Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/GReEuZpgrZzMfKQRmTY3vaJ4PmU.roa
File: GReEuZpgrZzMfKQRmTY3vaJ4PmU.roa (raw, json)
Hash identifier: YfJa5FSJRG94PBBsQTRR8G1Qi5STj7cKLYyRD62cQb0=
Subject key identifier: 19:17:84:B9:9A:60:AD:9C:CC:7C:A4:11:99:36:37:BD:A2:78:3E:65
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64ADAEBD7D97F1F4B00C830ED564931
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/GReEuZpgrZzMfKQRmTY3vaJ4PmU.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12302
IP address blocks: 193.231.120.0/24 maxlen: 24
193.231.121.0/24 maxlen: 24
193.231.126.0/24 maxlen: 24
194.102.90.0/24 maxlen: 24
81.181.32.0/21 maxlen: 21
80.96.134.0/23 maxlen: 23
81.181.40.0/22 maxlen: 22
81.181.45.0/24 maxlen: 24
81.181.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 02 Feb 2024 20:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:da:eb:d7:d9:7f:1f:4b:00:c8:30:ed:56:49:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191784b99a60ad9ccc7ca411993637bda2783e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:14:d7:70:f1:37:a2:db:78:56:58:a7:41:70:
0b:5e:95:4d:53:6b:1e:ef:19:4c:dd:c9:59:a4:25:
9c:b0:dc:7e:5d:7b:49:e2:e0:1b:a3:57:0a:21:68:
45:c6:2d:9c:6a:c3:2c:cc:51:51:fb:36:82:8d:ef:
ac:42:ea:b3:21:81:75:5c:b4:cc:34:80:5a:94:23:
aa:2a:53:a2:ec:47:d1:30:36:92:36:21:88:41:59:
11:0c:c2:d2:ea:82:05:ad:e2:2a:e1:82:a7:e8:ed:
19:29:3b:29:81:4f:5b:b6:fc:ed:f1:32:6d:82:7c:
49:59:40:cd:d0:71:9f:9f:be:ca:a3:5a:3f:62:97:
55:12:62:22:84:c8:7e:cb:06:0a:54:c3:6e:d9:6b:
42:23:1e:f2:77:ad:f0:97:a9:1a:ed:8f:11:8a:70:
44:42:2e:11:d0:0a:19:f0:e9:b9:9c:74:c7:ec:ab:
d9:18:62:5f:00:76:70:6e:bc:3a:77:8c:be:16:d4:
6d:a8:00:08:08:a6:cd:74:5f:e1:b6:ee:d0:66:20:
c7:4d:75:4e:14:9c:7b:48:72:3b:b1:2a:18:c7:43:
dd:ec:0f:d8:90:d7:25:fc:00:6b:ee:93:2e:9b:d8:
18:53:f2:f6:9e:d4:1f:b1:a4:4b:18:36:fe:76:d2:
8f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:17:84:B9:9A:60:AD:9C:CC:7C:A4:11:99:36:37:BD:A2:78:3E:65
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/GReEuZpgrZzMfKQRmTY3vaJ4PmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.134.0/23
81.181.32.0-81.181.43.255
81.181.45.0-81.181.47.255
193.231.120.0/23
193.231.126.0/24
194.102.90.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:96:86:96:dd:75:86:86:f5:06:bb:47:68:c1:ed:4d:65:39:
cb:7b:fa:51:fc:18:ee:50:db:d7:b2:c6:83:a2:03:39:22:2c:
00:c7:14:f4:97:84:4a:6c:ee:c4:81:49:42:0f:0d:e2:26:11:
b4:5a:31:af:c7:cd:31:86:b5:b7:40:25:90:c1:c4:98:b0:fe:
a6:02:ed:19:87:ef:bb:9c:eb:cd:d5:c1:01:3e:5c:06:74:b7:
5c:4d:a7:f0:19:46:55:c7:7f:4a:b0:66:9d:c6:8d:f4:c3:20:
ce:be:b2:56:67:b7:2d:43:79:00:d4:72:18:8b:89:90:18:49:
15:95:27:4f:92:a4:20:be:19:a6:34:ee:08:e5:97:14:e4:a6:
0d:ae:23:93:08:89:be:b3:57:df:fe:0b:6a:ec:72:80:f4:06:
a3:a6:80:15:d8:8b:eb:94:53:7a:e0:ed:c1:a2:45:65:cd:6a:
98:3e:f5:50:3b:63:ac:9e:68:58:d2:09:de:79:4f:74:c6:20:
c3:cb:03:16:45:57:9b:86:8b:ca:d8:93:75:51:df:ee:df:cf:
68:20:53:b1:68:2a:7c:9a:5a:09:8d:c3:71:1e:44:0b:37:d4:
09:32:3b:c7:f3:75:2c:35:b2:f1:2b:ad:59:0f:f3:87:c9:c7:
11:eb:b7:a2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzGStrr19l/H0sAyDDtVkkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTE3ODRiOTlhNjBhZDljY2M3Y2E0MTE5OTM2MzdiZGEyNzgzZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxTXcPE3ott4VlinQXALXpVNU2se
7xlM3clZpCWcsNx+XXtJ4uAbo1cKIWhFxi2casMszFFR+zaCje+sQuqzIYF1XLTM
NIBalCOqKlOi7EfRMDaSNiGIQVkRDMLS6oIFreIq4YKn6O0ZKTspgU9btvzt8TJt
gnxJWUDN0HGfn77Ko1o/YpdVEmIihMh+ywYKVMNu2WtCIx7yd63wl6ka7Y8RinBE
Qi4R0AoZ8Om5nHTH7KvZGGJfAHZwbrw6d4y+FtRtqAAICKbNdF/htu7QZiDHTXVO
FJx7SHI7sSoYx0Pd7A/YkNcl/ABr7pMum9gYU/L2ntQfsaRLGDb+dtKPxwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBkXhLmaYK2czHykEZk2N72ieD5lMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvR1JlRXVacGdyWnpNZktRUm1UWTN2YUo0UG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQBUGCGMAwD
BAVRtSADBAJRtSgwDAMEAFG1LQMEBFG1IAMEAcHneAMEAMHnfgMEAMJmWjANBgkq
hkiG9w0BAQsFAAOCAQEAP5aGlt11hob1BrtHaMHtTWU5y3v6UfwY7lDb17LGg6ID
OSIsAMcU9JeESmzuxIFJQg8N4iYRtFoxr8fNMYa1t0AlkMHEmLD+pgLtGYfvu5zr
zdXBAT5cBnS3XE2n8BlGVcd/SrBmncaN9MMgzr6yVme3LUN5ANRyGIuJkBhJFZUn
T5KkIL4ZpjTuCOWXFOSmDa4jkwiJvrNX3/4LauxygPQGo6aAFdiL65RTeuDtwaJF
Zc1qmD71UDtjrJ5oWNIJ3nlPdMYgw8sDFkVXm4aLytiTdVHf7t/PaCBTsWgqfJpa
CY3DcR5ECzfUCTI7x/N1LDWy8SutWQ/zh8nHEeu3og==
-----END CERTIFICATE-----
Generated at Fri Feb 2 23:23:10 2024 by rpki-client on console-fra.rpki-client.org