Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GDrzc4srHoGgs9kPnD3fFXV_yqc.roa
File: GDrzc4srHoGgs9kPnD3fFXV_yqc.roa (raw, json)
Hash identifier: 3gA/bnTa0CUmqeD54XOXxk276QJqoWrPKSZAi1iugBg=
Subject key identifier: 18:3A:F3:73:8B:2B:1E:81:A0:B3:D9:0F:9C:3D:DF:15:75:7F:CA:A7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188943CCB0451F5B630D0A8730A7B409AB2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GDrzc4srHoGgs9kPnD3fFXV_yqc.roa
Signing time: Wed 07 Jun 2023 05:03:12 +0000
ROA not before: Wed 07 Jun 2023 05:03:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53850
IP address blocks: 62.76.224.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:3c:cb:04:51:f5:b6:30:d0:a8:73:0a:7b:40:9a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 7 05:03:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=183af3738b2b1e81a0b3d90f9c3ddf15757fcaa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:fe:00:ad:05:ef:bd:75:e8:63:24:eb:8f:
35:62:84:87:cd:88:b9:77:50:bb:53:00:c0:36:31:
2d:3c:e1:b4:16:87:2c:11:d7:4a:9b:93:40:04:76:
d7:5b:be:5b:63:18:f4:57:33:18:f7:d4:cc:a5:d7:
5c:6f:de:22:ec:c7:b0:58:21:dd:0d:f4:cd:55:d9:
fc:0c:39:2c:3d:f5:90:ce:d6:22:61:53:80:2c:d3:
27:55:4f:cf:2e:6a:f5:3f:62:1d:27:5d:87:84:55:
69:4c:f4:a8:ab:51:38:72:15:08:8d:36:bb:7a:7b:
1b:b6:16:b7:5f:8e:44:ab:39:6c:dc:ab:00:b8:0a:
59:83:53:26:49:50:43:14:18:fb:5b:af:9c:1e:c7:
4f:7f:f6:95:35:46:3f:52:50:be:9b:c3:6d:07:62:
9b:f8:41:42:0a:d6:81:e9:c0:4e:3c:ce:ba:70:9a:
98:90:e7:8b:82:fb:11:d5:25:5e:eb:12:7c:a5:62:
a6:2f:be:cf:14:42:3f:2a:99:4a:9d:68:8d:97:8a:
f5:e7:85:3d:ae:42:95:3b:e0:23:88:30:5c:76:6d:
6c:80:84:2e:67:7b:75:eb:3b:a2:61:56:34:b5:06:
c0:8c:2a:bf:51:19:c4:81:50:1b:fb:68:bb:6f:07:
d4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3A:F3:73:8B:2B:1E:81:A0:B3:D9:0F:9C:3D:DF:15:75:7F:CA:A7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GDrzc4srHoGgs9kPnD3fFXV_yqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
185.72.11.0/24
194.87.32.0/24
194.87.39.0/24
Signature Algorithm: sha256WithRSAEncryption
72:84:2f:e4:2f:8b:78:c1:84:a3:8d:e4:e6:62:20:21:c2:6d:
3f:4a:a2:01:87:23:a8:4d:04:d3:d2:77:b3:25:25:a2:dc:b5:
58:8f:2a:b6:91:4a:bf:96:c8:88:6b:fa:47:d5:8d:48:a7:1a:
c3:46:44:2f:d9:2e:17:81:da:81:c5:80:80:06:a3:e3:00:ea:
a4:ac:74:81:34:b2:88:fc:b3:cf:d7:66:78:d7:1b:2b:e0:f0:
74:09:2d:de:c1:3a:63:a7:ae:8e:0a:66:6b:13:06:09:74:0c:
37:d4:f4:84:44:2d:05:de:a5:02:fd:d9:0d:ca:eb:42:c5:1c:
d8:bd:d5:b1:81:63:0b:30:b9:ca:31:46:4c:e9:e4:ae:fd:02:
e2:75:6d:de:0b:43:16:6e:45:43:ab:f4:91:f8:b6:e2:81:83:
9c:20:6e:e0:c1:95:0e:66:27:2d:63:58:c6:b1:7b:e3:2d:87:
1c:b1:ef:59:d1:53:c9:f4:83:21:ea:f0:ab:b5:2e:46:75:4a:
6d:60:21:b3:93:8c:c9:b4:de:04:49:cd:de:d6:ec:71:e7:10:
a2:bb:cb:c7:97:0e:6e:b3:52:05:d1:17:f1:62:74:d2:e8:15:
0d:f2:08:9f:1d:b0:6e:a6:f7:fa:2e:c8:11:d9:62:07:68:e0:
85:ce:bf:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiUPMsEUfW2MNCocwp7QJqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA3MDUwMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODNhZjM3MzhiMmIxZTgxYTBiM2Q5MGY5YzNkZGYxNTc1N2ZjYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDX+AK0F77116GMk6481YoSHzYi5
d1C7UwDANjEtPOG0FocsEddKm5NABHbXW75bYxj0VzMY99TMpddcb94i7MewWCHd
DfTNVdn8DDksPfWQztYiYVOALNMnVU/PLmr1P2IdJ12HhFVpTPSoq1E4chUIjTa7
ensbtha3X45Eqzls3KsAuApZg1MmSVBDFBj7W6+cHsdPf/aVNUY/UlC+m8NtB2Kb
+EFCCtaB6cBOPM66cJqYkOeLgvsR1SVe6xJ8pWKmL77PFEI/KplKnWiNl4r154U9
rkKVO+AjiDBcdm1sgIQuZ3t16zuiYVY0tQbAjCq/URnEgVAb+2i7bwfUmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBg683OLKx6BoLPZD5w93xV1f8qnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR0RyemM0c3JIb0dnczlrUG5EM2ZGWFZfeXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzgAwQA
uUgLAwQAwlcgAwQAwlcnMA0GCSqGSIb3DQEBCwUAA4IBAQByhC/kL4t4wYSjjeTm
YiAhwm0/SqIBhyOoTQTT0nezJSWi3LVYjyq2kUq/lsiIa/pH1Y1IpxrDRkQv2S4X
gdqBxYCABqPjAOqkrHSBNLKI/LPP12Z41xsr4PB0CS3ewTpjp66OCmZrEwYJdAw3
1PSERC0F3qUC/dkNyutCxRzYvdWxgWMLMLnKMUZM6eSu/QLidW3eC0MWbkVDq/SR
+LbigYOcIG7gwZUOZictY1jGsXvjLYccse9Z0VPJ9IMh6vCrtS5GdUptYCGzk4zJ
tN4ESc3e1uxx5xCiu8vHlw5us1IF0RfxYnTS6BUN8gifHbBupvf6LsgR2WIHaOCF
zr8k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:59 2023 by rpki-client on console-fra.rpki-client.org