Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GFQZFJm-4V95zmFQgp9aIT_b_1M.roa
File: GFQZFJm-4V95zmFQgp9aIT_b_1M.roa (raw, json)
Hash identifier: M8yJDbaEVZ48ilQOWKfrgxbMzYNISWeREA8xVSMTkNs=
Subject key identifier: 18:54:19:14:99:BE:E1:5F:79:CE:61:50:82:9F:5A:21:3F:DB:FF:53
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185FCDF42F1042566BBD2A84D9BBE1FEC65
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GFQZFJm-4V95zmFQgp9aIT_b_1M.roa
Signing time: Sun 29 Jan 2023 09:32:48 +0000
ROA not before: Sun 29 Jan 2023 09:32:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 195.133.84.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fc:df:42:f1:04:25:66:bb:d2:a8:4d:9b:be:1f:ec:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 29 09:32:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1854191499bee15f79ce6150829f5a213fdbff53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4e:cf:b7:e1:d8:e4:0f:90:fb:08:f0:11:8e:
11:74:28:dd:e8:56:ec:fe:ab:3d:23:47:a3:1c:7c:
06:28:73:4e:18:87:a7:e1:c7:9d:17:0e:9e:25:b3:
98:c4:14:ca:f3:36:ac:54:a3:c5:6f:5d:b8:82:a6:
a8:d3:0c:43:9d:e1:e8:a0:7e:ee:2b:40:09:b7:a5:
7c:95:f6:ee:d1:ad:cc:f8:0e:7a:87:45:ba:fe:ec:
68:5d:38:40:f8:0a:0f:2b:d1:d9:41:ab:46:f2:77:
c4:d3:d1:7d:b6:38:fd:87:33:14:4e:f5:7f:13:66:
81:91:5f:96:63:bb:bc:8e:b9:63:78:19:3d:ed:02:
df:f5:0e:d6:8e:79:dc:0d:ef:da:a0:5e:70:5d:af:
71:f2:08:7e:89:3f:a5:04:8f:38:dd:8a:fb:cf:09:
72:fc:1d:7d:19:8c:b1:0f:5f:ed:fa:4d:20:e1:6b:
c8:67:f4:f1:84:50:c0:04:48:00:f8:eb:c8:69:4a:
26:a1:ca:71:b2:a0:f9:bb:05:e8:c4:05:1f:b1:55:
64:57:2d:5e:47:e1:80:32:f0:aa:1b:8c:f5:ec:d9:
55:98:c8:11:4b:51:10:85:ec:8b:7f:57:a7:f8:62:
50:c7:c7:ca:f8:f9:0a:bb:b2:a0:8e:07:33:de:f8:
00:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:54:19:14:99:BE:E1:5F:79:CE:61:50:82:9F:5A:21:3F:DB:FF:53
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GFQZFJm-4V95zmFQgp9aIT_b_1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
193.124.94.0/24
194.58.58.0/24
194.58.67.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:71:bb:a7:51:fc:f6:26:29:b9:c9:8a:f2:9c:4c:33:3f:80:
bc:a5:d5:5c:c3:5d:b8:14:e8:35:62:88:6d:65:fc:83:57:6f:
26:9a:42:f0:94:4f:5a:9e:ac:b8:f0:a5:b8:e3:da:69:cb:34:
07:ba:67:27:c7:30:c0:0f:0e:53:2f:89:d0:2c:43:4d:0c:70:
6b:ea:4c:21:3b:3a:07:fd:8e:36:1d:22:4b:f2:dd:63:0d:1b:
8c:da:01:a9:3d:46:7f:aa:76:eb:59:59:4c:86:6d:0b:d1:8d:
33:ff:5e:23:e7:a0:96:07:2b:97:0f:dc:19:9d:a7:64:7f:ac:
25:56:dc:5a:20:14:c4:2c:09:e4:63:66:49:f0:e6:a9:40:f9:
a2:7b:ec:26:d0:49:99:dc:35:45:b7:b7:25:3c:d4:a8:be:81:
c8:35:a3:73:e7:16:a6:2a:46:c0:b9:f0:14:60:6d:a5:d6:2b:
05:a0:ee:7e:a5:cc:69:be:59:b2:7f:49:f7:18:20:37:b1:cf:
29:94:42:73:e9:03:b7:9d:b0:10:3e:db:8a:04:ee:a8:41:ad:
25:8c:a0:1b:16:d0:01:5a:6a:ea:bb:0a:9f:93:5d:23:5b:a7:
a5:c4:93:73:e6:82:b2:65:df:fa:73:96:dc:cd:10:b5:69:04:
c8:6b:32:79
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYX830LxBCVmu9KoTZu+H+xlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI5MDkzMjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODU0MTkxNDk5YmVlMTVmNzljZTYxNTA4MjlmNWEyMTNmZGJmZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU7Pt+HY5A+Q+wjwEY4RdCjd6Fbs
/qs9I0ejHHwGKHNOGIen4cedFw6eJbOYxBTK8zasVKPFb124gqao0wxDneHooH7u
K0AJt6V8lfbu0a3M+A56h0W6/uxoXThA+AoPK9HZQatG8nfE09F9tjj9hzMUTvV/
E2aBkV+WY7u8jrljeBk97QLf9Q7WjnncDe/aoF5wXa9x8gh+iT+lBI843Yr7zwly
/B19GYyxD1/t+k0g4WvIZ/TxhFDABEgA+OvIaUomocpxsqD5uwXoxAUfsVVkVy1e
R+GAMvCqG4z17NlVmMgRS1EQheyLf1en+GJQx8fK+PkKu7Kgjgcz3vgA5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBhUGRSZvuFfec5hUIKfWiE/2/9TMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR0ZRWkZKbS00Vjk1em1GUWdwOWFJVF9iXzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwtAwQA
wXxeAwQAwjo6AwQAwjpDAwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQB+cbunUfz2
Jim5yYrynEwzP4C8pdVcw124FOg1YohtZfyDV28mmkLwlE9anqy48KW449ppyzQH
umcnxzDADw5TL4nQLENNDHBr6kwhOzoH/Y42HSJL8t1jDRuM2gGpPUZ/qnbrWVlM
hm0L0Y0z/14j56CWByuXD9wZnadkf6wlVtxaIBTELAnkY2ZJ8OapQPmie+wm0EmZ
3DVFt7clPNSovoHINaNz5xamKkbAufAUYG2l1isFoO5+pcxpvlmyf0n3GCA3sc8p
lEJz6QO3nbAQPtuKBO6oQa0ljKAbFtABWmrquwqfk10jW6elxJNz5oKyZd/6c5bc
zRC1aQTIazJ5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org