Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f033f1-2f5d-46d1-9194-63f301889486/1/GOocwH0MNJJKM7UO5eu_CPByGa0.roa
File: GOocwH0MNJJKM7UO5eu_CPByGa0.roa (raw, json)
Hash identifier: LPz0+Y83zfI7loWKBYmKuY3ItWBJIcMF6CDWvgsN904=
Subject key identifier: 18:EA:1C:C0:7D:0C:34:92:4A:33:B5:0E:E5:EB:BF:08:F0:72:19:AD
Certificate issuer: /CN=68ddbef7f1cdd8ad127160f20ea0a3f6b73fa4a2
Certificate serial: 018CC8DEAA780522F7D78163D58DE36DF978
Authority key identifier: 68:DD:BE:F7:F1:CD:D8:AD:12:71:60:F2:0E:A0:A3:F6:B7:3F:A4:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aN2-9_HN2K0ScWDyDqCj9rc_pKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/f033f1-2f5d-46d1-9194-63f301889486/1/GOocwH0MNJJKM7UO5eu_CPByGa0.roa
Signing time: Tue 02 Jan 2024 06:31:24 +0000
ROA not before: Tue 02 Jan 2024 06:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200555
IP address blocks: 2.58.188.0/22 maxlen: 24
89.39.216.0/21 maxlen: 24
185.58.208.0/22 maxlen: 24
194.146.99.0/24 maxlen: 24
31.14.60.0/22 maxlen: 24
194.146.55.0/24 maxlen: 24
194.146.63.0/24 maxlen: 24
194.146.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 11:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:aa:78:05:22:f7:d7:81:63:d5:8d:e3:6d:f9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68ddbef7f1cdd8ad127160f20ea0a3f6b73fa4a2
Validity
Not Before: Jan 2 06:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18ea1cc07d0c34924a33b50ee5ebbf08f07219ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5f:6c:b4:4e:a7:3e:ce:8e:01:8a:db:4c:08:
83:9e:8c:47:0c:87:7d:de:82:f2:e1:41:6f:00:fb:
61:74:88:88:b1:46:2e:99:c3:21:c4:63:70:47:9e:
c4:cb:04:63:6e:c6:ee:3e:9e:7c:3e:25:89:1f:ac:
55:91:8d:4b:94:c5:d0:57:f9:13:a6:8a:c7:a7:4f:
31:2a:8e:cf:2b:39:24:3e:af:e8:10:eb:91:41:b5:
eb:df:d9:25:ba:4b:46:7c:d2:b4:20:40:a0:42:fc:
db:9e:63:e7:0a:e7:f8:2a:b7:be:4f:54:35:da:cf:
31:21:c1:26:03:3b:71:f6:4d:bb:42:c4:13:ed:8e:
bf:4f:8e:1d:42:14:72:ec:7d:4e:28:ec:75:82:af:
79:c5:03:f0:21:2a:b3:c2:e8:48:d0:0b:77:a9:6b:
df:38:82:62:d9:38:d3:69:70:66:4d:45:40:a3:16:
c0:61:18:e2:98:4b:8e:76:8e:be:18:d1:8e:76:4a:
d1:47:a1:43:4f:3b:e7:37:2c:56:f0:1d:ed:67:3a:
98:22:c6:6d:0c:18:d1:70:32:26:4f:f7:5b:f4:5e:
bb:e7:50:3f:3b:db:e8:3a:71:f7:d4:cb:af:9f:ff:
a2:98:03:47:fb:4e:d7:37:75:d7:79:bf:8a:8a:93:
99:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:EA:1C:C0:7D:0C:34:92:4A:33:B5:0E:E5:EB:BF:08:F0:72:19:AD
X509v3 Authority Key Identifier:
keyid:68:DD:BE:F7:F1:CD:D8:AD:12:71:60:F2:0E:A0:A3:F6:B7:3F:A4:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aN2-9_HN2K0ScWDyDqCj9rc_pKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f033f1-2f5d-46d1-9194-63f301889486/1/GOocwH0MNJJKM7UO5eu_CPByGa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f033f1-2f5d-46d1-9194-63f301889486/1/aN2-9_HN2K0ScWDyDqCj9rc_pKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.188.0/22
31.14.60.0/22
89.39.216.0/21
185.58.208.0/22
194.146.55.0/24
194.146.63.0/24
194.146.70.0/24
194.146.99.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:5b:87:27:30:26:43:03:17:ea:a0:de:36:0a:1d:4d:fb:1a:
fa:1d:ad:3c:49:62:4c:19:0a:1e:49:fc:e3:26:ce:84:be:d3:
d4:33:34:53:72:fc:2a:5e:56:e9:1a:1f:24:c1:45:4b:7f:46:
1c:7e:65:a1:5d:15:74:57:17:f6:a1:c8:3a:4d:bd:7b:ff:d8:
f8:7a:7c:48:74:31:68:f6:a6:15:3f:68:26:ab:b9:12:ee:21:
12:30:99:b0:c1:47:be:11:35:cc:e1:c9:36:25:0e:19:f3:17:
ce:b9:55:ec:c4:df:bf:58:9e:56:37:64:a8:da:e2:d5:a0:85:
48:a1:70:37:84:6b:1d:cf:68:49:1b:81:0e:09:d9:00:e0:27:
4a:1f:1c:67:af:c5:e4:09:88:78:18:e6:66:57:63:6f:e7:65:
e7:5e:d2:fa:de:2f:e2:00:b5:b4:54:33:a7:d0:4d:17:2c:ba:
d3:48:f4:af:ff:a6:01:3e:0c:fb:58:1f:07:4e:0c:c2:34:28:
2a:65:77:14:65:10:dc:c7:62:24:c8:42:2f:ac:02:13:90:9a:
94:d0:01:4c:e4:bd:9f:84:4d:b7:29:87:dd:d3:d4:57:fe:4c:
1b:13:52:5f:e2:f0:ab:71:88:4e:d1:bf:40:2d:a6:d0:1a:4f:
12:ba:44:1a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzI3qp4BSL314Fj1Y3jbfl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZGRiZWY3ZjFjZGQ4YWQxMjcxNjBmMjBlYTBhM2Y2Yjcz
ZmE0YTIwHhcNMjQwMTAyMDYzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGVhMWNjMDdkMGMzNDkyNGEzM2I1MGVlNWViYmYwOGYwNzIxOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp19stE6nPs6OAYrbTAiDnoxHDId9
3oLy4UFvAPthdIiIsUYumcMhxGNwR57EywRjbsbuPp58PiWJH6xVkY1LlMXQV/kT
porHp08xKo7PKzkkPq/oEOuRQbXr39kluktGfNK0IECgQvzbnmPnCuf4Kre+T1Q1
2s8xIcEmAztx9k27QsQT7Y6/T44dQhRy7H1OKOx1gq95xQPwISqzwuhI0At3qWvf
OIJi2TjTaXBmTUVAoxbAYRjimEuOdo6+GNGOdkrRR6FDTzvnNyxW8B3tZzqYIsZt
DBjRcDImT/db9F6751A/O9voOnH31Muvn/+imANH+07XN3XXeb+KipOZrQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBjqHMB9DDSSSjO1DuXrvwjwchmtMB8GA1UdIwQY
MBaAFGjdvvfxzditEnFg8g6go/a3P6SiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU4yLTlfSE4ySzBTY1dEeURxQ2o5cmNfcEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mMDMzZjEtMmY1ZC00NmQxLTkxOTQt
NjNmMzAxODg5NDg2LzEvR09vY3dIME1OSkpLTTdVTzVldV9DUEJ5R2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mMDMzZjEtMmY1ZC00NmQxLTkxOTQtNjNmMzAxODg5NDg2
LzEvYU4yLTlfSE4ySzBTY1dEeURxQ2o5cmNfcEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAjq8AwQC
Hw48AwQDWSfYAwQCuTrQAwQAwpI3AwQAwpI/AwQAwpJGAwQAwpJjMA0GCSqGSIb3
DQEBCwUAA4IBAQCnW4cnMCZDAxfqoN42Ch1N+xr6Ha08SWJMGQoeSfzjJs6EvtPU
MzRTcvwqXlbpGh8kwUVLf0YcfmWhXRV0Vxf2ocg6Tb17/9j4enxIdDFo9qYVP2gm
q7kS7iESMJmwwUe+ETXM4ck2JQ4Z8xfOuVXsxN+/WJ5WN2So2uLVoIVIoXA3hGsd
z2hJG4EOCdkA4CdKHxxnr8XkCYh4GOZmV2Nv52XnXtL63i/iALW0VDOn0E0XLLrT
SPSv/6YBPgz7WB8HTgzCNCgqZXcUZRDcx2IkyEIvrAITkJqU0AFM5L2fhE23KYfd
09RX/kwbE1Jf4vCrcYhO0b9ALabQGk8SukQa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:24 2024 by rpki-client on console-fra.rpki-client.org