Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/gjsQWBkCdKhkgoCyAgI6m5ckxzc.roa
File: gjsQWBkCdKhkgoCyAgI6m5ckxzc.roa (raw, json)
Hash identifier: eICFzjEkwMEc5IUYPXXZhZjhmmDJoISWSbs6LKJSeQk=
Subject key identifier: 82:3B:10:58:19:02:74:A8:64:82:80:B2:02:02:3A:9B:97:24:C7:37
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 01856FB12B4680A712DC1CCDDD27EEE1B296
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/gjsQWBkCdKhkgoCyAgI6m5ckxzc.roa
Signing time: Sun 01 Jan 2023 23:36:00 +0000
ROA not before: Sun 01 Jan 2023 23:36:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23959
IP address blocks: 45.95.224.0/24 maxlen: 24
45.149.4.0/24 maxlen: 24
45.149.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 May 2023 11:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:2b:46:80:a7:12:dc:1c:cd:dd:27:ee:e1:b2:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jan 1 23:36:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=823b1058190274a8648280b202023a9b9724c737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b2:fb:93:a4:bc:ab:2a:71:05:84:55:9d:b9:
44:7d:73:8d:57:f4:28:b5:76:a9:e6:4f:a6:71:ef:
97:ea:b1:28:2f:67:1b:3c:34:20:27:34:6b:e8:4f:
4d:89:46:b7:3a:0a:67:00:8f:bf:18:aa:60:e1:0a:
28:36:06:ba:ab:0e:b8:b8:a8:8c:0c:0b:93:b9:e5:
62:23:6d:cb:26:f9:85:32:c4:a4:b9:fc:51:06:cf:
91:4e:2b:62:02:75:61:23:5b:94:06:5b:f4:ca:a0:
b4:f4:2b:3d:00:53:3a:df:e4:88:7b:25:de:aa:63:
ac:b9:c9:6e:94:44:b6:ea:13:34:12:30:d9:42:67:
94:0b:04:c3:7b:5c:e3:ac:41:fc:62:eb:82:ad:69:
e0:cd:ac:25:2c:28:1d:7e:d8:eb:29:3a:5f:50:e4:
6c:7d:54:a2:03:26:a2:15:97:60:d8:cc:d4:b2:a3:
d3:b2:41:63:5d:ec:5b:c3:22:d5:27:2d:0c:0e:6c:
33:3d:d7:5f:8d:fd:7f:69:e2:46:6e:ce:8f:a1:6c:
76:f1:72:f7:47:ab:fe:19:15:47:b3:d9:ff:ed:55:
05:67:79:5e:d9:7a:dd:5b:1a:b9:bc:f9:81:af:95:
5d:4a:5e:fd:48:a3:ac:f0:32:49:9d:ca:9b:96:d4:
e5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3B:10:58:19:02:74:A8:64:82:80:B2:02:02:3A:9B:97:24:C7:37
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/gjsQWBkCdKhkgoCyAgI6m5ckxzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.224.0/24
45.149.4.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:bd:27:07:6b:aa:e2:30:91:c9:1b:80:33:e2:22:5a:e5:ab:
0a:b7:c0:46:ad:e7:d4:08:a3:f3:82:de:d9:6d:14:24:7f:9c:
23:f1:3c:a5:39:20:ab:f6:37:f8:99:4a:55:79:70:cc:72:fd:
b8:da:48:7b:b4:3d:1b:07:2d:45:cc:e2:8b:09:5e:a0:dc:35:
ad:e6:36:86:a6:a3:b2:5f:b3:7e:a1:14:90:dc:55:b1:63:f3:
70:92:96:bb:6b:4a:5c:49:1d:e2:15:14:61:50:cb:62:f4:4f:
31:ea:21:85:47:42:5d:92:ce:f4:89:d6:5d:12:c2:1c:b0:a3:
5d:18:e6:55:ae:53:11:0d:3f:c3:bb:4e:0e:1a:31:d0:46:9a:
38:89:f0:f9:aa:b8:78:47:73:5d:02:a3:57:10:17:56:9a:d0:
1e:5a:c8:f0:4c:1c:c3:ec:1e:17:60:c5:38:ad:3c:77:09:4b:
2a:00:fa:a9:a3:4c:05:5f:4d:af:56:b4:4c:93:30:d5:90:52:
d7:c0:20:4b:67:a4:81:ce:c4:4b:ed:50:c0:53:53:4f:51:77:
16:77:81:e6:fc:5d:f1:8c:4e:84:b0:1d:ed:14:86:9f:cd:27:
b5:c3:e7:1f:23:77:90:57:2c:cf:86:88:36:0d:41:7a:2f:ea:
37:7b:89:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvsStGgKcS3BzN3Sfu4bKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjMwMTAxMjMzNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjNiMTA1ODE5MDI3NGE4NjQ4MjgwYjIwMjAyM2E5Yjk3MjRjNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLL7k6S8qypxBYRVnblEfXONV/Qo
tXap5k+mce+X6rEoL2cbPDQgJzRr6E9NiUa3OgpnAI+/GKpg4QooNga6qw64uKiM
DAuTueViI23LJvmFMsSkufxRBs+RTitiAnVhI1uUBlv0yqC09Cs9AFM63+SIeyXe
qmOsuclulES26hM0EjDZQmeUCwTDe1zjrEH8YuuCrWngzawlLCgdftjrKTpfUORs
fVSiAyaiFZdg2MzUsqPTskFjXexbwyLVJy0MDmwzPddfjf1/aeJGbs6PoWx28XL3
R6v+GRVHs9n/7VUFZ3le2XrdWxq5vPmBr5VdSl79SKOs8DJJncqbltTlcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFII7EFgZAnSoZIKAsgICOpuXJMc3MB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvZ2pzUVdCa0NkS2hrZ29DeUFnSTZtNWNreHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV/gAwQB
LZUEMA0GCSqGSIb3DQEBCwUAA4IBAQA6vScHa6riMJHJG4Az4iJa5asKt8BGrefU
CKPzgt7ZbRQkf5wj8TylOSCr9jf4mUpVeXDMcv242kh7tD0bBy1FzOKLCV6g3DWt
5jaGpqOyX7N+oRSQ3FWxY/Nwkpa7a0pcSR3iFRRhUMti9E8x6iGFR0Jdks70idZd
EsIcsKNdGOZVrlMRDT/Du04OGjHQRpo4ifD5qrh4R3NdAqNXEBdWmtAeWsjwTBzD
7B4XYMU4rTx3CUsqAPqpo0wFX02vVrRMkzDVkFLXwCBLZ6SBzsRL7VDAU1NPUXcW
d4Hm/F3xjE6EsB3tFIafzSe1w+cfI3eQVyzPhog2DUF6L+o3e4nI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org