Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/GtH_kl8X7SBkMLRpb80tW9Ksl-E.roa
File: GtH_kl8X7SBkMLRpb80tW9Ksl-E.roa (raw, json)
Hash identifier: FNUVMRFVU2ymj24JfCuu1tByF70s4C4Ah3r9i+c46W0=
Subject key identifier: 1A:D1:FF:92:5F:17:ED:20:64:30:B4:69:6F:CD:2D:5B:D2:AC:97:E1
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CC083962CD6A0D2518518112BE4AE1CC2
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/GtH_kl8X7SBkMLRpb80tW9Ksl-E.roa
Signing time: Sun 31 Dec 2023 15:34:58 +0000
ROA not before: Sun 31 Dec 2023 15:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.141.234.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c0:83:96:2c:d6:a0:d2:51:85:18:11:2b:e4:ae:1c:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Dec 31 15:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ad1ff925f17ed206430b4696fcd2d5bd2ac97e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:ab:50:4b:6c:0b:ce:00:a0:39:f4:66:45:
99:73:77:b7:69:54:a0:68:a0:eb:70:84:11:8c:04:
77:01:51:1c:53:f5:ab:6c:2e:d3:5e:63:af:ad:c0:
71:f9:4b:4d:b4:d3:a1:c6:16:a3:f4:13:f7:e8:ff:
f2:63:c4:81:aa:65:10:17:27:3e:69:cf:e0:2c:50:
d7:dd:33:3b:86:fb:74:26:b1:4a:20:b8:65:18:c5:
84:02:ac:d4:2e:9b:98:47:6c:3d:8e:16:63:98:a8:
93:40:97:b4:2d:c0:8a:10:a3:06:62:71:92:ee:06:
78:74:17:19:ce:14:a2:be:61:18:2c:57:45:a2:7b:
70:13:9b:6a:45:11:91:58:2a:1a:7b:b3:4b:20:3c:
ad:14:5a:76:eb:a5:5c:78:24:b6:c1:a9:21:49:31:
5d:0f:82:f8:db:a0:62:41:22:19:7a:d9:cd:45:46:
61:bb:81:2d:d0:e5:ce:60:ec:e8:68:7e:2b:18:ff:
7a:5a:94:5a:f3:13:62:2b:91:4a:8f:e4:82:d4:2b:
c0:03:4c:f1:0a:3a:bb:8e:28:29:1f:e0:ef:74:de:
24:e5:2d:0d:04:5f:9e:23:a4:2e:2e:eb:c6:82:5c:
1b:aa:6d:da:81:82:39:64:4d:24:69:51:e9:1c:a1:
e3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D1:FF:92:5F:17:ED:20:64:30:B4:69:6F:CD:2D:5B:D2:AC:97:E1
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/GtH_kl8X7SBkMLRpb80tW9Ksl-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b7:c3:4d:b3:a6:4c:ed:33:63:13:ec:8b:4c:8e:20:55:f6:
98:b2:ba:63:30:4f:0d:48:f2:10:4a:89:4e:f9:fe:2f:7b:77:
2b:fb:7d:6b:2c:79:31:f8:3e:ab:07:d8:bd:35:7d:3f:d4:69:
01:3d:e5:44:2e:4a:65:fc:63:18:6a:94:92:f0:c5:70:7d:a8:
95:e5:7b:b2:8e:ca:57:76:c3:02:2e:de:52:d7:cb:01:e9:8e:
16:78:bd:66:1d:a3:bb:d8:8a:eb:2d:1e:4d:49:0b:3f:a5:29:
a5:8a:d2:91:68:49:f4:10:ae:75:0f:7c:96:b6:23:09:ac:4d:
2a:23:4f:cf:c7:a0:3c:bb:07:89:29:62:dd:28:9e:9a:c1:14:
1a:7d:65:86:15:d7:a6:6e:fa:77:13:af:47:9f:fe:21:fd:fb:
a7:f5:04:10:89:7e:de:83:1b:b4:dd:87:8a:86:9b:d4:4d:5c:
91:96:13:f8:9d:ee:d0:e6:37:54:bf:1e:6b:a7:cc:34:40:db:
16:c2:db:91:83:a9:9c:30:9d:43:76:07:25:47:d7:87:be:dd:
03:6b:82:a4:bb:97:5f:5e:b1:a6:09:74:9e:51:02:e7:a4:96:
2b:43:93:e9:8b:b3:3b:36:10:4e:53:b0:29:a0:df:e3:64:b7:
4d:b6:0a:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzAg5Ys1qDSUYUYESvkrhzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMxMjMxMTUzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQxZmY5MjVmMTdlZDIwNjQzMGI0Njk2ZmNkMmQ1YmQyYWM5N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+erUEtsC84AoDn0ZkWZc3e3aVSg
aKDrcIQRjAR3AVEcU/WrbC7TXmOvrcBx+UtNtNOhxhaj9BP36P/yY8SBqmUQFyc+
ac/gLFDX3TM7hvt0JrFKILhlGMWEAqzULpuYR2w9jhZjmKiTQJe0LcCKEKMGYnGS
7gZ4dBcZzhSivmEYLFdFontwE5tqRRGRWCoae7NLIDytFFp266VceCS2wakhSTFd
D4L426BiQSIZetnNRUZhu4Et0OXOYOzoaH4rGP96WpRa8xNiK5FKj+SC1CvAA0zx
Cjq7jigpH+DvdN4k5S0NBF+eI6QuLuvGglwbqm3agYI5ZE0kaVHpHKHjuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBrR/5JfF+0gZDC0aW/NLVvSrJfhMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvR3RIX2tsOFg3U0JrTUxScGI4MHRXOUtzbC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY3qAwQA
Xr7DMA0GCSqGSIb3DQEBCwUAA4IBAQARt8NNs6ZM7TNjE+yLTI4gVfaYsrpjME8N
SPIQSolO+f4ve3cr+31rLHkx+D6rB9i9NX0/1GkBPeVELkpl/GMYapSS8MVwfaiV
5XuyjspXdsMCLt5S18sB6Y4WeL1mHaO72IrrLR5NSQs/pSmlitKRaEn0EK51D3yW
tiMJrE0qI0/Px6A8uweJKWLdKJ6awRQafWWGFdembvp3E69Hn/4h/fun9QQQiX7e
gxu03YeKhpvUTVyRlhP4ne7Q5jdUvx5rp8w0QNsWwtuRg6mcMJ1DdgclR9eHvt0D
a4Kku5dfXrGmCXSeUQLnpJYrQ5Ppi7M7NhBOU7ApoN/jZLdNtgoy
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:59 2024 by rpki-client on console-fra.rpki-client.org