Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/gPTbTV_-5VENN0WTPohjL-LuyJI.roa
File: gPTbTV_-5VENN0WTPohjL-LuyJI.roa (raw, json)
Hash identifier: JvsPB0YJnWJB4SaYdkuoEQ5ig7UMuvt9Y5ExPT7rBKQ=
Subject key identifier: 80:F4:DB:4D:5F:FE:E5:51:0D:37:45:93:3E:88:63:2F:E2:EE:C8:92
Certificate issuer: /CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Certificate serial: 018CCA29D4E7AE53BC5426C75DDD93D92091
Authority key identifier: 5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/gPTbTV_-5VENN0WTPohjL-LuyJI.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8820
IP address blocks: 46.41.14.0/24 maxlen: 24
188.246.17.0/24 maxlen: 24
188.246.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 06:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d4:e7:ae:53:bc:54:26:c7:5d:dd:93:d9:20:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80f4db4d5ffee5510d3745933e88632fe2eec892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:44:0f:2a:ff:d6:0f:37:16:83:58:c1:f8:27:
66:01:03:d9:cf:45:60:3b:31:c2:ed:4f:66:17:1c:
8e:30:a9:f9:38:55:07:a5:67:db:47:bc:db:a9:50:
26:12:ee:51:78:25:b4:c5:a9:48:08:e4:75:2b:ee:
8b:f1:fd:ed:5b:8d:bd:20:48:3a:bd:3d:0a:02:ad:
6a:90:5d:1a:61:89:3e:f1:5e:5d:90:20:bd:79:bd:
87:ac:a3:72:99:3c:a4:49:9c:34:a5:10:a5:8a:07:
25:34:48:d9:15:9c:87:52:a0:d0:25:92:ac:6d:4d:
40:67:20:23:fb:d6:74:f5:8e:59:4d:4e:4c:f4:3e:
1b:8e:2c:27:67:2e:a0:70:9e:4e:4e:96:d4:9f:9e:
b0:e5:9e:de:aa:5f:80:51:f8:5a:d5:fb:4a:13:c4:
63:bd:ce:cc:f9:e2:b6:9e:a8:cd:57:c0:ca:79:b5:
ab:f7:5a:df:7a:18:09:f2:2e:46:f2:3c:66:f2:29:
3c:1a:07:5d:2c:da:ed:f0:ac:7e:ae:a9:dd:c7:69:
5e:0e:b6:01:55:40:00:c9:e7:15:ec:85:c8:e1:5c:
bd:5d:77:48:81:a8:98:a5:ca:19:1a:5c:a1:e0:17:
f1:3d:8b:6d:61:7c:fc:9b:e5:2a:37:73:eb:1a:1a:
be:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F4:DB:4D:5F:FE:E5:51:0D:37:45:93:3E:88:63:2F:E2:EE:C8:92
X509v3 Authority Key Identifier:
keyid:5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/gPTbTV_-5VENN0WTPohjL-LuyJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.14.0/24
188.246.17.0/24
188.246.23.0/24
Signature Algorithm: sha256WithRSAEncryption
75:02:14:b4:0f:d0:81:49:88:b9:c7:9c:53:1d:04:52:5f:96:
e5:0f:e0:99:8c:a2:3c:73:ff:93:a3:53:99:dd:51:83:51:4f:
8e:7c:7e:48:4a:f8:f2:63:24:c0:50:17:7b:b2:7c:74:e8:7b:
23:2a:d0:a9:c3:2e:c8:21:72:4e:c1:f3:98:b7:fa:bf:cc:8e:
dd:b1:73:db:79:58:6c:29:98:25:e3:8c:92:d9:86:8d:0c:99:
72:aa:78:bf:f5:60:ee:89:82:7e:dc:92:09:3a:22:1c:d0:58:
88:33:b8:b4:0a:b0:ab:f3:fc:6a:8f:6d:2a:31:37:d6:5b:15:
d6:88:02:71:64:4d:1d:21:52:4a:93:09:e3:e3:07:4b:01:bc:
0b:76:98:23:cd:a5:07:1f:bd:4c:f7:7d:92:c6:c3:6f:c3:ea:
2e:8b:18:b5:8b:f0:1d:51:bf:08:1b:63:fe:ff:c0:8e:ca:b1:
a2:74:da:d6:16:3f:3a:48:2c:a6:70:87:c9:cf:92:bc:35:aa:
47:8d:d2:9d:65:7c:89:da:a8:ef:20:d6:6d:63:77:10:df:07:
c5:21:2b:1f:82:6e:04:6e:6e:dc:b4:59:a9:5d:c9:22:3d:ce:
c2:55:30:a4:b7:90:2f:e5:82:3c:dc:3b:55:5d:09:36:f2:ad:
45:d1:32:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKdTnrlO8VCbHXd2T2SCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZWRkNmIwZTM2ZjRiZDhmMWQ1N2UyNmNjMWMyZDE4YzY5
OTNjMDQwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGY0ZGI0ZDVmZmVlNTUxMGQzNzQ1OTMzZTg4NjMyZmUyZWVjODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokQPKv/WDzcWg1jB+CdmAQPZz0Vg
OzHC7U9mFxyOMKn5OFUHpWfbR7zbqVAmEu5ReCW0xalICOR1K+6L8f3tW429IEg6
vT0KAq1qkF0aYYk+8V5dkCC9eb2HrKNymTykSZw0pRCligclNEjZFZyHUqDQJZKs
bU1AZyAj+9Z09Y5ZTU5M9D4bjiwnZy6gcJ5OTpbUn56w5Z7eql+AUfha1ftKE8Rj
vc7M+eK2nqjNV8DKebWr91rfehgJ8i5G8jxm8ik8GgddLNrt8Kx+rqndx2leDrYB
VUAAyecV7IXI4Vy9XXdIgaiYpcoZGlyh4BfxPYttYXz8m+UqN3PrGhq+/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFID0201f/uVRDTdFkz6IYy/i7siSMB8GA1UdIwQY
MBaAFF3t1rDjb0vY8dV+JswcLRjGmTwEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODkt
YzY5ODcxZjVkMzA1LzEvZ1BUYlRWXy01VkVOTjBXVFBvaGpMLUx1eUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODktYzY5ODcxZjVkMzA1
LzEvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALikOAwQA
vPYRAwQAvPYXMA0GCSqGSIb3DQEBCwUAA4IBAQB1AhS0D9CBSYi5x5xTHQRSX5bl
D+CZjKI8c/+To1OZ3VGDUU+OfH5ISvjyYyTAUBd7snx06HsjKtCpwy7IIXJOwfOY
t/q/zI7dsXPbeVhsKZgl44yS2YaNDJlyqni/9WDuiYJ+3JIJOiIc0FiIM7i0CrCr
8/xqj20qMTfWWxXWiAJxZE0dIVJKkwnj4wdLAbwLdpgjzaUHH71M932SxsNvw+ou
ixi1i/AdUb8IG2P+/8COyrGidNrWFj86SCymcIfJz5K8NapHjdKdZXyJ2qjvINZt
Y3cQ3wfFISsfgm4Ebm7ctFmpXckiPc7CVTCkt5Av5YI83DtVXQk28q1F0TIZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:46:20 2025 by rpki-client