Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/gfd-JzpnFmX6xGNreVxExQrIO8w.roa
File: gfd-JzpnFmX6xGNreVxExQrIO8w.roa (raw, json)
Hash identifier: 5Z43EfResILgUDuI7PYW/76Pb40snyDIGsE4n/5qH0Q=
Subject key identifier: 81:F7:7E:27:3A:67:16:65:FA:C4:63:6B:79:5C:44:C5:0A:C8:3B:CC
Certificate issuer: /CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Certificate serial: 018697138A551240D8276C05A5BC08F5C97D
Authority key identifier: 7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/gfd-JzpnFmX6xGNreVxExQrIO8w.roa
Signing time: Tue 28 Feb 2023 08:11:25 +0000
ROA not before: Tue 28 Feb 2023 08:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199907
IP address blocks: 194.24.188.0/24 maxlen: 24
185.42.172.0/24 maxlen: 24
185.42.174.0/24 maxlen: 24
185.42.175.0/24 maxlen: 24
185.42.173.0/24 maxlen: 24
2a01:63a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:13:8a:55:12:40:d8:27:6c:05:a5:bc:08:f5:c9:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Validity
Not Before: Feb 28 08:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81f77e273a671665fac4636b795c44c50ac83bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:30:cd:a5:71:8c:42:1c:0a:69:44:ea:33:d9:
67:80:f3:09:d0:50:f0:fd:3b:b4:80:ff:48:cd:96:
b8:8d:76:4a:82:c6:af:21:4b:38:ed:2b:24:11:66:
6a:39:17:1f:71:bc:b9:e0:1b:01:de:c0:a8:98:3e:
7c:b2:42:56:8b:0b:4d:2e:68:ad:ed:5e:71:34:6d:
fa:c6:9f:79:02:da:e9:09:e4:37:25:2d:d4:0f:f8:
31:21:71:0d:af:6f:45:a1:66:a5:93:9a:7e:6b:b7:
57:e9:06:ec:1d:b8:47:5c:65:43:61:8d:25:e8:d4:
3b:f2:50:37:19:b6:42:b6:bc:25:36:85:bc:82:f2:
87:83:72:1b:15:62:18:38:62:30:ac:e2:c3:ba:64:
c9:1d:1e:ca:95:92:7e:f5:df:6a:0b:65:56:03:ed:
3a:9a:35:b7:08:90:24:66:d0:18:04:e1:3c:16:3c:
ef:15:96:e7:48:b4:92:a0:45:dd:58:17:ae:67:70:
69:92:84:db:cb:3f:51:d0:19:43:c6:05:a8:1f:1c:
40:51:89:93:72:be:0a:f4:d6:08:dc:13:c7:c6:90:
e5:40:2f:1f:14:ea:66:8a:41:f2:35:d3:3f:ba:97:
9c:92:ab:de:e7:e5:4b:3b:98:10:a7:e3:fb:f7:c7:
60:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F7:7E:27:3A:67:16:65:FA:C4:63:6B:79:5C:44:C5:0A:C8:3B:CC
X509v3 Authority Key Identifier:
keyid:7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/gfd-JzpnFmX6xGNreVxExQrIO8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.172.0/22
194.24.188.0/24
IPv6:
2a01:63a0::/32
Signature Algorithm: sha256WithRSAEncryption
a0:7c:6a:32:20:f1:94:e5:92:7e:b5:1a:12:ca:0d:09:0e:75:
f5:be:11:63:61:18:47:8e:9f:ff:4d:56:9e:dc:72:02:87:61:
5f:3f:4b:70:c1:46:7b:4c:2e:d3:51:34:22:4f:0c:ad:f9:81:
a6:f3:56:9b:e9:ee:74:c6:bf:a0:38:40:28:fb:ac:73:8c:dc:
f2:ff:bd:f3:f4:74:15:47:19:54:32:45:7c:d0:52:a6:78:65:
1a:8e:2f:d6:a5:78:f8:ad:c7:8b:b5:1c:5e:ea:e2:7d:13:70:
9d:8e:16:9d:2c:9b:19:59:6a:08:48:32:01:c1:d9:07:a8:76:
74:bc:e2:17:87:72:8c:b9:29:7e:f2:be:1b:1a:a1:f8:37:5b:
62:b3:2b:37:61:d4:c7:d3:ad:93:0b:f7:93:7d:c3:18:78:94:
ac:a8:f9:d7:de:b5:3a:70:6d:d6:d1:d5:fd:64:f1:4b:d7:22:
35:fb:e0:ab:70:17:76:ab:41:9d:69:ba:c5:de:13:b6:4f:36:
34:b8:36:70:c7:15:13:09:cd:93:0a:c8:49:3c:ed:a6:ac:30:
e6:5e:1a:94:bb:ae:5c:42:d7:1b:15:f2:14:47:03:d0:4d:86:
7e:2f:81:6a:41:e9:b7:32:ea:03:aa:c2:96:c1:f5:02:ac:d1:
37:20:46:66
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYaXE4pVEkDYJ2wFpbwI9cl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMWY1NTdlZTI2M2NiMzU5YTE5ZWEyY2Q3ZmEwZThjOTEz
OWViNzYwHhcNMjMwMjI4MDgxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWY3N2UyNzNhNjcxNjY1ZmFjNDYzNmI3OTVjNDRjNTBhYzgzYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozDNpXGMQhwKaUTqM9lngPMJ0FDw
/Tu0gP9IzZa4jXZKgsavIUs47SskEWZqORcfcby54BsB3sComD58skJWiwtNLmit
7V5xNG36xp95AtrpCeQ3JS3UD/gxIXENr29FoWalk5p+a7dX6QbsHbhHXGVDYY0l
6NQ78lA3GbZCtrwlNoW8gvKHg3IbFWIYOGIwrOLDumTJHR7KlZJ+9d9qC2VWA+06
mjW3CJAkZtAYBOE8FjzvFZbnSLSSoEXdWBeuZ3BpkoTbyz9R0BlDxgWoHxxAUYmT
cr4K9NYI3BPHxpDlQC8fFOpmikHyNdM/upeckqve5+VLO5gQp+P798dgnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIH3fic6ZxZl+sRja3lcRMUKyDvMMB8GA1UdIwQY
MBaAFHsfVX7iY8s1mhnqLNf6DoyROet2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEt
M2UzNjYwZGExM2E0LzEvZ2ZkLUp6cG5GbVg2eEdOcmVWeEV4UXJJTzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEtM2UzNjYwZGExM2E0
LzEvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSqsAwQA
whi8MA0EAgACMAcDBQAqAWOgMA0GCSqGSIb3DQEBCwUAA4IBAQCgfGoyIPGU5ZJ+
tRoSyg0JDnX1vhFjYRhHjp//TVae3HICh2FfP0twwUZ7TC7TUTQiTwyt+YGm81ab
6e50xr+gOEAo+6xzjNzy/73z9HQVRxlUMkV80FKmeGUaji/WpXj4rceLtRxe6uJ9
E3CdjhadLJsZWWoISDIBwdkHqHZ0vOIXh3KMuSl+8r4bGqH4N1tisys3YdTH062T
C/eTfcMYeJSsqPnX3rU6cG3W0dX9ZPFL1yI1++CrcBd2q0GdabrF3hO2TzY0uDZw
xxUTCc2TCshJPO2mrDDmXhqUu65cQtcbFfIURwPQTYZ+L4FqQem3MuoDqsKWwfUC
rNE3IEZm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:51 2024 by rpki-client on console-fra.rpki-client.org