Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/GyKoqIqgPNSOILher9nfOTe9xus.roa
File: GyKoqIqgPNSOILher9nfOTe9xus.roa (raw, json)
Hash identifier: 3HiPJ72yZyPLYoVkNEhpoN7sg1NeZJUqd/k6ZV/WQZs=
Subject key identifier: 1B:22:A8:A8:8A:A0:3C:D4:8E:20:B8:5E:AF:D9:DF:39:37:BD:C6:EB
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 018DEBC89813573F41713D724E76FFC2DF3C
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/GyKoqIqgPNSOILher9nfOTe9xus.roa
Signing time: Tue 27 Feb 2024 18:16:48 +0000
ROA not before: Tue 27 Feb 2024 18:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.88.0/22 maxlen: 24
176.117.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:c8:98:13:57:3f:41:71:3d:72:4e:76:ff:c2:df:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Feb 27 18:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b22a8a88aa03cd48e20b85eafd9df3937bdc6eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:14:fb:58:c9:b2:7b:9d:6b:52:e4:57:16:80:
3e:d4:de:37:17:ad:6c:49:64:5b:9b:d7:14:54:0a:
10:e4:12:ee:bf:3f:d3:af:02:43:a5:a4:f1:40:30:
fb:52:eb:77:ff:19:41:b7:b3:fa:75:7e:c6:90:c1:
85:53:f5:37:42:83:90:96:38:67:3f:32:45:c4:79:
b3:06:65:25:c9:73:ac:a6:1e:c3:ac:9c:fa:fb:31:
f7:06:97:8f:14:c8:ca:f8:ed:42:3e:ec:08:c3:8b:
6e:c4:99:fb:c4:2b:3c:8a:72:14:75:36:b5:48:8c:
bd:3c:cb:82:da:87:96:30:07:54:b9:e6:08:85:22:
89:00:70:79:51:d4:db:70:af:0c:5d:06:5c:5f:b4:
59:99:12:a4:3c:33:7b:57:c0:f8:56:1b:d9:bf:28:
2b:3c:33:28:9c:48:a3:29:92:a2:49:47:77:f8:bc:
34:c1:57:ea:26:ba:b1:0a:4e:96:65:c4:49:2d:ce:
b6:6f:e9:63:ae:74:65:f3:f8:dd:89:4f:d5:0d:ad:
b0:7d:86:86:40:1c:72:f8:73:66:65:12:5b:73:51:
82:9e:0a:5b:84:41:1b:c2:0b:37:73:66:a6:46:ad:
ae:8a:b3:91:0c:8d:85:fd:ab:11:86:43:b3:18:1b:
4a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:22:A8:A8:8A:A0:3C:D4:8E:20:B8:5E:AF:D9:DF:39:37:BD:C6:EB
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/GyKoqIqgPNSOILher9nfOTe9xus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.88.0/22
176.117.94.0/24
Signature Algorithm: sha256WithRSAEncryption
73:39:af:ab:44:22:24:23:79:2f:fc:ef:6f:3e:41:15:fb:b3:
68:4c:64:25:dd:37:b5:a7:9c:c9:a7:b0:b5:8a:1a:62:89:ba:
ed:66:ee:32:bb:8b:dd:74:05:81:37:c0:8b:a6:3e:13:df:7a:
25:6e:85:b8:30:c4:5a:80:c6:92:ee:20:ac:48:ba:e6:11:e0:
33:46:dd:d9:26:10:f9:78:ff:b1:4f:12:57:e1:31:73:c0:ce:
48:a8:3d:a9:c2:b2:9b:de:cf:1c:ac:36:88:2a:3f:8a:5a:18:
fe:49:b3:eb:ff:20:41:fe:59:88:3e:2d:be:07:62:fd:e2:97:
51:5f:6d:4e:6d:fe:b6:c9:a3:b0:1a:d6:8a:b8:9b:23:19:61:
f6:3f:f2:30:f7:ce:7d:4f:b9:fe:07:3b:57:13:87:15:a6:b6:
99:a2:b0:c8:67:82:e1:9d:6c:53:fe:09:19:5e:60:1a:a2:f1:
8c:a8:48:f9:a7:19:38:b4:6c:31:b8:77:2b:27:0e:68:1c:b6:
29:b9:2e:f3:10:47:7d:a1:e4:bc:b7:8c:4e:f1:71:19:c9:d5:
34:25:38:6d:8a:bd:8a:2f:69:33:70:62:0d:e9:3b:b2:07:8d:
b5:96:71:8d:19:f6:cd:76:13:f6:e1:a3:df:20:dc:eb:16:d8:
b4:41:d6:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3ryJgTVz9BcT1yTnb/wt88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjQwMjI3MTgxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjIyYThhODhhYTAzY2Q0OGUyMGI4NWVhZmQ5ZGYzOTM3YmRjNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBT7WMmye51rUuRXFoA+1N43F61s
SWRbm9cUVAoQ5BLuvz/TrwJDpaTxQDD7Uut3/xlBt7P6dX7GkMGFU/U3QoOQljhn
PzJFxHmzBmUlyXOsph7DrJz6+zH3BpePFMjK+O1CPuwIw4tuxJn7xCs8inIUdTa1
SIy9PMuC2oeWMAdUueYIhSKJAHB5UdTbcK8MXQZcX7RZmRKkPDN7V8D4VhvZvygr
PDMonEijKZKiSUd3+Lw0wVfqJrqxCk6WZcRJLc62b+ljrnRl8/jdiU/VDa2wfYaG
QBxy+HNmZRJbc1GCngpbhEEbwgs3c2amRq2uirORDI2F/asRhkOzGBtKSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBsiqKiKoDzUjiC4Xq/Z3zk3vcbrMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvR3lLb3FJcWdQTlNPSUxoZXI5bmZPVGU5eHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHVYAwQA
sHVeMA0GCSqGSIb3DQEBCwUAA4IBAQBzOa+rRCIkI3kv/O9vPkEV+7NoTGQl3Te1
p5zJp7C1ihpiibrtZu4yu4vddAWBN8CLpj4T33olboW4MMRagMaS7iCsSLrmEeAz
Rt3ZJhD5eP+xTxJX4TFzwM5IqD2pwrKb3s8crDaIKj+KWhj+SbPr/yBB/lmIPi2+
B2L94pdRX21Obf62yaOwGtaKuJsjGWH2P/Iw9859T7n+BztXE4cVpraZorDIZ4Lh
nWxT/gkZXmAaovGMqEj5pxk4tGwxuHcrJw5oHLYpuS7zEEd9oeS8t4xO8XEZydU0
JThtir2KL2kzcGIN6TuyB421lnGNGfbNdhP24aPfINzrFti0QdZH
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:06:37 2024 by rpki-client on console-fra.rpki-client.org