Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/gYE0ntKwvh5QL4AW8k_KVX9LefE.roa
File: gYE0ntKwvh5QL4AW8k_KVX9LefE.roa (raw, json)
Hash identifier: uX6wb7BDQvGL+WP7YkrGs+uh6hnZY96FBQlcLpcAokc=
Subject key identifier: 81:81:34:9E:D2:B0:BE:1E:50:2F:80:16:F2:4F:CA:55:7F:4B:79:F1
Certificate issuer: /CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Certificate serial: 018C77495E8E78DE9AF1129BD06254668696
Authority key identifier: 06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/gYE0ntKwvh5QL4AW8k_KVX9LefE.roa
Signing time: Sun 17 Dec 2023 10:19:06 +0000
ROA not before: Sun 17 Dec 2023 10:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50597
IP address blocks: 185.23.152.0/22 maxlen: 22
185.23.152.0/24 maxlen: 24
185.23.153.0/24 maxlen: 24
185.23.155.0/24 maxlen: 24
185.23.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:77:49:5e:8e:78:de:9a:f1:12:9b:d0:62:54:66:86:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Validity
Not Before: Dec 17 10:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8181349ed2b0be1e502f8016f24fca557f4b79f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:36:3b:4a:07:22:c7:0d:0b:8a:89:e2:69:65:
d2:c9:6b:e8:1b:4f:58:82:ed:0f:dc:ea:15:da:3a:
1d:d8:3e:c3:b8:f0:d3:10:29:9e:b3:6a:51:26:ba:
34:b2:2c:db:ac:75:c3:6b:9f:f0:32:a6:50:d1:84:
87:f1:3c:74:fe:8a:d3:3d:28:51:e8:e7:81:0d:17:
6c:56:95:71:c1:fd:3d:a8:d1:f1:67:32:10:44:39:
bb:f5:9c:83:d3:20:5f:21:07:00:12:95:33:9b:9e:
18:2a:b0:eb:bc:44:75:f8:db:33:69:d0:30:ef:a4:
a3:8b:b1:06:d0:40:3b:70:0e:ec:6a:c1:3b:1f:75:
0b:94:44:2e:6f:02:18:5a:a1:09:d5:56:98:36:cf:
0d:2c:45:73:45:84:8d:3e:3b:a3:a1:aa:01:06:60:
bd:67:b7:a4:4a:0a:9c:7b:55:ef:c9:4a:05:45:03:
71:f2:e6:4b:9e:93:8d:1d:f2:94:fa:31:bf:5e:e0:
36:c4:73:3e:34:e6:4c:98:f8:97:0e:8f:64:a1:66:
37:b6:56:db:ad:60:27:be:87:cc:43:b0:f2:af:79:
f5:3c:ab:ca:8b:7e:ac:cf:83:4d:6e:b7:a9:55:a9:
8a:5a:b5:47:38:3e:0a:85:26:92:91:ff:86:ff:ef:
d9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:81:34:9E:D2:B0:BE:1E:50:2F:80:16:F2:4F:CA:55:7F:4B:79:F1
X509v3 Authority Key Identifier:
keyid:06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/gYE0ntKwvh5QL4AW8k_KVX9LefE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.152.0/22
Signature Algorithm: sha256WithRSAEncryption
00:9a:00:82:62:18:84:08:c7:5a:37:af:11:fb:8b:60:4a:6f:
09:29:8c:6e:c3:45:5b:97:dc:c4:da:cf:b5:62:fb:03:77:d2:
33:9c:c3:a9:53:27:ec:c8:4f:38:7c:83:e2:60:dd:69:6e:3c:
3b:13:48:07:ef:42:ff:c1:56:99:29:43:0f:2e:32:ba:b8:25:
28:bb:16:67:6a:75:8a:a4:05:8f:71:b1:0d:27:1a:73:35:25:
75:34:7a:00:15:5f:82:d2:f3:dc:8c:cf:27:d7:e7:e0:40:fe:
91:1d:41:ad:92:d3:28:62:72:30:5b:ed:db:7b:34:f0:23:75:
a0:3f:3e:fa:7c:34:c0:f9:c1:35:73:7c:79:32:e7:bf:2c:fc:
55:6b:aa:9e:8f:58:90:59:b0:3a:df:e8:68:f0:ac:e5:3c:79:
44:06:ff:31:8c:01:2f:9e:7a:fb:1b:f4:67:d5:55:42:ca:63:
63:81:cf:3a:de:af:1d:84:c9:04:3a:61:66:4c:b6:ac:a4:59:
b9:8d:55:21:d2:fd:ab:cd:0d:16:76:49:54:98:5f:b2:24:54:
fb:bc:d9:4f:53:4d:34:64:2b:3f:e8:79:0b:80:df:5a:6a:ce:
c9:02:93:7b:fd:51:a2:cd:41:8d:03:a2:3b:16:c7:9e:a2:78:
ef:b5:26:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx3SV6OeN6a8RKb0GJUZoaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YmQzMGFjMzU2MWExZGY3ZmM2YjI5NmJmOWQyOWRkNTU4
MWYxZWUwHhcNMjMxMjE3MTAxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTgxMzQ5ZWQyYjBiZTFlNTAyZjgwMTZmMjRmY2E1NTdmNGI3OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTY7Sgcixw0LioniaWXSyWvoG09Y
gu0P3OoV2jod2D7DuPDTECmes2pRJro0sizbrHXDa5/wMqZQ0YSH8Tx0/orTPShR
6OeBDRdsVpVxwf09qNHxZzIQRDm79ZyD0yBfIQcAEpUzm54YKrDrvER1+NszadAw
76Sji7EG0EA7cA7sasE7H3ULlEQubwIYWqEJ1VaYNs8NLEVzRYSNPjujoaoBBmC9
Z7ekSgqce1XvyUoFRQNx8uZLnpONHfKU+jG/XuA2xHM+NOZMmPiXDo9koWY3tlbb
rWAnvofMQ7Dyr3n1PKvKi36sz4NNbrepVamKWrVHOD4KhSaSkf+G/+/Z+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGBNJ7SsL4eUC+AFvJPylV/S3nxMB8GA1UdIwQY
MBaAFAa9MKw1YaHff8aylr+dKd1VgfHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMt
NzkxNzViMTUxYTUyLzEvZ1lFMG50S3d2aDVRTDRBVzhrX0tWWDlMZWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMtNzkxNzViMTUxYTUy
LzEvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuReYMA0G
CSqGSIb3DQEBCwUAA4IBAQAAmgCCYhiECMdaN68R+4tgSm8JKYxuw0Vbl9zE2s+1
YvsDd9IznMOpUyfsyE84fIPiYN1pbjw7E0gH70L/wVaZKUMPLjK6uCUouxZnanWK
pAWPcbENJxpzNSV1NHoAFV+C0vPcjM8n1+fgQP6RHUGtktMoYnIwW+3bezTwI3Wg
Pz76fDTA+cE1c3x5Mue/LPxVa6qej1iQWbA63+ho8KzlPHlEBv8xjAEvnnr7G/Rn
1VVCymNjgc863q8dhMkEOmFmTLaspFm5jVUh0v2rzQ0WdklUmF+yJFT7vNlPU000
ZCs/6HkLgN9aas7JApN7/VGizUGNA6I7FseeonjvtSZu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:59 2024 by rpki-client on console-fra.rpki-client.org