Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/GBe0No1OiBK-atCx_quxfFhHti4.roa
File: GBe0No1OiBK-atCx_quxfFhHti4.roa (raw, json)
Hash identifier: V9Wr9fGdyJ4xEaf9KZ6J4PacHbkO756pQfuCgB9n9HY=
Subject key identifier: 18:17:B4:36:8D:4E:88:12:BE:6A:D0:B1:FE:AB:B1:7C:58:47:B6:2E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CC86F2960037C005DF10C6578B8D243CA
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/GBe0No1OiBK-atCx_quxfFhHti4.roa
Signing time: Tue 02 Jan 2024 04:29:37 +0000
ROA not before: Tue 02 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 91.92.33.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 15:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:29:60:03:7c:00:5d:f1:0c:65:78:b8:d2:43:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1817b4368d4e8812be6ad0b1feabb17c5847b62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cc:7e:20:88:b1:1e:17:fb:67:f7:c9:62:a1:
d6:16:20:f9:64:9a:e5:c2:de:34:bb:cf:85:3c:88:
37:36:c3:88:f3:7e:94:b7:41:00:94:ad:91:b8:ce:
db:e7:92:77:1a:5b:f5:1f:d2:1e:f9:09:2f:86:7a:
c8:d0:fa:c6:2f:26:7b:9c:36:2c:25:45:82:44:61:
6a:12:29:41:73:3c:fa:87:e7:cc:d1:8a:1a:3a:c3:
95:68:23:bf:3d:dd:ea:00:c5:e6:33:b8:59:8e:06:
86:fd:90:c5:d3:74:7d:4c:0e:56:8e:a4:d9:ca:43:
20:20:ba:84:de:aa:69:5f:d2:c2:8c:5b:9e:81:8e:
d0:b7:48:58:6f:df:c9:74:5c:a5:ef:a5:7b:8a:b8:
c5:08:b1:b2:2b:45:cb:95:b4:3f:76:5a:ac:c0:02:
0e:3f:9e:2c:7f:bc:82:d9:99:48:0e:35:4e:95:4c:
4d:56:dc:8d:b1:9a:5d:d7:8e:df:b9:f6:cb:d0:26:
26:03:91:6b:f8:d6:db:63:e4:2c:4c:71:83:3b:64:
c4:6b:5b:7f:ed:4a:24:5f:08:64:d4:91:24:ed:a3:
1c:f4:8d:ce:59:65:7f:23:c1:76:fd:72:9b:55:c3:
f7:b3:11:4c:00:cd:c9:05:c1:d6:4b:37:52:e7:68:
bd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:17:B4:36:8D:4E:88:12:BE:6A:D0:B1:FE:AB:B1:7C:58:47:B6:2E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/GBe0No1OiBK-atCx_quxfFhHti4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
91.92.33.0/24
91.92.49.0/24
93.152.209.0/24
93.152.214.0/24
93.152.220.0/24
93.152.225.0/24
Signature Algorithm: sha256WithRSAEncryption
13:69:03:4d:8c:06:04:87:63:e7:af:cd:0b:47:c9:69:54:12:
81:d7:39:8e:cc:ce:09:d7:2c:c0:ee:e9:c7:5d:fe:16:41:3e:
81:54:98:81:25:57:6c:99:83:e5:6a:b7:15:a1:6d:16:1a:11:
d7:01:c8:ec:74:94:c1:ed:8f:ae:d4:a9:a2:9e:f2:a5:0f:0e:
53:14:e0:54:b8:6c:ab:89:1c:ac:fd:41:76:8a:10:4d:3d:69:
63:e5:56:42:8a:2f:87:24:15:b6:50:f5:a6:99:70:f3:03:75:
0f:3f:c0:f4:72:ca:e9:f7:8e:86:92:88:12:b6:e3:bd:44:c5:
cc:d9:7a:2d:e6:3d:ec:7c:b7:e0:60:38:e7:99:1a:67:40:fd:
0c:eb:e0:3d:8c:96:cb:4b:ac:73:b7:5d:63:af:1b:71:8d:5d:
cb:fa:5b:a1:17:2e:d7:b8:76:70:51:77:2f:44:3d:d5:99:61:
f7:0a:d1:c0:0d:f3:03:68:e3:ce:22:95:5d:b5:72:e0:6f:f4:
6d:e6:6a:9d:81:3b:14:d3:a6:7f:c5:36:1f:ac:58:b7:9d:73:
81:58:3c:c5:5c:5b:51:27:41:b7:57:d8:94:97:80:97:d0:79:
83:ae:d9:69:f4:74:7b:5c:82:49:b4:6e:5b:d7:8c:64:b0:1d:
2a:ec:a2:b2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIbylgA3wAXfEMZXi40kPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE3YjQzNjhkNGU4ODEyYmU2YWQwYjFmZWFiYjE3YzU4NDdiNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8x+IIixHhf7Z/fJYqHWFiD5ZJrl
wt40u8+FPIg3NsOI836Ut0EAlK2RuM7b55J3Glv1H9Ie+QkvhnrI0PrGLyZ7nDYs
JUWCRGFqEilBczz6h+fM0YoaOsOVaCO/Pd3qAMXmM7hZjgaG/ZDF03R9TA5WjqTZ
ykMgILqE3qppX9LCjFuegY7Qt0hYb9/JdFyl76V7irjFCLGyK0XLlbQ/dlqswAIO
P54sf7yC2ZlIDjVOlUxNVtyNsZpd147fufbL0CYmA5Fr+NbbY+QsTHGDO2TEa1t/
7UokXwhk1JEk7aMc9I3OWWV/I8F2/XKbVcP3sxFMAM3JBcHWSzdS52i9SQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBgXtDaNTogSvmrQsf6rsXxYR7YuMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvR0JlME5vMU9pQkstYXRDeF9xdXhmRmhIdGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALY3oAwQA
W1whAwQAW1wxAwQAXZjRAwQAXZjWAwQAXZjcAwQAXZjhMA0GCSqGSIb3DQEBCwUA
A4IBAQATaQNNjAYEh2Pnr80LR8lpVBKB1zmOzM4J1yzA7unHXf4WQT6BVJiBJVds
mYPlarcVoW0WGhHXAcjsdJTB7Y+u1KminvKlDw5TFOBUuGyriRys/UF2ihBNPWlj
5VZCii+HJBW2UPWmmXDzA3UPP8D0csrp946GkogStuO9RMXM2Xot5j3sfLfgYDjn
mRpnQP0M6+A9jJbLS6xzt11jrxtxjV3L+luhFy7XuHZwUXcvRD3VmWH3CtHADfMD
aOPOIpVdtXLgb/Rt5mqdgTsU06Z/xTYfrFi3nXOBWDzFXFtRJ0G3V9iUl4CX0HmD
rtlp9HR7XIJJtG5b14xksB0q7KKy
-----END CERTIFICATE-----
Generated at Mon Jan 22 19:25:31 2024 by rpki-client on console-ams.rpki-client.org