Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GMWRHytde_ZP4J3YKtQPr6arAKo.roa
File: GMWRHytde_ZP4J3YKtQPr6arAKo.roa (raw, json)
Hash identifier: DjGy2K0mxBCGvcK7WvULOyE9plXb1/RQ5liOdvNtw0M=
Subject key identifier: 18:C5:91:1F:2B:5D:7B:F6:4F:E0:9D:D8:2A:D4:0F:AF:A6:AB:00:AA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01900DB57673661DB704AD1908CB83C16849
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GMWRHytde_ZP4J3YKtQPr6arAKo.roa
Signing time: Wed 12 Jun 2024 18:28:34 +0000
ROA not before: Wed 12 Jun 2024 18:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Jun 2024 11:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:b5:76:73:66:1d:b7:04:ad:19:08:cb:83:c1:68:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 12 18:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18c5911f2b5d7bf64fe09dd82ad40fafa6ab00aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e0:e9:ce:0f:5d:da:97:65:36:0a:23:3c:0c:
2b:bd:54:b0:25:a4:61:18:83:7d:ad:ec:b9:7e:cd:
8f:d6:cf:13:03:b2:da:0f:09:c6:2d:39:78:11:2c:
43:06:61:91:82:0b:5e:18:cc:4d:ec:f2:0f:e8:cc:
79:16:e6:f3:0a:29:5a:73:67:8e:23:ec:2d:bd:8f:
c9:22:93:e5:a9:0c:1f:ab:d6:73:43:0d:26:a6:0e:
a8:e1:c2:64:6b:45:cc:1c:bb:86:a0:b4:c3:83:6d:
b6:12:2c:96:7f:f9:b7:20:51:7b:13:13:6f:82:c7:
8d:a0:3f:9d:a6:e8:dc:b6:2e:3e:2c:de:d7:0a:6c:
02:d5:f8:81:59:24:c7:6c:62:c4:9a:30:1e:99:17:
3c:5f:6a:c6:e5:0a:e3:82:aa:e6:c0:98:b2:c6:05:
b4:ed:d1:8d:3a:ce:42:04:6d:08:89:90:5b:47:47:
1a:3c:3d:29:51:4d:10:7e:19:d6:2c:e7:b2:33:9d:
a5:bb:0a:a0:43:62:72:db:4b:54:5b:05:26:8e:50:
54:30:88:e2:1e:06:45:c2:ec:7b:35:bc:d1:ed:e6:
0a:fd:b4:1f:df:a5:19:9f:f5:87:a2:9a:8d:a3:2e:
4f:0d:32:2b:e2:34:bf:18:4e:96:d7:e9:39:9b:b1:
c1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C5:91:1F:2B:5D:7B:F6:4F:E0:9D:D8:2A:D4:0F:AF:A6:AB:00:AA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GMWRHytde_ZP4J3YKtQPr6arAKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
79:43:5b:c0:b3:9a:c5:da:1f:0f:3f:4b:13:a1:5b:bf:62:c5:
bb:7e:11:b6:14:e8:31:0b:b9:ad:6c:6e:f9:2e:ac:86:89:17:
d0:0d:c7:1c:52:b7:5e:36:f0:89:5c:37:b9:0c:90:ae:10:bc:
9c:bc:86:51:68:8c:d3:95:77:b1:54:f9:79:f8:19:5e:8b:bb:
3d:f4:29:c6:ca:6d:c5:af:44:4a:ef:fe:70:27:70:43:26:99:
02:70:ac:22:c1:d1:61:cd:ce:d1:df:d9:d4:01:e5:ff:cb:16:
da:1c:1d:59:5e:66:8b:11:30:4a:b0:c3:99:b5:64:d8:b9:da:
c5:1d:bc:81:d5:42:8c:98:f2:7d:28:7e:f0:58:23:c2:4d:77:
cf:fd:09:99:1c:26:bf:e0:d4:90:d0:18:8a:3a:e8:26:ef:c2:
e6:97:3b:e7:dc:84:44:6c:ae:82:1d:19:0e:b9:d2:ed:20:5d:
99:e6:94:5b:e2:8b:07:e1:39:f8:3a:ba:cd:9a:ec:ee:df:17:
60:4a:7a:d9:51:5a:ef:c4:0f:ef:9c:a0:45:b1:44:23:96:fd:
c4:97:a0:4f:18:fc:bb:99:e5:d3:23:6e:2c:c0:1e:61:6b:6d:
7c:42:22:a8:81:19:f6:ba:3d:c8:17:68:11:e1:33:12:7f:f7:
b9:8e:db:cd
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZANtXZzZh23BK0ZCMuDwWhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNjEyMTgyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGM1OTExZjJiNWQ3YmY2NGZlMDlkZDgyYWQ0MGZhZmE2YWIwMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoODpzg9d2pdlNgojPAwrvVSwJaRh
GIN9rey5fs2P1s8TA7LaDwnGLTl4ESxDBmGRggteGMxN7PIP6Mx5FubzCilac2eO
I+wtvY/JIpPlqQwfq9ZzQw0mpg6o4cJka0XMHLuGoLTDg222EiyWf/m3IFF7ExNv
gseNoD+dpujcti4+LN7XCmwC1fiBWSTHbGLEmjAemRc8X2rG5QrjgqrmwJiyxgW0
7dGNOs5CBG0IiZBbR0caPD0pUU0QfhnWLOeyM52luwqgQ2Jy20tUWwUmjlBUMIji
HgZFwux7NbzR7eYK/bQf36UZn/WHopqNoy5PDTIr4jS/GE6W1+k5m7HBIwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFBjFkR8rXXv2T+Cd2CrUD6+mqwCqMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvR01XUkh5dGRlX1pQNEozWUt0UVByNmFyQUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXMDBAAtWIgDBAAtWIoDBAAtXqsDBAIt
hLQDBAAtkNQDBAAtlwMDBABNUyUDBAG5K/gDBAC5K/sDBAG5yD4DBADBHvADBAHB
HvIDBADBOSsDBADC8mADBAHC8mIwDAMEAMOxXQMEBcOxQAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAHlDW8CzmsXaHw8/SxOhW79ixbt+EbYU6DELua1sbvkurIaJF9ANxxxS
t1428IlcN7kMkK4QvJy8hlFojNOVd7FU+Xn4GV6Luz30KcbKbcWvRErv/nAncEMm
mQJwrCLB0WHNztHf2dQB5f/LFtocHVleZosRMEqww5m1ZNi52sUdvIHVQoyY8n0o
fvBYI8JNd8/9CZkcJr/g1JDQGIo66CbvwuaXO+fchERsroIdGQ650u0gXZnmlFvi
iwfhOfg6us2a7O7fF2BKetlRWu/ED++coEWxRCOW/cSXoE8Y/LuZ5dMjbizAHmFr
bXxCIqiBGfa6PcgXaBHhMxJ/97mO280=
-----END CERTIFICATE-----
Generated at Sat Jun 22 11:55:18 2024 by rpki-client on console-fra.rpki-client.org