Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GWClgFb0zitaR9ymDAoxSj8WRio.roa
File: GWClgFb0zitaR9ymDAoxSj8WRio.roa (raw, json)
Hash identifier: np7VXVzQHGTGB2gdJBxXE4117uRgj3PLYOShgzIrZ/M=
Subject key identifier: 19:60:A5:80:56:F4:CE:2B:5A:47:DC:A6:0C:0A:31:4A:3F:16:46:2A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018EAECA91F4692D41B86446490D50A7704C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GWClgFb0zitaR9ymDAoxSj8WRio.roa
Signing time: Fri 05 Apr 2024 15:04:54 +0000
ROA not before: Fri 05 Apr 2024 15:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 192.124.178.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.179.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 12:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:ca:91:f4:69:2d:41:b8:64:46:49:0d:50:a7:70:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 15:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1960a58056f4ce2b5a47dca60c0a314a3f16462a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:22:f6:bc:ca:a6:c0:c7:87:a7:d8:a6:1e:50:
01:d6:63:08:03:46:07:85:3c:ac:1e:09:ca:aa:6d:
e7:f7:df:1e:c6:82:2f:39:75:69:a1:66:9c:c3:dc:
b4:ac:3c:83:63:8e:9e:eb:03:d5:79:cb:52:a3:c8:
b9:39:83:77:37:e8:d6:c9:5d:38:6c:58:bf:88:18:
18:12:bf:6d:e1:38:4f:45:9e:30:d2:68:63:a8:1e:
1b:7c:60:9d:fe:e8:9c:0c:a4:ab:71:dd:81:a9:ed:
ff:50:f9:8a:16:e5:f8:74:77:12:7c:59:99:89:90:
0a:17:b0:39:e5:ff:c8:f3:a5:72:66:6e:cf:e3:69:
4e:87:25:b1:e0:e5:e7:7a:2d:84:ff:64:7a:da:cf:
df:76:d3:1f:e8:cb:78:f7:ed:2c:57:d6:0a:df:79:
11:74:6a:ed:de:d8:25:0e:f2:ba:0c:b6:9d:59:12:
13:33:27:af:06:c1:17:ae:63:e9:a2:aa:ab:47:88:
f3:9b:62:05:66:54:b5:3c:0c:b9:85:af:17:5f:f2:
54:18:42:fe:22:c1:d1:61:66:21:ca:02:8c:74:a9:
50:ad:b1:d7:5c:c3:c9:36:6f:b8:18:36:3c:b2:c1:
e6:9f:49:68:a3:82:5d:06:93:35:ae:7e:1b:34:3b:
82:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:60:A5:80:56:F4:CE:2B:5A:47:DC:A6:0C:0A:31:4A:3F:16:46:2A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GWClgFb0zitaR9ymDAoxSj8WRio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0/24
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.114.0/23
194.87.122.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:10:34:25:9d:01:b6:f2:77:02:2b:8b:1d:d0:6b:2d:1d:24:
2f:dd:5a:1e:c9:7b:60:a3:00:b5:6a:fa:ff:91:02:99:8d:6b:
10:78:2d:55:96:0e:c1:1f:5c:3b:51:32:bd:22:02:ad:21:8a:
5a:da:e9:09:4d:4e:a3:64:80:84:f3:1f:a5:4b:23:ff:aa:fe:
83:31:a4:46:db:3f:9c:f6:9f:f0:83:e3:82:97:e1:79:e4:73:
ba:4b:0d:43:e9:0a:09:37:04:58:20:7c:fb:15:4e:9f:b1:45:
56:e0:b9:d8:dc:db:18:e3:6b:3a:87:39:01:60:8b:dd:69:40:
5a:b2:93:d0:d0:33:d8:51:aa:c4:84:90:18:f5:c6:86:80:3b:
81:7a:2a:7a:ca:b2:40:ec:cf:13:c5:a8:03:c7:03:6f:98:4a:
bf:7f:fb:b5:3e:ab:ff:0e:40:0a:fa:6c:fd:75:0c:be:25:c5:
11:cd:4a:dc:1e:90:5d:78:ef:b6:3a:1e:d5:95:9f:22:68:c9:
06:d5:c0:c7:2c:86:4d:4a:71:b3:37:0c:43:dc:49:ad:bd:80:
9b:6e:fe:c8:30:aa:0b:3f:81:26:f2:ab:8f:4f:6b:3e:42:4b:
52:bd:49:ae:d8:b9:c5:38:9f:20:7c:e8:22:ab:ae:e0:32:0d:
28:6d:f5:8a
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY6uypH0aS1BuGRGSQ1Qp3BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDA1MTUwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTYwYTU4MDU2ZjRjZTJiNWE0N2RjYTYwYzBhMzE0YTNmMTY0NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CL2vMqmwMeHp9imHlAB1mMIA0YH
hTysHgnKqm3n998exoIvOXVpoWacw9y0rDyDY46e6wPVectSo8i5OYN3N+jWyV04
bFi/iBgYEr9t4ThPRZ4w0mhjqB4bfGCd/uicDKSrcd2Bqe3/UPmKFuX4dHcSfFmZ
iZAKF7A55f/I86VyZm7P42lOhyWx4OXnei2E/2R62s/fdtMf6Mt49+0sV9YK33kR
dGrt3tglDvK6DLadWRITMyevBsEXrmPpoqqrR4jzm2IFZlS1PAy5ha8XX/JUGEL+
IsHRYWYhygKMdKlQrbHXXMPJNm+4GDY8ssHmn0loo4JdBpM1rn4bNDuCYwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFBlgpYBW9M4rWkfcpgwKMUo/FkYqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR1dDbGdGYjB6aXRhUjl5bURBb3hTajhXUmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAwHyy
AwQAwXxQAwQAwXyFAwQAwjovAwQAwlcBAwQAwlcLAwQAwlcSAwQAwlcVAwQAwlce
AwQAwlc4AwQBwldyAwQAwld6AwQAwleDAwQBwleGAwQAwlezAwQBwzo6AwQBwzo+
AwQAw4UAAwQBw4VUAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQAKEDQlnQG28ncC
K4sd0GstHSQv3VoeyXtgowC1avr/kQKZjWsQeC1Vlg7BH1w7UTK9IgKtIYpa2ukJ
TU6jZICE8x+lSyP/qv6DMaRG2z+c9p/wg+OCl+F55HO6Sw1D6QoJNwRYIHz7FU6f
sUVW4LnY3NsY42s6hzkBYIvdaUBaspPQ0DPYUarEhJAY9caGgDuBeip6yrJA7M8T
xagDxwNvmEq/f/u1Pqv/DkAK+mz9dQy+JcURzUrcHpBdeO+2Oh7VlZ8iaMkG1cDH
LIZNSnGzNwxD3EmtvYCbbv7IMKoLP4Em8quPT2s+QktSvUmu2LnFOJ8gfOgiq67g
Mg0obfWK
-----END CERTIFICATE-----
Generated at Tue Apr 16 16:50:19 2024 by rpki-client on console-ams.rpki-client.org