Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/GK27uQ8ppqz1epgNP_bi3Joticc.roa
File: GK27uQ8ppqz1epgNP_bi3Joticc.roa (raw, json)
Hash identifier: fAHiVsn/yWK/UhoGQ5vQ4KeYQ51ultSENQMwa2SAafk=
Subject key identifier: 18:AD:BB:B9:0F:29:A6:AC:F5:7A:98:0D:3F:F6:E2:DC:9A:2D:89:C7
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 01856F824A4314D88C7BF282856A2FA8A497
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/GK27uQ8ppqz1epgNP_bi3Joticc.roa
Signing time: Sun 01 Jan 2023 22:44:47 +0000
ROA not before: Sun 01 Jan 2023 22:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49025
IP address blocks: 185.111.108.0/22 maxlen: 22
95.173.200.0/21 maxlen: 21
95.173.204.0/22 maxlen: 22
95.173.208.0/21 maxlen: 21
95.173.216.0/21 maxlen: 21
185.2.40.0/22 maxlen: 22
2a02:a48:f000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 21 Mar 2023 07:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4a:43:14:d8:8c:7b:f2:82:85:6a:2f:a8:a4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jan 1 22:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18adbbb90f29a6acf57a980d3ff6e2dc9a2d89c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0d:5b:39:5c:63:07:e4:4e:84:03:7e:87:11:
c0:30:57:4e:12:43:9e:cf:21:67:0e:e1:b6:80:6b:
f8:56:74:ee:44:53:74:f0:32:d0:28:af:79:5c:15:
d4:27:94:5c:c4:47:d1:2e:05:b5:30:de:01:f5:70:
2b:22:5f:7a:c5:07:52:ed:37:5b:1b:be:7b:aa:43:
5f:1a:a6:35:d6:a5:6b:4f:5f:12:0e:98:77:7f:75:
2e:2c:a1:f0:ab:ef:05:a0:6a:fd:f1:1c:9c:28:45:
76:5a:19:b4:0c:bb:0a:c9:3a:9e:08:ee:ce:79:18:
ed:7e:2e:c0:ae:f7:0b:5d:7e:fd:89:76:20:9b:6b:
63:68:de:a1:17:f1:0d:2f:f3:51:71:ab:80:de:e5:
9c:f3:01:72:d7:2b:f8:67:67:51:79:e5:2d:c9:04:
9e:9a:02:d3:f0:92:a2:48:48:d4:db:b3:03:81:96:
10:1d:8c:eb:e2:17:05:56:66:60:b5:33:fb:83:58:
52:5a:67:88:70:6a:85:e9:33:64:05:33:88:f6:43:
93:ca:55:ee:06:47:c4:68:6b:a3:7d:34:9c:c7:11:
90:17:38:73:66:6a:94:c2:fb:a0:45:df:8b:be:b9:
7b:d7:ed:4b:ce:e8:57:66:07:07:aa:b8:99:03:67:
51:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:AD:BB:B9:0F:29:A6:AC:F5:7A:98:0D:3F:F6:E2:DC:9A:2D:89:C7
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/GK27uQ8ppqz1epgNP_bi3Joticc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.200.0-95.173.223.255
185.2.40.0/22
185.111.108.0/22
IPv6:
2a02:a48:f000::/36
Signature Algorithm: sha256WithRSAEncryption
49:9f:52:b4:ce:dc:54:b0:ce:b1:08:38:c2:27:34:8c:a5:f6:
1f:5e:11:fc:3b:f1:f9:a6:43:0d:5e:92:83:d5:92:f5:db:22:
58:98:6a:03:0a:62:3f:cc:d8:f9:bb:d1:58:fc:27:58:fe:f7:
c1:75:c4:b5:67:68:a8:db:cd:42:cd:aa:24:12:86:e6:6c:8f:
d6:2e:8b:3e:20:67:f3:ba:c5:55:7c:1b:4f:6f:52:26:bc:2a:
2a:92:3d:74:0c:43:82:50:67:c2:97:a3:33:2b:19:f0:07:ac:
30:3c:ae:24:ab:7c:ca:91:19:b6:29:db:6d:71:0e:f8:70:a2:
74:e3:cf:0c:94:d2:61:3b:fb:27:ac:53:89:83:86:2d:e9:f4:
d1:60:22:78:0b:76:be:9e:a3:38:dc:a2:43:58:74:83:c7:38:
75:89:1b:22:af:30:5f:08:9b:bd:98:51:25:0c:b2:0d:b1:a8:
c9:83:42:64:82:2e:23:86:d6:14:da:0a:a4:e2:09:57:20:48:
93:51:d4:2c:c9:b1:f0:d5:48:8e:ee:19:d1:60:39:cc:96:c8:
e2:13:40:f4:0d:d4:6a:02:46:0c:3d:41:db:15:83:cb:06:ff:
61:f1:f5:bd:63:bf:38:a0:57:6e:80:85:fc:96:4c:ad:d0:08:
ba:a5:6d:b8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVvgkpDFNiMe/KChWovqKSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjMwMTAxMjI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGFkYmJiOTBmMjlhNmFjZjU3YTk4MGQzZmY2ZTJkYzlhMmQ4OWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg1bOVxjB+ROhAN+hxHAMFdOEkOe
zyFnDuG2gGv4VnTuRFN08DLQKK95XBXUJ5RcxEfRLgW1MN4B9XArIl96xQdS7Tdb
G757qkNfGqY11qVrT18SDph3f3UuLKHwq+8FoGr98RycKEV2Whm0DLsKyTqeCO7O
eRjtfi7ArvcLXX79iXYgm2tjaN6hF/ENL/NRcauA3uWc8wFy1yv4Z2dReeUtyQSe
mgLT8JKiSEjU27MDgZYQHYzr4hcFVmZgtTP7g1hSWmeIcGqF6TNkBTOI9kOTylXu
BkfEaGujfTScxxGQFzhzZmqUwvugRd+Lvrl71+1LzuhXZgcHqriZA2dRrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBitu7kPKaas9XqYDT/24tyaLYnHMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvR0syN3VROHBwcXoxZXBnTlBfYmkzSm90aWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAgBAIAATAaMAwDBANfrcgD
BAVfrcADBAK5AigDBAK5b2wwDgQCAAIwCAMGBCoCCkjwMA0GCSqGSIb3DQEBCwUA
A4IBAQBJn1K0ztxUsM6xCDjCJzSMpfYfXhH8O/H5pkMNXpKD1ZL12yJYmGoDCmI/
zNj5u9FY/CdY/vfBdcS1Z2io281CzaokEobmbI/WLos+IGfzusVVfBtPb1ImvCoq
kj10DEOCUGfCl6MzKxnwB6wwPK4kq3zKkRm2KdttcQ74cKJ0488MlNJhO/snrFOJ
g4Yt6fTRYCJ4C3a+nqM43KJDWHSDxzh1iRsirzBfCJu9mFElDLINsajJg0Jkgi4j
htYU2gqk4glXIEiTUdQsybHw1UiO7hnRYDnMlsjiE0D0DdRqAkYMPUHbFYPLBv9h
8fW9Y784oFdugIX8lkyt0Ai6pW24
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:42 2024 by rpki-client on console-fra.rpki-client.org