Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/GIn50L-FMM9wXrJSnlIt-8Fqakc.roa
File: GIn50L-FMM9wXrJSnlIt-8Fqakc.roa (raw, json)
Hash identifier: ZqNgp4iNGyLZJYinJk0NAoHGPgPEJFPj3Yots+yYYQg=
Subject key identifier: 18:89:F9:D0:BF:85:30:CF:70:5E:B2:52:9E:52:2D:FB:C1:6A:6A:47
Certificate issuer: /CN=380ef7ff5b54f53fcf2312abe2ec3f5958ba1425
Certificate serial: 018572FA8B1C410EA88F0C8F22903C8EB4A8
Authority key identifier: 38:0E:F7:FF:5B:54:F5:3F:CF:23:12:AB:E2:EC:3F:59:58:BA:14:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OA73_1tU9T_PIxKr4uw_WVi6FCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/GIn50L-FMM9wXrJSnlIt-8Fqakc.roa
Signing time: Mon 02 Jan 2023 14:55:00 +0000
ROA not before: Mon 02 Jan 2023 14:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198090
IP address blocks: 91.231.165.0/24 maxlen: 24
91.231.166.0/24 maxlen: 24
91.231.164.0/24 maxlen: 24
91.231.164.0/22 maxlen: 22
91.231.167.0/24 maxlen: 24
91.199.170.0/24 maxlen: 24
185.114.82.0/24 maxlen: 24
185.114.83.0/24 maxlen: 24
185.114.80.0/24 maxlen: 24
185.114.81.0/24 maxlen: 24
185.114.80.0/22 maxlen: 22
185.30.70.0/24 maxlen: 24
185.30.71.0/24 maxlen: 24
185.30.68.0/24 maxlen: 24
185.30.69.0/24 maxlen: 24
185.30.68.0/22 maxlen: 22
91.237.16.0/23 maxlen: 23
91.237.17.0/24 maxlen: 24
91.237.16.0/24 maxlen: 24
185.246.36.0/22 maxlen: 22
185.246.37.0/24 maxlen: 24
185.246.38.0/24 maxlen: 24
185.246.36.0/24 maxlen: 24
185.246.39.0/24 maxlen: 24
2a06:6d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:8b:1c:41:0e:a8:8f:0c:8f:22:90:3c:8e:b4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380ef7ff5b54f53fcf2312abe2ec3f5958ba1425
Validity
Not Before: Jan 2 14:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1889f9d0bf8530cf705eb2529e522dfbc16a6a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4a:4d:98:78:c3:f5:ea:ae:b7:65:da:38:62:
46:3a:7d:22:88:0b:f7:6a:6a:1d:cb:4a:4f:b6:f2:
0f:9e:9b:7d:1d:2f:a5:7f:44:8f:af:f4:89:a0:27:
98:de:8c:b8:b9:ec:34:ac:98:e7:14:2a:c2:2c:73:
fa:1f:60:95:6f:3c:b7:1f:d4:3b:7a:68:63:7f:67:
ba:b3:a6:83:07:17:b0:52:08:8f:69:9d:24:ff:07:
37:f8:24:ec:44:96:e8:44:c0:01:e6:46:92:16:dd:
02:85:b2:b0:b9:58:fa:54:d5:9d:20:07:27:12:df:
bb:f3:70:b1:7f:3e:f6:d2:fd:c3:60:8a:84:a4:8e:
43:94:6e:6e:39:1b:0b:97:63:23:aa:73:aa:8f:82:
b7:67:0b:fb:e5:16:6b:f4:bf:2a:11:32:6d:0c:12:
c2:56:50:cc:f9:01:eb:1c:23:aa:e5:b1:92:9d:5e:
b4:dd:18:95:f6:da:f4:30:37:bd:a1:4d:90:57:e0:
49:e7:79:2b:8d:57:1f:a3:c0:b5:38:75:09:96:13:
7f:c5:48:9d:06:38:2a:be:0c:44:a2:f5:30:f3:7e:
fe:91:35:48:eb:72:0d:45:b2:9a:06:af:5a:fb:87:
df:9b:50:f0:68:dd:47:b4:46:ef:77:d8:a8:60:a0:
1b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:89:F9:D0:BF:85:30:CF:70:5E:B2:52:9E:52:2D:FB:C1:6A:6A:47
X509v3 Authority Key Identifier:
keyid:38:0E:F7:FF:5B:54:F5:3F:CF:23:12:AB:E2:EC:3F:59:58:BA:14:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OA73_1tU9T_PIxKr4uw_WVi6FCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/GIn50L-FMM9wXrJSnlIt-8Fqakc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d91255-3243-4a47-946a-f04cc1c230cf/1/OA73_1tU9T_PIxKr4uw_WVi6FCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.170.0/24
91.231.164.0/22
91.237.16.0/23
185.30.68.0/22
185.114.80.0/22
185.246.36.0/22
IPv6:
2a06:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
7c:89:5f:4f:83:c4:60:0b:e8:6f:57:41:dc:d5:c5:24:58:3b:
70:76:0b:56:4f:30:0b:83:7d:cd:1e:d4:43:7c:8c:f8:f4:d4:
d0:27:74:a1:e8:45:18:c6:a0:6c:9c:6f:b1:9d:6b:5b:54:aa:
ed:21:97:0e:72:86:7e:29:4c:63:45:2c:fd:3f:2b:c9:47:ca:
03:1d:23:9b:3e:57:09:af:ce:1c:38:92:15:78:e2:54:ff:ed:
9b:5d:20:4a:ce:73:df:3e:f2:70:22:58:57:5d:79:4c:3f:57:
70:ef:d8:b7:cb:e8:e6:55:2d:3c:01:a8:5b:1e:7e:cd:c9:95:
9f:53:9e:6d:7a:00:65:f2:34:b4:8a:b4:d8:70:22:a3:4b:5a:
ce:19:ac:9f:2e:7a:1b:cc:d1:a4:cd:45:e2:a0:a8:fa:3f:4e:
69:46:5c:48:75:00:6b:12:76:7a:57:55:ec:cd:6c:b5:44:6f:
f3:99:04:77:dc:8a:ae:9a:69:89:fb:df:91:24:48:8a:cf:0f:
07:61:b1:5e:bc:54:da:30:a6:c3:ff:20:24:41:be:02:27:a7:
46:fc:69:d3:b9:3b:58:86:d3:26:7e:25:19:50:94:92:e8:9b:
e6:68:34:d3:a2:a1:1a:5f:0b:42:f0:e9:d9:47:fd:38:b1:a7:
08:71:84:9a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVy+oscQQ6ojwyPIpA8jrSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGVmN2ZmNWI1NGY1M2ZjZjIzMTJhYmUyZWMzZjU5NThi
YTE0MjUwHhcNMjMwMTAyMTQ1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg5ZjlkMGJmODUzMGNmNzA1ZWIyNTI5ZTUyMmRmYmMxNmE2YTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0pNmHjD9equt2XaOGJGOn0iiAv3
amody0pPtvIPnpt9HS+lf0SPr/SJoCeY3oy4uew0rJjnFCrCLHP6H2CVbzy3H9Q7
emhjf2e6s6aDBxewUgiPaZ0k/wc3+CTsRJboRMAB5kaSFt0ChbKwuVj6VNWdIAcn
Et+783Cxfz720v3DYIqEpI5DlG5uORsLl2MjqnOqj4K3Zwv75RZr9L8qETJtDBLC
VlDM+QHrHCOq5bGSnV603RiV9tr0MDe9oU2QV+BJ53krjVcfo8C1OHUJlhN/xUid
BjgqvgxEovUw837+kTVI63INRbKaBq9a+4ffm1DwaN1HtEbvd9ioYKAbawIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBiJ+dC/hTDPcF6yUp5SLfvBampHMB8GA1UdIwQY
MBaAFDgO9/9bVPU/zyMSq+LsP1lYuhQlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0E3M18xdFU5VF9QSXhLcjR1d19XVmk2RkNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kOTEyNTUtMzI0My00YTQ3LTk0NmEt
ZjA0Y2MxYzIzMGNmLzEvR0luNTBMLUZNTTl3WHJKU25sSXQtOEZxYWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kOTEyNTUtMzI0My00YTQ3LTk0NmEtZjA0Y2MxYzIzMGNm
LzEvT0E3M18xdFU5VF9QSXhLcjR1d19XVmk2RkNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW8eqAwQC
W+ekAwQBW+0QAwQCuR5EAwQCuXJQAwQCufYkMA0EAgACMAcDBQMqBm1AMA0GCSqG
SIb3DQEBCwUAA4IBAQB8iV9Pg8RgC+hvV0Hc1cUkWDtwdgtWTzALg33NHtRDfIz4
9NTQJ3Sh6EUYxqBsnG+xnWtbVKrtIZcOcoZ+KUxjRSz9PyvJR8oDHSObPlcJr84c
OJIVeOJU/+2bXSBKznPfPvJwIlhXXXlMP1dw79i3y+jmVS08AahbHn7NyZWfU55t
egBl8jS0irTYcCKjS1rOGayfLnobzNGkzUXioKj6P05pRlxIdQBrEnZ6V1XszWy1
RG/zmQR33IqummmJ+9+RJEiKzw8HYbFevFTaMKbD/yAkQb4CJ6dG/GnTuTtYhtMm
fiUZUJSS6JvmaDTToqEaXwtC8OnZR/04sacIcYSa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:59 2024 by rpki-client on console-fra.rpki-client.org