Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GTem_k_V3aVt_98KczMHg6g1fTI.roa
File: GTem_k_V3aVt_98KczMHg6g1fTI.roa (raw, json)
Hash identifier: TNgiWC3mdsodfDSB1W1iL/sE0ySqs+pJrwleplwYdRQ=
Subject key identifier: 19:37:A6:FE:4F:D5:DD:A5:6D:FF:DF:0A:73:33:07:83:A8:35:7D:32
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D35DA3EAB1CF94934202D1D8868754D45
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GTem_k_V3aVt_98KczMHg6g1fTI.roa
Signing time: Tue 23 Jan 2024 10:25:11 +0000
ROA not before: Tue 23 Jan 2024 10:25:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 03:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:da:3e:ab:1c:f9:49:34:20:2d:1d:88:68:75:4d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 23 10:25:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1937a6fe4fd5dda56dffdf0a73330783a8357d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6c:ee:37:89:0e:aa:5f:0f:44:ff:68:34:2d:
ba:75:82:b9:12:48:85:61:bf:9a:18:8d:c1:a5:70:
20:e0:1a:18:81:e5:0d:93:cc:26:5e:74:73:b0:b7:
66:66:74:75:52:94:1a:a4:fb:b5:fb:e2:1f:7a:71:
a1:e7:ce:93:81:8a:8d:e1:b6:af:18:65:3f:3b:23:
ce:d8:b1:7d:ed:f3:95:54:86:ec:f7:a5:78:46:71:
82:9c:d8:95:62:82:0b:c9:0e:5a:9e:9a:21:b2:16:
87:85:22:d2:c2:a3:50:5b:0d:2b:a8:87:63:0a:6e:
b2:8c:b6:5f:5c:a3:7f:b7:62:7e:f6:ca:77:a2:a5:
72:ac:ba:36:06:bd:3c:c6:ef:a8:5a:82:f3:f6:7f:
28:82:e6:a6:af:49:01:7f:24:3b:bd:4f:d2:51:33:
b0:aa:af:24:c6:d4:4d:bd:22:02:79:ea:2e:11:45:
6e:36:7d:bc:8b:a4:10:9d:26:0f:ab:b1:20:c3:d7:
18:86:b6:c1:90:b9:bd:01:a4:b5:bc:ca:b8:f2:a2:
7c:89:90:be:7c:9f:6c:2d:56:a5:8f:c0:30:5d:89:
d8:02:8d:4e:77:9d:a0:e0:cb:59:f5:e8:f9:62:fc:
f8:ff:8c:a7:59:98:f9:92:15:bd:ee:c8:1c:21:0d:
25:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:37:A6:FE:4F:D5:DD:A5:6D:FF:DF:0A:73:33:07:83:A8:35:7D:32
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GTem_k_V3aVt_98KczMHg6g1fTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
185.72.10.0/24
192.124.183.0/24
193.124.5.0/24
193.124.47.0/24
193.124.95.0/24
193.124.202.0/24
194.58.41.0-194.58.42.255
194.58.66.0/24
194.58.154.0/24
194.87.26.0/24
194.87.76.0/24
194.87.81.0/24
194.87.128.0/24
194.87.149.0/24
194.87.151.0/24
194.87.170.0/24
194.87.172.0/24
194.87.187.0/24
194.87.190.0/24
194.87.201.0/24
194.87.215.0/24
194.87.224.0/24
194.87.229.0/24
194.87.231.0/24
194.135.18.0/24
194.135.33.0/24
195.58.54.0/24
195.58.60.0/24
195.58.63.0/24
195.133.2.0/24
195.133.25.0/24
195.133.27.0/24
195.133.72.0/24
195.133.84.0/24
195.133.192.0/24
212.192.1.0/24
212.192.214.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
09:95:7f:7d:13:1d:28:a5:ef:c3:d8:72:e5:65:8c:46:50:d6:
d4:23:70:5f:1e:a8:8a:69:00:9a:f7:88:04:f2:a3:48:a6:5e:
05:87:e0:1d:a9:48:2c:b7:82:6b:9f:96:1d:d2:11:eb:fd:b7:
4d:51:51:a5:97:9d:ed:69:d9:fe:dc:ee:e5:c2:1d:b7:3d:de:
1c:c7:93:70:55:37:a5:4a:ed:14:6b:d6:b2:48:a8:e5:0b:a6:
ef:e8:7d:eb:52:d0:c0:f8:ee:d6:f8:74:9c:eb:89:80:63:70:
16:40:ae:ad:e7:9e:80:00:41:3d:34:2b:9b:39:92:c6:d6:84:
2d:43:e2:a3:b9:13:a4:41:23:d9:3e:70:02:c4:92:a3:08:ce:
2d:ee:2e:b4:ac:54:55:28:6d:d7:75:c3:f2:75:9e:f1:75:06:
6e:8c:74:e2:cf:ff:dc:34:69:3a:b7:29:db:fd:59:1a:08:39:
e6:82:db:b3:78:de:2a:42:14:43:d6:c4:18:72:49:48:1b:54:
6a:3c:38:d8:5d:be:bd:f5:1a:34:e2:f9:24:58:c7:53:a3:c3:
cf:e5:58:a8:96:81:73:c8:c0:a5:dd:5f:49:0b:9b:b0:4e:5f:
ef:5a:8d:f5:5d:da:24:9f:f6:45:53:70:b2:98:a1:9b:f9:0f:
50:65:2c:6c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAY012j6rHPlJNCAtHYhodU1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIzMTAyNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTM3YTZmZTRmZDVkZGE1NmRmZmRmMGE3MzMzMDc4M2E4MzU3ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mzuN4kOql8PRP9oNC26dYK5EkiF
Yb+aGI3BpXAg4BoYgeUNk8wmXnRzsLdmZnR1UpQapPu1++IfenGh586TgYqN4bav
GGU/OyPO2LF97fOVVIbs96V4RnGCnNiVYoILyQ5anpohshaHhSLSwqNQWw0rqIdj
Cm6yjLZfXKN/t2J+9sp3oqVyrLo2Br08xu+oWoLz9n8oguamr0kBfyQ7vU/SUTOw
qq8kxtRNvSICeeouEUVuNn28i6QQnSYPq7Egw9cYhrbBkLm9AaS1vMq48qJ8iZC+
fJ9sLValj8AwXYnYAo1Od52g4MtZ9ej5Yvz4/4ynWZj5khW97sgcIQ0llwIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFBk3pv5P1d2lbf/fCnMzB4OoNX0yMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR1RlbV9rX1YzYVZ0Xzk4S2N6TUhnNmcxZlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BAA+TOMDBAC5SAoDBADAfLcDBADBfAUDBADBfC8DBADBfF8DBADBfMowDAMEAMI6
KQMEAMI6KgMEAMI6QgMEAMI6mgMEAMJXGgMEAMJXTAMEAMJXUQMEAMJXgAMEAMJX
lQMEAMJXlwMEAMJXqgMEAMJXrAMEAMJXuwMEAMJXvgMEAMJXyQMEAMJX1wMEAMJX
4AMEAMJX5QMEAMJX5wMEAMKHEgMEAMKHIQMEAMM6NgMEAMM6PAMEAMM6PwMEAMOF
AgMEAMOFGQMEAMOFGwMEAMOFSAMEAMOFVAMEAMOFwAMEANTAAQMEANTA1gMEANTB
DQMEANTBGTANBgkqhkiG9w0BAQsFAAOCAQEACZV/fRMdKKXvw9hy5WWMRlDW1CNw
Xx6oimkAmveIBPKjSKZeBYfgHalILLeCa5+WHdIR6/23TVFRpZed7WnZ/tzu5cId
tz3eHMeTcFU3pUrtFGvWskio5Qum7+h961LQwPju1vh0nOuJgGNwFkCureeegABB
PTQrmzmSxtaELUPio7kTpEEj2T5wAsSSowjOLe4utKxUVSht13XD8nWe8XUGbox0
4s//3DRpOrcp2/1ZGgg55oLbs3jeKkIUQ9bEGHJJSBtUajw42F2+vfUaNOL5JFjH
U6PDz+VYqJaBc8jApd1fSQubsE5f71qN9V3aJJ/2RVNwspihm/kPUGUsbA==
-----END CERTIFICATE-----
Generated at Tue Jan 30 08:44:05 2024 by rpki-client on console-ams.rpki-client.org