Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/GvmFGbZYQUtGlONoKRUa3z3a4-w.roa
File: GvmFGbZYQUtGlONoKRUa3z3a4-w.roa (raw, json)
Hash identifier: wYOZJFiOjeMwD8Br2OFK99b4xKcTh8+o/pwYnoMbweE=
Subject key identifier: 1A:F9:85:19:B6:58:41:4B:46:94:E3:68:29:15:1A:DF:3D:DA:E3:EC
Certificate issuer: /CN=44566c1a283d553ef3f656f57223984dda7c355f
Certificate serial: 0185738FEC001664D1CAFA0D8FBDAFF5813C
Authority key identifier: 44:56:6C:1A:28:3D:55:3E:F3:F6:56:F5:72:23:98:4D:DA:7C:35:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/GvmFGbZYQUtGlONoKRUa3z3a4-w.roa
Signing time: Mon 02 Jan 2023 17:38:09 +0000
ROA not before: Mon 02 Jan 2023 17:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29399
IP address blocks: 185.212.216.0/22 maxlen: 27
185.49.128.0/22 maxlen: 27
178.250.88.0/21 maxlen: 27
195.149.85.0/24 maxlen: 27
170.84.252.0/23 maxlen: 27
195.137.222.0/23 maxlen: 27
2a03:5d00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:ec:00:16:64:d1:ca:fa:0d:8f:bd:af:f5:81:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44566c1a283d553ef3f656f57223984dda7c355f
Validity
Not Before: Jan 2 17:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af98519b658414b4694e36829151adf3ddae3ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2e:7a:79:48:5d:e7:36:24:54:f9:3f:49:4d:
5c:46:d5:9d:f7:63:be:27:d6:95:5d:25:b3:98:88:
74:de:fe:2f:ed:c1:38:38:a1:64:a8:d7:94:a7:4c:
ce:d0:37:35:d7:5a:09:0e:1b:aa:93:be:7b:30:cf:
aa:ae:01:22:55:d6:2d:fd:7a:bb:90:65:76:3d:18:
da:e4:4a:30:0b:ba:f7:0b:bc:76:25:b2:44:43:ce:
15:1b:27:32:33:db:8d:69:c5:9e:6c:13:c8:fc:f5:
98:8a:25:ad:09:24:41:d5:37:aa:2d:64:57:80:09:
7a:77:e9:4f:d7:a3:c7:37:c1:d0:95:e9:78:73:f1:
11:09:dd:19:6d:26:8b:90:69:90:43:8b:66:9f:e3:
6a:a2:9f:44:69:98:7e:98:bc:0a:4d:f2:68:6c:51:
bf:f5:63:a8:21:0d:9b:b1:a9:fb:62:8d:a4:59:8d:
39:52:81:44:70:a2:90:23:cf:5a:4e:90:0b:1c:1c:
4c:d0:c6:d2:5d:52:08:59:b0:7f:aa:54:6a:39:0e:
c0:91:21:8c:5b:7c:db:aa:2d:96:48:1d:44:1a:30:
1e:48:f3:f9:ed:54:f7:d5:ef:3d:6d:cb:9d:61:91:
ea:43:67:6e:91:da:89:42:15:1e:8c:a6:cd:02:29:
9b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F9:85:19:B6:58:41:4B:46:94:E3:68:29:15:1A:DF:3D:DA:E3:EC
X509v3 Authority Key Identifier:
keyid:44:56:6C:1A:28:3D:55:3E:F3:F6:56:F5:72:23:98:4D:DA:7C:35:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/GvmFGbZYQUtGlONoKRUa3z3a4-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/RFZsGig9VT7z9lb1ciOYTdp8NV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.84.252.0/23
178.250.88.0/21
185.49.128.0/22
185.212.216.0/22
195.137.222.0/23
195.149.85.0/24
IPv6:
2a03:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
bb:6b:11:fb:8e:14:98:5f:60:2a:fc:14:33:90:b2:37:d3:c6:
93:f6:8b:0c:03:c6:af:ae:13:cd:5e:8e:1f:c1:39:4a:dc:30:
f6:ad:c1:2c:9c:81:1e:c9:b9:64:d9:ea:0b:83:5e:55:51:05:
7b:7c:b7:27:d9:af:9b:8b:50:f3:2e:f3:2d:9d:fb:9e:4f:1c:
f9:66:f1:e8:7c:45:29:36:81:e4:43:7f:d1:e4:93:60:33:0f:
9c:23:71:54:23:3b:c6:a5:f1:1a:67:36:40:5c:ce:d6:d6:90:
ce:d5:78:da:1e:e5:8f:63:d8:49:48:34:1b:b0:83:79:e7:95:
ed:86:e3:71:79:82:85:2e:c2:e9:d2:e4:dc:e3:10:dc:a9:f4:
82:2f:1a:66:08:63:5d:9b:9f:84:75:8d:00:61:9a:b0:87:ad:
15:26:7a:ee:cd:35:40:f6:9c:64:1f:eb:d2:5c:6e:fc:28:49:
a7:8d:a5:47:f7:92:1f:27:99:59:34:d0:43:f3:28:1c:0a:40:
34:6a:80:fe:54:87:95:53:cc:e3:20:9b:6c:93:96:f0:0e:c0:
cb:38:32:56:2f:23:68:34:fe:26:84:25:9f:ac:27:20:94:bd:
c2:8b:87:3f:56:4d:a0:d5:61:90:fc:7d:95:0e:d6:8e:d7:24:
8a:3e:c4:23
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVzj+wAFmTRyvoNj72v9YE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTY2YzFhMjgzZDU1M2VmM2Y2NTZmNTcyMjM5ODRkZGE3
YzM1NWYwHhcNMjMwMTAyMTczODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY5ODUxOWI2NTg0MTRiNDY5NGUzNjgyOTE1MWFkZjNkZGFlM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS56eUhd5zYkVPk/SU1cRtWd92O+
J9aVXSWzmIh03v4v7cE4OKFkqNeUp0zO0Dc111oJDhuqk757MM+qrgEiVdYt/Xq7
kGV2PRja5EowC7r3C7x2JbJEQ84VGycyM9uNacWebBPI/PWYiiWtCSRB1TeqLWRX
gAl6d+lP16PHN8HQlel4c/ERCd0ZbSaLkGmQQ4tmn+Nqop9EaZh+mLwKTfJobFG/
9WOoIQ2bsan7Yo2kWY05UoFEcKKQI89aTpALHBxM0MbSXVIIWbB/qlRqOQ7AkSGM
W3zbqi2WSB1EGjAeSPP57VT31e89bcudYZHqQ2dukdqJQhUejKbNAimb6QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBr5hRm2WEFLRpTjaCkVGt892uPsMB8GA1UdIwQY
MBaAFERWbBooPVU+8/ZW9XIjmE3afDVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZac0dpZzlWVDd6OWxiMWNpT1lUZHA4TlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lZWI4MTMtZjI0Yy00MTc1LTgyOGIt
OWQ1OGNlMjIxODQzLzEvR3ZtRkdiWllRVXRHbE9Ob0tSVWEzejNhNC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lZWI4MTMtZjI0Yy00MTc1LTgyOGItOWQ1OGNlMjIxODQz
LzEvUkZac0dpZzlWVDd6OWxiMWNpT1lUZHA4TlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBqlT8AwQD
svpYAwQCuTGAAwQCudTYAwQBw4neAwQAw5VVMA0EAgACMAcDBQMqA10AMA0GCSqG
SIb3DQEBCwUAA4IBAQC7axH7jhSYX2Aq/BQzkLI308aT9osMA8avrhPNXo4fwTlK
3DD2rcEsnIEeyblk2eoLg15VUQV7fLcn2a+bi1DzLvMtnfueTxz5ZvHofEUpNoHk
Q3/R5JNgMw+cI3FUIzvGpfEaZzZAXM7W1pDO1XjaHuWPY9hJSDQbsIN555XthuNx
eYKFLsLp0uTc4xDcqfSCLxpmCGNdm5+EdY0AYZqwh60VJnruzTVA9pxkH+vSXG78
KEmnjaVH95IfJ5lZNNBD8ygcCkA0aoD+VIeVU8zjIJtsk5bwDsDLODJWLyNoNP4m
hCWfrCcglL3Ci4c/Vk2g1WGQ/H2VDtaO1ySKPsQj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:50 2024 by rpki-client on console-ams.rpki-client.org