Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/gBDXNqegPMnpis9fK8Ykdvsv3lo.roa
File: gBDXNqegPMnpis9fK8Ykdvsv3lo.roa (raw, json)
Hash identifier: b3zoGlkc4bx+qxgygEee1dv0d9qpokVQewSEvKiQrGQ=
Subject key identifier: 80:10:D7:36:A7:A0:3C:C9:E9:8A:CF:5F:2B:C6:24:76:FB:2F:DE:5A
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0187B9DA90A4D289AAD8D66270CC01A5620D
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/gBDXNqegPMnpis9fK8Ykdvsv3lo.roa
Signing time: Tue 25 Apr 2023 19:18:41 +0000
ROA not before: Tue 25 Apr 2023 19:18:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 37.221.92.0/24 maxlen: 24
185.117.3.0/24 maxlen: 24
45.13.227.0/24 maxlen: 24
45.131.111.0/24 maxlen: 24
45.131.108.0/24 maxlen: 24
5.253.246.0/24 maxlen: 24
92.118.207.0/24 maxlen: 24
45.142.104.0/24 maxlen: 24
45.137.203.0/24 maxlen: 24
45.142.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 May 2023 08:43:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b9:da:90:a4:d2:89:aa:d8:d6:62:70:cc:01:a5:62:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Apr 25 19:18:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8010d736a7a03cc9e98acf5f2bc62476fb2fde5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:8f:0c:40:f0:7c:74:60:fe:6d:9b:1e:50:
f4:e2:e6:f1:ff:86:96:97:f3:e6:28:32:bf:93:f6:
72:ef:ac:53:f2:65:13:c7:99:66:6b:0d:b9:b7:0d:
28:5f:8e:f6:c1:f5:24:a3:29:ee:c4:70:66:3b:af:
59:c1:74:c9:cc:49:26:48:00:86:1d:7f:7b:e1:86:
8d:cd:3b:34:a4:83:6b:ec:75:44:5f:3c:23:94:eb:
8d:0b:fb:b9:10:b2:95:38:33:de:a3:8f:69:a1:93:
b9:27:56:75:b3:be:04:80:17:d8:e2:55:ce:a1:af:
24:80:55:ff:6c:ec:55:90:ac:c5:bf:a3:b7:ed:9c:
dd:42:d4:14:13:6d:9e:82:9f:ea:2e:3d:42:47:59:
71:b7:c0:4d:f3:4f:45:ed:3f:11:94:89:52:1b:d7:
ed:b7:c8:96:92:de:a8:77:b5:da:e0:31:a3:f8:8f:
d9:01:ce:58:f9:e2:0b:e5:1e:0f:fb:63:81:01:73:
e8:48:bd:ca:01:31:7a:2d:2f:1c:8c:ff:91:1a:7f:
06:c3:c5:bd:f3:40:42:44:e5:f1:8c:0b:4d:20:1b:
ba:09:7f:cb:3a:cb:c3:0b:39:6b:92:e1:4a:cf:7a:
3a:6c:d6:c7:6e:84:67:4d:20:cb:43:7a:7d:f0:02:
b5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:10:D7:36:A7:A0:3C:C9:E9:8A:CF:5F:2B:C6:24:76:FB:2F:DE:5A
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/gBDXNqegPMnpis9fK8Ykdvsv3lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.246.0/24
37.221.92.0/24
45.13.227.0/24
45.131.108.0/24
45.131.111.0/24
45.137.203.0/24
45.142.104.0/24
45.142.107.0/24
92.118.207.0/24
185.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
43:1b:23:19:06:0c:ca:9a:57:fb:16:91:a3:fb:13:e7:87:05:
d6:65:8f:3e:9f:fd:60:29:1a:ce:38:ea:cb:0c:5e:d1:a6:3c:
2f:7f:59:6b:26:e4:c7:74:e4:0f:45:f0:b4:33:a7:08:a0:72:
2d:3c:d5:cd:f3:18:20:5b:b0:c4:c1:61:7c:4b:5b:85:a3:02:
3a:92:ff:eb:d3:fe:d0:a0:85:c3:0e:a0:e4:a1:c6:cd:60:a5:
ae:51:e1:a2:1e:9f:d1:13:eb:b3:99:6e:5f:29:57:ab:18:66:
a7:77:ca:79:e1:8f:04:ae:f1:aa:d5:34:8c:02:9a:f3:58:f9:
14:aa:da:22:d5:cd:4a:aa:04:f9:18:a3:81:bf:3b:76:6c:93:
6b:77:26:06:ba:38:3d:04:d7:08:5b:85:45:80:9f:cd:4a:58:
5d:5f:1e:83:04:82:5e:26:d1:44:e8:a5:ab:a9:be:0c:a8:0a:
ac:09:2a:0d:34:20:33:27:8b:bc:5e:40:64:ff:e0:4d:96:61:
12:6d:7a:ef:0b:c1:6e:72:96:69:bd:d8:cf:d7:dc:c8:fb:d4:
6f:4c:15:dc:ba:0d:35:8a:e2:72:6e:80:55:4e:bc:76:59:80:
34:5c:ca:54:4c:d2:6c:e9:c2:1b:9e:d6:5d:c9:07:e6:ce:3a:
0c:8c:e8:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYe52pCk0omq2NZicMwBpWINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNDI1MTkxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDEwZDczNmE3YTAzY2M5ZTk4YWNmNWYyYmM2MjQ3NmZiMmZkZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBGPDEDwfHRg/m2bHlD04ubx/4aW
l/PmKDK/k/Zy76xT8mUTx5lmaw25tw0oX472wfUkoynuxHBmO69ZwXTJzEkmSACG
HX974YaNzTs0pINr7HVEXzwjlOuNC/u5ELKVODPeo49poZO5J1Z1s74EgBfY4lXO
oa8kgFX/bOxVkKzFv6O37ZzdQtQUE22egp/qLj1CR1lxt8BN809F7T8RlIlSG9ft
t8iWkt6od7Xa4DGj+I/ZAc5Y+eIL5R4P+2OBAXPoSL3KATF6LS8cjP+RGn8Gw8W9
80BCROXxjAtNIBu6CX/LOsvDCzlrkuFKz3o6bNbHboRnTSDLQ3p98AK1RQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIAQ1zanoDzJ6YrPXyvGJHb7L95aMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZ0JEWE5xZWdQTW5waXM5Zks4WWtkdnN2M2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABf32AwQA
Jd1cAwQALQ3jAwQALYNsAwQALYNvAwQALYnLAwQALY5oAwQALY5rAwQAXHbPAwQA
uXUDMA0GCSqGSIb3DQEBCwUAA4IBAQBDGyMZBgzKmlf7FpGj+xPnhwXWZY8+n/1g
KRrOOOrLDF7Rpjwvf1lrJuTHdOQPRfC0M6cIoHItPNXN8xggW7DEwWF8S1uFowI6
kv/r0/7QoIXDDqDkocbNYKWuUeGiHp/RE+uzmW5fKVerGGand8p54Y8ErvGq1TSM
AprzWPkUqtoi1c1KqgT5GKOBvzt2bJNrdyYGujg9BNcIW4VFgJ/NSlhdXx6DBIJe
JtFE6KWrqb4MqAqsCSoNNCAzJ4u8XkBk/+BNlmESbXrvC8FucpZpvdjP19zI+9Rv
TBXcug01iuJyboBVTrx2WYA0XMpUTNJs6cIbntZdyQfmzjoMjOgi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org