Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/GTezd8p8b0JKUxT0gziVVWD6WWQ.roa
File: GTezd8p8b0JKUxT0gziVVWD6WWQ.roa (raw, json)
Hash identifier: S+jPiy3wqXoLf22lkVuZ70ppHej5GgFNgZPgfamlyos=
Subject key identifier: 19:37:B3:77:CA:7C:6F:42:4A:53:14:F4:83:38:95:55:60:FA:59:64
Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial: 01856F3010924123DB46A6162E56025116D8
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/GTezd8p8b0JKUxT0gziVVWD6WWQ.roa
Signing time: Sun 01 Jan 2023 21:14:58 +0000
ROA not before: Sun 01 Jan 2023 21:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.129.28.0/23 maxlen: 23
192.129.31.0/24 maxlen: 24
192.129.26.0/23 maxlen: 23
141.39.0.0/16 maxlen: 16
195.37.0.0/16 maxlen: 16
192.76.176.0/24 maxlen: 24
193.174.0.0/15 maxlen: 15
194.94.0.0/15 maxlen: 15
188.1.0.0/16 maxlen: 16
212.201.0.0/16 maxlen: 16
2001:638::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 03 Jan 2023 07:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:10:92:41:23:db:46:a6:16:2e:56:02:51:16:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Validity
Not Before: Jan 1 21:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1937b377ca7c6f424a5314f48338955560fa5964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ef:09:e0:a5:ab:0d:2e:38:54:c8:32:df:8c:
46:7c:3c:84:0e:0c:b6:17:c3:6a:6f:f3:26:9e:28:
c9:fd:c6:36:84:d3:e3:1f:1f:d3:5d:5a:be:70:b7:
7e:0b:3f:64:9d:81:29:a2:f7:d4:fd:2c:67:35:93:
a9:cf:34:f0:90:86:06:89:71:60:a7:76:95:22:94:
f7:bb:3b:5a:6b:a9:88:a0:35:52:7e:33:cd:ec:30:
6b:a8:02:1d:51:8c:a4:b2:f4:e8:d0:c2:e8:27:c2:
50:a5:35:e7:37:9b:1e:d5:0a:2f:a4:19:18:13:08:
9d:ed:4e:8d:00:17:49:d1:bc:57:4e:9a:e1:75:1e:
91:97:31:10:ed:29:91:4e:41:df:b5:75:b3:53:b7:
be:de:1e:3f:24:bf:be:91:16:29:8d:93:4d:e2:55:
32:d1:87:c0:b0:be:7d:45:d2:a9:c6:40:6c:ff:e8:
58:f2:45:a9:e5:b9:88:ca:78:bf:3c:03:75:43:6a:
5d:d9:46:56:24:a9:64:1c:08:c1:2b:32:e2:52:18:
e0:26:e3:b4:25:c3:36:d6:aa:3e:82:60:3c:94:33:
8d:f6:f3:04:98:25:fa:39:b1:1b:30:9e:76:f4:c6:
36:ed:cd:c1:33:4a:06:d0:8c:1f:96:9b:51:19:ae:
df:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:37:B3:77:CA:7C:6F:42:4A:53:14:F4:83:38:95:55:60:FA:59:64
X509v3 Authority Key Identifier:
keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/GTezd8p8b0JKUxT0gziVVWD6WWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.39.0.0/16
188.1.0.0/16
192.76.176.0/24
192.129.26.0-192.129.29.255
192.129.31.0/24
193.174.0.0/15
194.94.0.0/15
195.37.0.0/16
212.201.0.0/16
IPv6:
2001:638::/32
Signature Algorithm: sha256WithRSAEncryption
8d:dd:2e:94:d9:f3:34:e5:e5:e0:25:69:f9:0b:ce:66:b6:80:
bb:f8:6e:3f:e8:b7:aa:6d:c4:2a:1f:37:d0:f4:99:94:53:33:
43:72:c3:56:29:3c:59:96:22:68:8f:e4:19:fa:b7:3c:9e:c3:
5d:a4:28:b4:bd:c2:b6:21:77:74:78:d1:a5:b0:16:6b:3f:03:
f3:76:a4:de:3e:11:a9:ae:5a:30:8c:c7:fc:07:91:c5:93:85:
be:af:51:d0:73:f2:6b:06:79:90:1b:a4:74:87:1d:c8:14:64:
45:06:60:f0:a9:fd:2c:35:21:52:30:8f:67:89:3f:bd:27:d2:
55:a6:e8:66:71:ce:e4:b2:5c:20:31:25:06:9c:29:c9:f1:85:
b1:e4:94:14:c0:62:3f:11:43:0b:33:eb:9e:a6:e3:3e:05:0e:
6d:d8:f6:4f:e6:77:03:e1:27:30:0c:73:05:71:0c:89:84:ca:
04:05:fb:a0:62:37:a3:42:11:81:a9:c9:52:b4:1a:09:53:ac:
b5:38:a8:4b:db:50:9a:b8:54:09:60:99:47:3b:37:e9:ae:4e:
cd:10:18:47:80:2a:cf:ac:49:34:92:37:65:20:d2:9d:0e:ea:
2a:bc:bf:d9:53:af:c9:10:6f:8a:b1:1f:c7:44:8a:a9:03:64:
8c:c8:3d:f0
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVvMBCSQSPbRqYWLlYCURbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjMwMTAxMjExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTM3YjM3N2NhN2M2ZjQyNGE1MzE0ZjQ4MzM4OTU1NTYwZmE1OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO8J4KWrDS44VMgy34xGfDyEDgy2
F8Nqb/MmnijJ/cY2hNPjHx/TXVq+cLd+Cz9knYEpovfU/SxnNZOpzzTwkIYGiXFg
p3aVIpT3uztaa6mIoDVSfjPN7DBrqAIdUYyksvTo0MLoJ8JQpTXnN5se1QovpBkY
Ewid7U6NABdJ0bxXTprhdR6RlzEQ7SmRTkHftXWzU7e+3h4/JL++kRYpjZNN4lUy
0YfAsL59RdKpxkBs/+hY8kWp5bmIyni/PAN1Q2pd2UZWJKlkHAjBKzLiUhjgJuO0
JcM21qo+gmA8lDON9vMEmCX6ObEbMJ529MY27c3BM0oG0IwflptRGa7fJwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBk3s3fKfG9CSlMU9IM4lVVg+llkMB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvR1RlemQ4cDhiMEpLVXhUMGd6aVZWV0Q2V1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQtNTdlYzEyZTg2NDFl
LzEvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwMAjScDAwC8
AQMEAMBMsDAMAwQBwIEaAwQBwIEcAwQAwIEfAwMBwa4DAwHCXgMDAMMlAwMA1Mkw
DQQCAAIwBwMFACABBjgwDQYJKoZIhvcNAQELBQADggEBAI3dLpTZ8zTl5eAlafkL
zma2gLv4bj/ot6ptxCofN9D0mZRTM0Nyw1YpPFmWImiP5Bn6tzyew12kKLS9wrYh
d3R40aWwFms/A/N2pN4+EamuWjCMx/wHkcWThb6vUdBz8msGeZAbpHSHHcgUZEUG
YPCp/Sw1IVIwj2eJP70n0lWm6GZxzuSyXCAxJQacKcnxhbHklBTAYj8RQwsz656m
4z4FDm3Y9k/mdwPhJzAMcwVxDImEygQF+6BiN6NCEYGpyVK0GglTrLU4qEvbUJq4
VAlgmUc7N+muTs0QGEeAKs+sSTSSN2Ug0p0O6iq8v9lTr8kQb4qxH8dEiqkDZIzI
PfA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:45 2024 by rpki-client on console-ams.rpki-client.org