Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gtCRNy5lWRA5Ij2Bjt3wdVcyxP8.roa
File: gtCRNy5lWRA5Ij2Bjt3wdVcyxP8.roa (raw, json)
Hash identifier: DuVnJffc/+ieGlBSe74FgByhTW/uB+9ZYU+89G699/M=
Subject key identifier: 82:D0:91:37:2E:65:59:10:39:22:3D:81:8E:DD:F0:75:57:32:C4:FF
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01906010E6C8A1A582C67E34377A27A3017D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gtCRNy5lWRA5Ij2Bjt3wdVcyxP8.roa
Signing time: Fri 28 Jun 2024 18:17:18 +0000
ROA not before: Fri 28 Jun 2024 18:17:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
45.90.146.0/24 maxlen: 24
45.140.220.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.105.184.0/24 maxlen: 24
193.105.207.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.31.141.0/24 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 14 Aug 2024 16:27:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:60:10:e6:c8:a1:a5:82:c6:7e:34:37:7a:27:a3:01:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 28 18:17:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82d091372e65591039223d818eddf0755732c4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:db:48:0b:9d:b1:2d:aa:a8:a5:c0:fc:ee:1f:
95:2f:02:b4:a5:85:95:f6:b6:87:c3:f6:08:66:dd:
2a:42:81:4b:16:c9:d0:1a:83:7f:52:7d:8c:54:89:
13:0b:3b:c2:04:0c:36:60:94:96:59:a2:4e:92:e7:
3e:68:e7:3a:8f:33:3a:47:23:c3:d6:19:81:1c:df:
76:09:0a:4f:25:08:b9:db:a6:b5:96:0b:d4:fd:37:
20:70:98:d0:60:d5:4e:df:42:f4:1c:92:24:cb:6e:
94:3a:2e:c4:e7:70:c2:ce:0f:f8:9c:57:be:ee:52:
b9:4e:66:3a:eb:36:c0:6d:0e:09:18:d3:f7:fd:8a:
ce:68:99:1e:a3:36:96:ec:4a:ef:b1:67:1a:4b:23:
9d:00:c1:94:e4:7c:c7:14:33:c8:66:13:0c:a1:f7:
7a:c8:43:bc:7c:a9:9a:b9:19:f8:e9:58:c4:f6:5c:
5d:65:20:6d:fc:ed:94:7f:f8:49:31:52:12:60:85:
46:cf:75:5d:b0:ba:02:f3:f9:f0:0b:fd:e9:43:63:
0a:7b:f9:72:ad:e7:40:cc:d2:54:41:1a:08:6f:1b:
f9:82:94:db:e6:56:7f:3e:71:db:4c:ea:23:b4:92:
02:b1:2c:33:3d:cf:eb:7d:d9:e1:89:f9:4b:73:c8:
7a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D0:91:37:2E:65:59:10:39:22:3D:81:8E:DD:F0:75:57:32:C4:FF
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/gtCRNy5lWRA5Ij2Bjt3wdVcyxP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.105.207.0/24
193.221.192.0/22
194.31.141.0/24
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
88:92:96:c2:3d:c3:e7:0e:2a:2f:c4:d1:ae:92:ca:5c:d7:c7:
64:d2:b3:5c:f4:f3:1a:33:1c:85:9e:1f:34:ec:21:7a:e3:7e:
e3:3c:11:af:94:cd:b6:60:59:27:70:b0:89:17:dd:95:ee:a3:
8f:0d:51:e9:d5:78:0e:fb:99:f9:19:99:cf:de:75:a3:87:05:
bb:b0:5a:95:79:46:4a:43:8e:46:bd:82:89:81:9b:ea:ee:01:
cf:f8:a8:60:7d:3b:ea:79:31:51:d9:b8:62:cf:02:82:20:4d:
c4:0f:db:3c:b6:04:9c:81:4a:89:7a:c3:de:b5:3d:e9:8c:a0:
e1:8b:ff:db:a6:b7:e1:c4:ae:5c:aa:ac:8a:59:f4:c1:f8:34:
0a:cd:7e:27:63:36:55:6c:b7:d1:1e:7c:2a:9c:52:9e:b5:a6:
42:61:f3:05:ed:03:45:65:63:29:ea:54:86:c7:9d:41:ee:e3:
75:b6:4c:4e:50:bd:7f:92:54:03:5b:01:20:5f:6c:81:d9:37:
a4:08:01:bb:83:69:95:45:9c:78:26:a0:08:45:a0:72:5d:d7:
67:14:f5:73:38:63:32:58:84:d2:ed:87:8b:d7:15:a3:af:b0:
cc:94:71:81:bf:5d:ad:52:6c:c1:3f:7a:fa:1b:5a:f4:1b:dc:
09:cb:65:5e
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZBgEObIoaWCxn40N3onowF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwNjI4MTgxNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQwOTEzNzJlNjU1OTEwMzkyMjNkODE4ZWRkZjA3NTU3MzJjNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNtIC52xLaqopcD87h+VLwK0pYWV
9raHw/YIZt0qQoFLFsnQGoN/Un2MVIkTCzvCBAw2YJSWWaJOkuc+aOc6jzM6RyPD
1hmBHN92CQpPJQi526a1lgvU/TcgcJjQYNVO30L0HJIky26UOi7E53DCzg/4nFe+
7lK5TmY66zbAbQ4JGNP3/YrOaJkeozaW7ErvsWcaSyOdAMGU5HzHFDPIZhMMofd6
yEO8fKmauRn46VjE9lxdZSBt/O2Uf/hJMVISYIVGz3VdsLoC8/nwC/3pQ2MKe/ly
redAzNJUQRoIbxv5gpTb5lZ/PnHbTOojtJICsSwzPc/rfdnhiflLc8h6TwIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFILQkTcuZVkQOSI9gY7d8HVXMsT/MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZ3RDUk55NWxXUkE1SWoyQmp0M3dkVmN5eFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCBnQQCAAEwgZYD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBADBac8DBALB3cADBADCH40DBALCMhADBALCOOAD
BALUawwwaAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8S
AwcAKgsLh/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABAD
BwYqC3CAAAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQCIkpbCPcPnDiovxNGu
kspc18dk0rNc9PMaMxyFnh807CF6437jPBGvlM22YFkncLCJF92V7qOPDVHp1XgO
+5n5GZnP3nWjhwW7sFqVeUZKQ45GvYKJgZvq7gHP+KhgfTvqeTFR2bhizwKCIE3E
D9s8tgScgUqJesPetT3pjKDhi//bprfhxK5cqqyKWfTB+DQKzX4nYzZVbLfRHnwq
nFKetaZCYfMF7QNFZWMp6lSGx51B7uN1tkxOUL1/klQDWwEgX2yB2TekCAG7g2mV
RZx4JqAIRaByXddnFPVzOGMyWITS7YeL1xWjr7DMlHGBv12tUmzBP3r6G1r0G9wJ
y2Ve
-----END CERTIFICATE-----
Generated at Wed Aug 14 19:41:55 2024 by rpki-client on console-fra.rpki-client.org