23:b6:fc:b7:5f:24:18:0a:e4:f5:6c:d1:bb:
2f:e4:47:7f:f0:0e:64:3d:d4:ca:8e:a7:2e:8c:d1:75:72:a1:
5b:e8:4f:86:1d:0a:10:b1:f5:f1:c5:dc:91:d3:dc:69:d6:72:
7b:f7:1d:4d:9a:f9:90:aa:be:6b:3d:75:d3:90:ca:00:f1:3e:
b7:f1:d7:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyldEqTbU/kw1I75Ej+uH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZDdmZTczMTJlZmI0MmJkOGQxZWNkODJhYzc2MTkxZWEy
NmMzNTYwHhcNMjMwMTAyMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRlZTMzYzk5NzA5NjQyZDc4ODRkNTk3NTc4ZmU5NmNkMGYyNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTlJe+tPO56ZCWuvzatGUCvOhDfH
BiHf9kft3WEiJ5U5tdQCN6nQUmByn5P7FCxi9meiFtcyogk0+AV+YZK36+6DlCVp
8l5bhQZOubzq4lmAlytVjjl8/z/WyZkrNl40enqrCQ2WBWOuglzfRL44JueHjcSZ
o84OvmSHepFsrt/O8bxNu5996q3f/T3kc3RGF8HLOEjBzaSS8tBvtAUKitWtQH+c
uRWFnJE4OF6rI3hrOO5P25Lm4zvr2mocuNpJFyyIpzKQKH3AWuHLe6pi430ciHBQ
qnhzNlmr6xbbQLzCrWhvd2BvuWKlFXQS/CMyEy1wzO3ZV0SpqLd7S9+14QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFLe4zyZcJZC14hNWXV4/pbNDyQMMB8GA1UdIwQY
MBaAFILX/nMS77Qr2NHs2CrHYZHqJsNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYt
MzdiMjFiYWIzYjAwLzEvVXQ3alBKbHdsa0xYaUUxWmRYai1sczBQSkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYtMzdiMjFiYWIzYjAw
LzEvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXCuoAwQA
XCurMA0GCSqGSIb3DQEBCwUAA4IBAQCYmXSuNp3xg5vjaiPumhLzkaqQv2LeVKEi
ZMUWcQRPPQtuJW5MiZhgvKrvF5SzYCISQIxnYsWr+9Na89beuCh6Hg438429Gc8e
undnMA6oa8V3JyMeGTUWDUYD84uUnDUehGhdq/5pUL8CN0zOYYstYtaZP4HMdnzI
1tNvRNJU6diHSiee6uCNuqXwOREUuCbIQELFEWkEhV45pdYkZP/a9XAmaoN2aJIe
aiH5z3fict18xAunbBZaNiO2/LdfJBgK5PVs0bsv5Ed/8A5kPdTKjqcujNF1cqFb
6E+GHQoQsfXxxdyR09xp1nJ79x1NmvmQqr5rPXXTkMoA8T638dcq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org