Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/GVmhFaAJFWrg6wrXF3WWxXjEdLs.roa
File: GVmhFaAJFWrg6wrXF3WWxXjEdLs.roa (raw, json)
Hash identifier: wTeNkFUBMive/YNcGueQMFE+ac1ELNCv//6V9YI+7T8=
Subject key identifier: 19:59:A1:15:A0:09:15:6A:E0:EB:0A:D7:17:75:96:C5:78:C4:74:BB
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C3F9E18BCA4A1DF8A77E7237A56B4ABD7
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/GVmhFaAJFWrg6wrXF3WWxXjEdLs.roa
Signing time: Wed 06 Dec 2023 14:52:54 +0000
ROA not before: Wed 06 Dec 2023 14:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 62.122.231.0/24 maxlen: 24
62.122.230.0/24 maxlen: 24
62.122.228.0/22 maxlen: 22
62.122.228.0/24 maxlen: 24
185.167.181.0/24 maxlen: 24
5.253.158.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:9e:18:bc:a4:a1:df:8a:77:e7:23:7a:56:b4:ab:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 6 14:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1959a115a009156ae0eb0ad7177596c578c474bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fc:c9:40:d9:d7:f7:f2:40:1a:83:5e:0c:fb:
04:a0:40:46:26:04:c7:83:6b:88:ff:4a:62:92:ea:
07:1f:14:22:f3:20:e4:0a:70:16:f5:b0:8f:fe:d1:
0e:5e:1a:82:5a:8c:ce:dc:f5:f9:0a:a7:5d:e1:36:
cf:af:74:59:74:ca:b9:52:fe:ca:4c:cf:84:4f:5a:
ac:0c:e4:28:a9:c3:4f:a7:e8:31:9a:c3:96:c3:21:
ad:b3:16:51:5b:c9:d0:f7:36:92:1f:be:a2:57:8a:
66:f4:a7:f4:83:ef:e7:50:d3:eb:6c:b1:bc:23:8d:
60:b5:2d:ae:58:9f:8e:9a:9c:07:82:f4:56:e8:bf:
19:1b:f3:49:01:24:94:83:a6:6e:ab:ae:87:04:57:
b7:98:47:d4:57:8a:8f:de:e8:c7:29:ed:a5:98:7b:
0b:76:d7:f0:83:52:1a:13:ae:d3:2e:08:b9:73:3a:
02:1b:11:4c:c6:b5:28:03:81:c4:90:d3:85:d8:12:
1e:31:da:22:53:b2:aa:eb:d8:cb:b9:48:76:00:b0:
b7:42:a4:3b:09:6c:3f:16:80:e0:82:1e:09:79:cd:
2a:d9:98:b9:c1:4c:7f:9f:be:db:1f:ab:cd:c1:8e:
7a:6a:1d:8c:f7:24:d1:53:f8:0c:03:03:54:42:b6:
f1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:59:A1:15:A0:09:15:6A:E0:EB:0A:D7:17:75:96:C5:78:C4:74:BB
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/GVmhFaAJFWrg6wrXF3WWxXjEdLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.158.0/24
62.122.228.0/22
185.167.181.0/24
185.204.203.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b6:08:96:0e:29:49:19:cd:76:84:ce:ca:d4:10:14:8a:b3:
f0:b7:1b:a0:02:92:c7:ca:e7:51:e2:1d:9f:89:e0:e9:9c:86:
78:f3:df:bb:bc:63:bf:7f:93:92:e1:ee:e5:58:59:01:f0:6e:
f9:60:10:04:b5:b9:4e:78:2b:e9:4e:de:89:59:f6:50:0c:b4:
44:f1:a2:eb:41:53:45:84:aa:d0:2a:12:ff:36:21:76:a4:af:
3b:8a:a8:c7:81:29:25:af:c9:22:ce:47:fd:69:72:c1:95:3f:
60:79:0c:f7:95:be:72:8c:85:a0:a6:96:03:32:ec:3e:e1:e8:
f0:40:12:2f:79:80:cc:5d:f2:14:40:d9:45:86:5f:fd:f3:4e:
aa:8d:c9:0c:95:d2:64:60:c0:01:01:81:3f:28:5d:59:df:cf:
c9:c4:00:0c:51:db:0e:62:59:fa:fb:22:cd:44:cf:48:2f:25:
fa:43:ed:80:b0:e6:2c:31:b4:75:3d:dd:86:49:96:03:23:c0:
30:ba:d1:28:71:6b:cf:35:5f:6e:7d:6b:02:23:82:81:ec:74:
e0:60:42:5f:ee:96:75:be:c4:58:76:1a:63:98:6a:ca:53:ad:
ca:2d:f3:86:c0:73:3d:1f:d0:5c:e5:a1:b8:cd:08:46:a9:75:
3f:fd:bc:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYw/nhi8pKHfinfnI3pWtKvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjA2MTQ1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTU5YTExNWEwMDkxNTZhZTBlYjBhZDcxNzc1OTZjNTc4YzQ3NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPzJQNnX9/JAGoNeDPsEoEBGJgTH
g2uI/0pikuoHHxQi8yDkCnAW9bCP/tEOXhqCWozO3PX5Cqdd4TbPr3RZdMq5Uv7K
TM+ET1qsDOQoqcNPp+gxmsOWwyGtsxZRW8nQ9zaSH76iV4pm9Kf0g+/nUNPrbLG8
I41gtS2uWJ+OmpwHgvRW6L8ZG/NJASSUg6Zuq66HBFe3mEfUV4qP3ujHKe2lmHsL
dtfwg1IaE67TLgi5czoCGxFMxrUoA4HEkNOF2BIeMdoiU7Kq69jLuUh2ALC3QqQ7
CWw/FoDggh4Jec0q2Zi5wUx/n77bH6vNwY56ah2M9yTRU/gMAwNUQrbxrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBlZoRWgCRVq4OsK1xd1lsV4xHS7MB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvR1ZtaEZhQUpGV3JnNndyWEYzV1d4WGpFZExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf2eAwQC
PnrkAwQAuae1AwQAuczLMA0GCSqGSIb3DQEBCwUAA4IBAQA4tgiWDilJGc12hM7K
1BAUirPwtxugApLHyudR4h2fieDpnIZ489+7vGO/f5OS4e7lWFkB8G75YBAEtblO
eCvpTt6JWfZQDLRE8aLrQVNFhKrQKhL/NiF2pK87iqjHgSklr8kizkf9aXLBlT9g
eQz3lb5yjIWgppYDMuw+4ejwQBIveYDMXfIUQNlFhl/9806qjckMldJkYMABAYE/
KF1Z38/JxAAMUdsOYln6+yLNRM9ILyX6Q+2AsOYsMbR1Pd2GSZYDI8AwutEocWvP
NV9ufWsCI4KB7HTgYEJf7pZ1vsRYdhpjmGrKU63KLfOGwHM9H9Bc5aG4zQhGqXU/
/bw/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:15 2024 by rpki-client on console-fra.rpki-client.org