Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GDTI9z_W559td-Hg2CwlRaBIKDs.roa
File: GDTI9z_W559td-Hg2CwlRaBIKDs.roa (raw, json)
Hash identifier: u0451T4S4L+rkijMJg7Tl5U93GJqsvZSekRVUbSYuMc=
Subject key identifier: 18:34:C8:F7:3F:D6:E7:9F:6D:77:E1:E0:D8:2C:25:45:A0:48:28:3B
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 019121F057F24F676B99B7C9FB6BBF4E4C83
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GDTI9z_W559td-Hg2CwlRaBIKDs.roa
Signing time: Mon 05 Aug 2024 09:48:04 +0000
ROA not before: Mon 05 Aug 2024 09:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31293
IP address blocks: 185.118.241.0/24 maxlen: 24
185.118.243.0/24 maxlen: 24
194.150.116.0/22 maxlen: 22
194.150.116.0/24 maxlen: 24
194.150.117.0/24 maxlen: 24
194.150.118.0/24 maxlen: 24
2a06:9680::/29 maxlen: 48
2a06:9682::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Sep 2024 10:08:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:f0:57:f2:4f:67:6b:99:b7:c9:fb:6b:bf:4e:4c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Aug 5 09:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1834c8f73fd6e79f6d77e1e0d82c2545a048283b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:1a:6f:51:7c:5e:4d:3a:05:1a:81:ea:a7:ce:
5a:45:2a:cc:4a:ca:a5:4e:33:8d:7e:4a:b8:d4:39:
92:ef:4d:79:dc:94:30:8d:fc:56:38:9c:3f:2a:db:
7f:cc:1c:04:c6:c4:32:e7:45:0d:f6:4e:ad:cc:de:
7a:d8:31:69:d8:ad:33:1e:93:f6:4b:a8:3b:41:18:
7f:02:95:46:84:9e:57:68:14:39:d4:de:a6:ac:86:
89:0b:f8:c8:8d:da:e2:c4:4f:93:d0:b1:89:29:12:
d1:de:75:ba:2d:c8:2e:0e:ca:1d:49:ac:c5:3d:68:
cc:6e:71:b9:de:a0:02:89:d9:48:e9:d0:e8:3e:e3:
ed:2e:68:e6:d4:58:03:21:9b:01:21:71:0d:c9:4c:
97:b4:88:1c:76:af:1b:25:b4:fc:93:38:b2:55:45:
6c:18:12:2b:56:71:15:1d:4b:6a:58:e1:61:79:d1:
23:8a:d7:a9:7b:fc:95:4a:b9:70:f4:ee:ae:88:b9:
b3:89:d6:97:b7:b4:5e:14:d6:22:ae:8c:1c:98:04:
b8:9b:d2:6e:b5:04:70:32:8f:e1:68:45:5e:2e:01:
2c:e0:90:c6:e4:f2:35:d2:9c:f6:f4:9d:3c:a8:c5:
11:77:7e:cf:3d:a8:21:e4:5b:2d:5d:9b:9a:02:5a:
3d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:34:C8:F7:3F:D6:E7:9F:6D:77:E1:E0:D8:2C:25:45:A0:48:28:3B
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GDTI9z_W559td-Hg2CwlRaBIKDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.241.0/24
185.118.243.0/24
194.150.116.0/22
IPv6:
2a06:9680::/29
Signature Algorithm: sha256WithRSAEncryption
8d:45:e1:91:aa:1a:54:6b:a0:1c:e6:23:be:29:4b:8b:9f:73:
4b:8b:8b:03:e8:d6:39:2c:ba:e1:56:ca:85:88:64:24:36:cb:
3d:15:23:33:99:b4:fe:0d:3f:34:9a:59:33:53:e3:b5:fd:1e:
a6:c9:36:9f:1a:2e:28:d0:3e:d4:66:f4:ec:0c:71:de:2b:42:
e9:e9:33:aa:a2:6d:3e:ff:8f:c8:05:a3:b4:fd:d8:97:79:c5:
cf:68:9b:3a:42:e4:46:c0:ea:2d:f2:33:a7:9b:09:27:1b:16:
53:e6:a9:41:b8:6f:e6:ba:21:66:72:05:e7:96:96:8e:04:1d:
79:58:2a:5b:d6:06:a6:80:2c:23:d4:d5:66:41:33:1e:b1:e9:
1d:d4:a1:16:53:51:6f:b2:68:56:84:d7:0d:3b:51:e8:72:e0:
2b:5a:ee:dc:4e:e6:d9:09:fd:7e:ec:9b:eb:c1:01:f2:a7:0d:
d2:43:c3:25:bd:a4:33:33:40:4b:87:dd:2a:e6:61:40:39:76:
e2:26:d7:7f:23:ed:9c:64:1b:66:b5:30:88:0e:aa:46:ae:51:
13:12:e7:f4:df:6d:94:9a:bd:b1:34:92:5d:a6:aa:a2:86:2e:
c9:02:a5:de:9b:a8:20:42:1e:0a:aa:7d:0c:e5:a6:f6:b9:e2:
8a:96:78:44
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZEh8FfyT2drmbfJ+2u/TkyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjQwODA1MDk0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODM0YzhmNzNmZDZlNzlmNmQ3N2UxZTBkODJjMjU0NWEwNDgyODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8RpvUXxeTToFGoHqp85aRSrMSsql
TjONfkq41DmS70153JQwjfxWOJw/Ktt/zBwExsQy50UN9k6tzN562DFp2K0zHpP2
S6g7QRh/ApVGhJ5XaBQ51N6mrIaJC/jIjdrixE+T0LGJKRLR3nW6LcguDsodSazF
PWjMbnG53qACidlI6dDoPuPtLmjm1FgDIZsBIXENyUyXtIgcdq8bJbT8kziyVUVs
GBIrVnEVHUtqWOFhedEjitepe/yVSrlw9O6uiLmzidaXt7ReFNYirowcmAS4m9Ju
tQRwMo/haEVeLgEs4JDG5PI10pz29J08qMURd37PPagh5FstXZuaAlo9+QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBg0yPc/1uefbXfh4NgsJUWgSCg7MB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvR0RUSTl6X1c1NTl0ZC1IZzJDd2xSYUJJS0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuXbxAwQA
uXbzAwQCwpZ0MA0EAgACMAcDBQMqBpaAMA0GCSqGSIb3DQEBCwUAA4IBAQCNReGR
qhpUa6Ac5iO+KUuLn3NLi4sD6NY5LLrhVsqFiGQkNss9FSMzmbT+DT80mlkzU+O1
/R6myTafGi4o0D7UZvTsDHHeK0Lp6TOqom0+/4/IBaO0/diXecXPaJs6QuRGwOot
8jOnmwknGxZT5qlBuG/muiFmcgXnlpaOBB15WCpb1gamgCwj1NVmQTMesekd1KEW
U1FvsmhWhNcNO1HocuArWu7cTubZCf1+7JvrwQHypw3SQ8MlvaQzM0BLh90q5mFA
OXbiJtd/I+2cZBtmtTCIDqpGrlETEuf0322Umr2xNJJdpqqihi7JAqXem6ggQh4K
qn0M5ab2ueKKlnhE
-----END CERTIFICATE-----
Generated at Mon Sep 9 12:50:09 2024 by rpki-client on console-fra.rpki-client.org