Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Gq-jXExCjRKYoiBTO6Dih4LDeWk.roa
File: Gq-jXExCjRKYoiBTO6Dih4LDeWk.roa (raw, json)
Hash identifier: ZpRawlaAPR/fQL0BohXBZ+XMw0dYOVf/WArCocY06do=
Subject key identifier: 1A:AF:A3:5C:4C:42:8D:12:98:A2:20:53:3B:A0:E2:87:82:C3:79:69
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018A20159469DE5860934DA0612D2372841C
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Gq-jXExCjRKYoiBTO6Dih4LDeWk.roa
Signing time: Wed 23 Aug 2023 01:49:59 +0000
ROA not before: Wed 23 Aug 2023 01:49:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56630
IP address blocks: 213.183.55.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
2a03:f80:70::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:20:15:94:69:de:58:60:93:4d:a0:61:2d:23:72:84:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Aug 23 01:49:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1aafa35c4c428d1298a220533ba0e28782c37969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ab:9e:aa:d9:f5:a4:ac:39:50:e4:d7:1f:c6:
85:fb:b7:1d:d6:40:77:cc:5d:7a:5a:1c:13:6a:55:
ca:14:a0:a4:d9:ef:b1:56:f4:e3:37:70:b6:78:d1:
60:dc:35:37:61:06:d9:e2:6c:d9:35:75:fc:10:c5:
8b:29:37:2d:60:76:aa:42:23:40:da:16:87:e4:7e:
f4:f8:d8:a7:3a:c1:f1:bc:be:a3:ea:2e:90:24:c1:
91:b3:87:78:81:4c:f5:0f:6c:0d:f8:9b:b3:3e:e5:
8d:a3:4d:66:d5:5a:4d:13:83:73:4c:de:6a:31:ac:
e8:f8:d0:73:17:99:56:8a:e5:9f:db:c8:c0:81:b9:
9f:4d:09:59:26:4c:13:c2:d6:f8:5f:a7:f5:4c:b1:
49:4f:68:8f:9c:4b:33:bf:19:65:84:ac:25:16:77:
18:37:1d:0e:4b:7a:fb:10:f9:e4:75:8f:53:46:b0:
5a:64:f6:03:b8:62:14:47:01:79:ea:f1:ce:76:b9:
dd:0f:c1:60:f3:ef:0e:37:4e:23:a7:f4:75:22:cc:
a0:31:0a:c2:b4:58:5e:23:1c:25:67:8b:16:8e:62:
9e:cf:31:e3:a7:a6:e8:e2:1e:6f:cb:85:79:37:9f:
29:ae:1e:cd:81:41:85:9e:27:94:74:bd:68:32:a8:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:AF:A3:5C:4C:42:8D:12:98:A2:20:53:3B:A0:E2:87:82:C3:79:69
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Gq-jXExCjRKYoiBTO6Dih4LDeWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:70::/48
2a03:f80:359::/48
2a03:f80:370::/47
2a03:f80:3991::/48
Signature Algorithm: sha256WithRSAEncryption
1f:b7:0d:4b:7e:b4:dc:ac:38:04:38:9e:8d:55:7b:55:be:07:
e8:79:cf:8f:d5:de:0c:50:2a:80:97:f0:55:9b:86:0f:40:79:
ae:fc:60:6f:1a:b3:82:f2:91:6b:96:5c:4e:c4:08:7b:9e:f6:
1a:59:49:b1:26:d8:94:05:64:fd:c3:88:2d:a6:02:44:9f:79:
af:1a:35:3d:7f:09:4d:7c:b2:c0:35:8e:5d:f9:84:25:f9:41:
5d:0c:37:47:e7:22:15:06:7a:e5:45:04:c4:fb:f8:52:97:ee:
e5:84:c9:d0:0e:71:98:9f:a4:f9:de:1d:ae:00:86:a7:25:53:
f9:b9:ac:03:cd:17:2f:2c:a7:73:f1:d3:38:cf:1d:56:4c:18:
9b:dd:c9:43:fc:a9:24:a8:61:4f:51:a1:84:18:31:c3:09:79:
31:c6:1b:d8:72:f4:9a:25:57:02:ef:f6:5e:3a:8e:28:50:d3:
e5:be:48:f7:ce:ba:10:fd:0f:d6:e0:cc:6f:44:72:d6:b5:f8:
55:3d:ec:e8:93:58:93:8a:7b:74:82:64:50:e1:e1:40:a8:0a:
5d:0d:79:c8:d7:6b:fd:5b:15:4e:7f:0a:05:2c:b9:9b:27:e2:
66:91:c7:29:32:59:ae:bd:dc:65:e5:d6:ac:0f:51:9b:37:86:
b2:37:37:73
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYogFZRp3lhgk02gYS0jcoQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwODIzMDE0OTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWFmYTM1YzRjNDI4ZDEyOThhMjIwNTMzYmEwZTI4NzgyYzM3OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKueqtn1pKw5UOTXH8aF+7cd1kB3
zF16WhwTalXKFKCk2e+xVvTjN3C2eNFg3DU3YQbZ4mzZNXX8EMWLKTctYHaqQiNA
2haH5H70+NinOsHxvL6j6i6QJMGRs4d4gUz1D2wN+JuzPuWNo01m1VpNE4NzTN5q
Mazo+NBzF5lWiuWf28jAgbmfTQlZJkwTwtb4X6f1TLFJT2iPnEszvxllhKwlFncY
Nx0OS3r7EPnkdY9TRrBaZPYDuGIURwF56vHOdrndD8Fg8+8ON04jp/R1IsygMQrC
tFheIxwlZ4sWjmKezzHjp6bo4h5vy4V5N58prh7NgUGFnieUdL1oMqi4nQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFBqvo1xMQo0SmKIgUzug4oeCw3lpMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvR3EtalhFeENqUktZb2lCVE82RGloNExEZVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAUBAIAATAOMAwDBAHVtzYD
BAHVtzgwMwQCAAIwLQMHACoDD4AABwMHACoDD4AAcAMHACoDD4ADWQMHASoDD4AD
cAMHACoDD4A5kTANBgkqhkiG9w0BAQsFAAOCAQEAH7cNS3603Kw4BDiejVV7Vb4H
6HnPj9XeDFAqgJfwVZuGD0B5rvxgbxqzgvKRa5ZcTsQIe572GllJsSbYlAVk/cOI
LaYCRJ95rxo1PX8JTXyywDWOXfmEJflBXQw3R+ciFQZ65UUExPv4Upfu5YTJ0A5x
mJ+k+d4drgCGpyVT+bmsA80XLyync/HTOM8dVkwYm93JQ/ypJKhhT1GhhBgxwwl5
McYb2HL0miVXAu/2XjqOKFDT5b5I9866EP0P1uDMb0Ry1rX4VT3s6JNYk4p7dIJk
UOHhQKgKXQ15yNdr/VsVTn8KBSy5myfiZpHHKTJZrr3cZeXWrA9RmzeGsjc3cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org