Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/G2RACio0FES5LzcERivanoTmV_k.roa
File: G2RACio0FES5LzcERivanoTmV_k.roa (raw, json)
Hash identifier: gvj1nJvzZ/G7iOlLnquNB4x/3XxV6eMyTDBnXRzRHy0=
Subject key identifier: 1B:64:40:0A:2A:34:14:44:B9:2F:37:04:46:2B:DA:9E:84:E6:57:F9
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018CBF8427BD42757934D4303FF539E6E0A7
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/G2RACio0FES5LzcERivanoTmV_k.roa
Signing time: Sun 31 Dec 2023 10:55:58 +0000
ROA not before: Sun 31 Dec 2023 10:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216271
IP address blocks: 185.201.136.0/22 maxlen: 22
2a12:ec0::/29 maxlen: 29
2a0f:e000::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a11:f140::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bf:84:27:bd:42:75:79:34:d4:30:3f:f5:39:e6:e0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Dec 31 10:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b64400a2a341444b92f3704462bda9e84e657f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:71:2f:5f:66:c1:d5:8d:91:d5:08:bd:58:77:
1b:c9:59:4a:2e:1e:65:4b:70:68:ab:f2:aa:a0:c3:
26:dc:67:25:61:e4:83:ef:bc:cd:a3:52:3c:6a:c9:
64:2b:fd:f3:6f:a6:f8:39:cc:ea:ea:06:39:89:50:
3d:8e:d8:10:66:7d:6c:08:b3:ee:a8:f6:f0:39:c3:
e9:b4:88:f9:d0:29:db:10:58:78:d8:3b:ca:69:b7:
10:f3:97:11:00:71:cf:49:45:92:93:04:9c:3d:9b:
e9:2b:ad:45:62:6a:ca:be:50:f3:6b:d6:ed:11:a6:
07:51:63:1c:52:07:e4:4a:d9:5c:5d:e9:e5:83:cb:
e7:d7:d9:10:29:23:d2:13:72:b9:ea:ad:fa:bb:40:
70:23:67:16:a1:22:3f:4d:20:62:75:c2:c3:09:96:
b3:05:73:c5:36:02:50:e5:24:f2:e2:7d:c2:75:4d:
dc:6d:10:79:9c:f8:f0:15:fb:e2:1b:aa:07:bf:c2:
35:32:8c:d8:f2:df:4e:c4:dd:3e:65:b9:dd:c6:6d:
88:1e:24:e2:c9:f8:f5:09:9c:22:e2:73:3e:27:9d:
e5:6c:29:eb:09:70:7e:a0:7a:7c:09:5a:22:fe:2f:
59:9b:65:e7:23:80:f4:cf:ae:20:b9:3d:0c:8c:fa:
85:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:64:40:0A:2A:34:14:44:B9:2F:37:04:46:2B:DA:9E:84:E6:57:F9
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/G2RACio0FES5LzcERivanoTmV_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.136.0/22
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:f140::/29
2a12:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
47:42:b2:11:bd:b9:56:f9:a1:09:cf:c1:a5:6a:7d:6a:f4:24:
33:01:45:db:e7:1b:a5:48:f2:b0:c1:27:62:3d:3e:19:05:7a:
7a:1b:60:35:8f:ee:f9:42:40:2f:cc:b8:4b:a3:90:71:57:dd:
4e:cc:2e:cc:f4:15:a1:38:9a:ff:47:74:73:55:a5:ab:e8:9e:
49:4a:47:83:1d:03:dc:1c:6b:6a:27:57:9a:8b:ae:b2:19:c2:
0d:4d:7a:08:c1:5f:64:71:a8:4e:ea:ea:3f:c7:76:d7:1c:5f:
56:d8:8f:27:e4:f2:5b:5a:52:09:d1:27:3b:07:ac:7a:2c:76:
15:a4:6d:f3:62:3c:01:e3:5b:08:4d:92:28:2d:77:2f:05:75:
2c:90:7d:c0:4b:98:79:5f:d6:73:98:5e:ea:67:3c:93:f1:8c:
5c:ad:fa:fa:de:fb:15:d0:12:11:12:59:a3:e7:75:9a:c7:6a:
dd:a7:21:7d:d1:66:97:c8:65:1d:27:9c:ed:30:22:7f:5d:f2:
e4:60:fd:83:6b:33:ee:e1:7d:0f:90:ea:ec:1c:c9:52:c0:68:
38:b0:45:ef:ec:91:32:84:79:89:28:66:ba:67:f0:f6:5b:cb:
5d:03:ae:d2:3d:ff:df:7f:b5:a4:5b:65:63:9b:f2:07:e7:4c:
bc:a8:c8:70
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYy/hCe9QnV5NNQwP/U55uCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjMxMjMxMTA1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY0NDAwYTJhMzQxNDQ0YjkyZjM3MDQ0NjJiZGE5ZTg0ZTY1N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnEvX2bB1Y2R1Qi9WHcbyVlKLh5l
S3Boq/KqoMMm3GclYeSD77zNo1I8aslkK/3zb6b4Oczq6gY5iVA9jtgQZn1sCLPu
qPbwOcPptIj50CnbEFh42DvKabcQ85cRAHHPSUWSkwScPZvpK61FYmrKvlDza9bt
EaYHUWMcUgfkStlcXenlg8vn19kQKSPSE3K56q36u0BwI2cWoSI/TSBidcLDCZaz
BXPFNgJQ5STy4n3CdU3cbRB5nPjwFfviG6oHv8I1MozY8t9OxN0+Zbndxm2IHiTi
yfj1CZwi4nM+J53lbCnrCXB+oHp8CVoi/i9Zm2XnI4D0z64guT0MjPqFFwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBtkQAoqNBREuS83BEYr2p6E5lf5MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvRzJSQUNpbzBGRVM1THpjRVJpdmFub1RtVl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAMBAIAATAGAwQCucmIMCkE
AgACMCMDBQMqCuLAAwUDKg53gAMFAyoP4AADBQMqEfFAAwUDKhIOwDANBgkqhkiG
9w0BAQsFAAOCAQEAR0KyEb25VvmhCc/BpWp9avQkMwFF2+cbpUjysMEnYj0+GQV6
ehtgNY/u+UJAL8y4S6OQcVfdTswuzPQVoTia/0d0c1Wlq+ieSUpHgx0D3BxraidX
mouushnCDU16CMFfZHGoTurqP8d21xxfVtiPJ+TyW1pSCdEnOweseix2FaRt82I8
AeNbCE2SKC13LwV1LJB9wEuYeV/Wc5he6mc8k/GMXK36+t77FdASERJZo+d1msdq
3achfdFml8hlHSec7TAif13y5GD9g2sz7uF9D5Dq7BzJUsBoOLBF7+yRMoR5iShm
umfw9lvLXQOu0j3/33+1pFtlY5vyB+dMvKjIcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org