Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GwBKYokhzdiIsSKPOaonVCAhqPI.roa
File: GwBKYokhzdiIsSKPOaonVCAhqPI.roa (raw, json)
Hash identifier: lk7WsUENjFrPiod3w0hnpTXNP1LaazYgU+5kzct3u9I=
Subject key identifier: 1B:00:4A:62:89:21:CD:D8:88:B1:22:8F:39:AA:27:54:20:21:A8:F2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AE655D7FB694224EA3700D2ACC6517D92
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GwBKYokhzdiIsSKPOaonVCAhqPI.roa
Signing time: Sat 30 Sep 2023 13:45:00 +0000
ROA not before: Sat 30 Sep 2023 13:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Oct 2023 11:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e6:55:d7:fb:69:42:24:ea:37:00:d2:ac:c6:51:7d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 30 13:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b004a628921cdd888b1228f39aa27542021a8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6e:da:d4:e5:69:56:a3:bb:53:f6:8e:00:33:
f3:13:d9:91:e9:f5:6a:df:50:3c:62:f5:34:e0:ef:
98:46:70:14:7e:f8:16:0d:0d:63:46:55:d3:62:21:
12:56:98:ee:2c:73:42:7b:f8:44:f9:ed:04:27:40:
bb:93:f8:7b:89:e8:c0:84:95:6f:17:6d:4e:7c:bf:
53:03:f2:10:e1:90:58:d9:bf:70:28:90:f9:9d:3b:
80:d4:b4:4b:e3:f5:95:a0:88:09:96:fc:82:77:4c:
c6:10:2f:f8:3c:98:5e:fd:b7:de:ee:ef:6a:0f:ca:
31:be:73:ee:a0:0d:f0:4e:27:79:db:e9:b9:32:f7:
c3:4d:de:8b:38:f1:77:27:1e:4e:a5:46:1b:e7:34:
f9:86:74:69:ea:88:35:f8:7b:5f:4d:ea:df:9c:21:
69:a0:61:a7:2a:0f:c7:b6:20:88:53:62:af:75:16:
86:95:47:9a:37:c3:e0:aa:f8:67:2d:60:4b:a6:08:
3d:ea:ea:df:09:90:56:5a:26:d1:fd:86:24:d3:ea:
05:bd:2f:9d:67:19:7f:ab:eb:b9:77:d1:a6:84:d2:
82:76:4d:2e:29:c1:38:a0:38:f7:5e:2b:80:0b:90:
b1:fa:59:92:59:72:46:cd:4f:25:d4:d9:de:8b:e9:
13:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:00:4A:62:89:21:CD:D8:88:B1:22:8F:39:AA:27:54:20:21:A8:F2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GwBKYokhzdiIsSKPOaonVCAhqPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
97:e5:c4:5c:bd:af:a9:c7:0d:b0:4b:3b:2b:a8:8d:d5:d1:2b:
38:21:94:5f:b1:2c:dc:76:15:15:3c:31:2b:c4:d9:86:9a:33:
76:3b:c3:62:fd:a5:43:07:73:f5:d5:1d:bc:5d:56:14:56:bd:
8a:8d:db:47:cc:b0:5f:09:62:ac:45:86:29:7b:57:b6:28:1d:
90:28:b6:5b:13:64:11:d5:87:76:4d:dc:6b:dc:ad:e1:6f:09:
52:14:8d:f0:57:d0:fd:fc:01:c3:23:d9:be:2e:ac:88:ed:a3:
88:e9:df:de:81:7d:cc:c1:2e:ab:ec:8b:43:ff:60:5e:49:74:
09:d0:94:ec:3d:9f:7f:aa:36:7a:79:fa:9c:eb:db:3b:32:72:
11:1f:9f:b2:ab:69:15:b6:f7:da:1f:cf:ef:1d:f5:0d:c4:4b:
0b:fb:8b:27:1f:a0:9f:40:9a:22:a4:10:90:8d:d1:67:fa:c7:
a4:d7:f1:9c:b4:6c:75:ee:91:29:57:75:b3:1a:3c:a9:58:01:
25:42:1b:ef:51:cd:95:8f:29:67:dd:62:a7:c7:45:0b:b3:a5:
5b:34:2f:9a:81:40:18:08:ef:24:62:43:c2:39:6b:7e:e3:0a:
bf:44:7e:12:6b:e5:f1:8e:c1:89:55:aa:f6:ba:93:c3:7f:a1:
c1:c0:a5:39
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYrmVdf7aUIk6jcA0qzGUX2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTMwMTM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjAwNGE2Mjg5MjFjZGQ4ODhiMTIyOGYzOWFhMjc1NDIwMjFhOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m7a1OVpVqO7U/aOADPzE9mR6fVq
31A8YvU04O+YRnAUfvgWDQ1jRlXTYiESVpjuLHNCe/hE+e0EJ0C7k/h7iejAhJVv
F21OfL9TA/IQ4ZBY2b9wKJD5nTuA1LRL4/WVoIgJlvyCd0zGEC/4PJhe/bfe7u9q
D8oxvnPuoA3wTid52+m5MvfDTd6LOPF3Jx5OpUYb5zT5hnRp6og1+HtfTerfnCFp
oGGnKg/HtiCIU2KvdRaGlUeaN8PgqvhnLWBLpgg96urfCZBWWibR/YYk0+oFvS+d
Zxl/q+u5d9GmhNKCdk0uKcE4oDj3XiuAC5Cx+lmSWXJGzU8l1Nnei+kTQQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFBsASmKJIc3YiLEijzmqJ1QgIajyMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvR3dCS1lva2h6ZGlJc1NLUE9hb25WQ0FocVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KwMEAsLyYAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AJflxFy9r6nHDbBLOyuojdXRKzghlF+xLNx2FRU8MSvE2YaaM3Y7w2L9pUMHc/XV
HbxdVhRWvYqN20fMsF8JYqxFhil7V7YoHZAotlsTZBHVh3ZN3GvcreFvCVIUjfBX
0P38AcMj2b4urIjto4jp396BfczBLqvsi0P/YF5JdAnQlOw9n3+qNnp5+pzr2zsy
chEfn7KraRW299ofz+8d9Q3ESwv7iycfoJ9AmiKkEJCN0Wf6x6TX8Zy0bHXukSlX
dbMaPKlYASVCG+9RzZWPKWfdYqfHRQuzpVs0L5qBQBgI7yRiQ8I5a37jCr9EfhJr
5fGOwYlVqva6k8N/ocHApTk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org