Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/GgP4hOauMk96mb3r1o6MasDAt2w.roa
File: GgP4hOauMk96mb3r1o6MasDAt2w.roa (raw, json)
Hash identifier: qx9b+Wg0Ty1F/o2+RolVPDPe91y8RareKUL4X3R6v4Y=
Subject key identifier: 1A:03:F8:84:E6:AE:32:4F:7A:99:BD:EB:D6:8E:8C:6A:C0:C0:B7:6C
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 01880FB179B9DBCCFB59CAC2740771F73F3A
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/GgP4hOauMk96mb3r1o6MasDAt2w.roa
Signing time: Fri 12 May 2023 11:21:09 +0000
ROA not before: Fri 12 May 2023 11:21:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56595
IP address blocks: 188.241.20.0/22 maxlen: 24
185.7.230.0/23 maxlen: 23
46.226.0.0/21 maxlen: 21
185.73.152.0/22 maxlen: 22
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
89.32.88.0/21 maxlen: 21
185.34.8.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
185.122.64.0/22 maxlen: 22
192.124.193.0/24 maxlen: 24
192.124.194.0/23 maxlen: 23
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
192.124.200.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
185.240.200.0/22 maxlen: 22
2a00:a600::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 May 2023 13:17:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:b1:79:b9:db:cc:fb:59:ca:c2:74:07:71:f7:3f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: May 12 11:21:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a03f884e6ae324f7a99bdebd68e8c6ac0c0b76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d3:0b:f5:b6:5a:5f:64:26:c9:3e:1b:ec:3a:
74:85:44:0c:09:da:d8:48:d4:df:d3:57:99:0c:b7:
44:f5:d0:6e:c2:f7:0a:b5:09:74:f5:1b:bf:56:d4:
f5:02:a9:aa:06:de:40:a5:3e:e7:65:a9:5c:5e:50:
2a:c5:e6:44:43:5e:27:0c:8d:d9:32:90:f4:c2:53:
ae:ca:13:bd:0a:38:2c:88:0d:10:e3:5e:d6:3d:8f:
a9:6b:d3:0d:4c:d7:11:7e:e5:8f:7d:64:44:87:bf:
7a:44:df:14:1a:a7:72:3c:75:8d:97:40:5b:6b:33:
a0:fe:01:61:9b:e3:98:be:ce:0c:b1:b1:e9:78:5b:
cc:9b:28:53:be:74:98:57:d2:a5:53:09:e9:5d:b4:
a9:38:21:ac:10:f6:58:7c:77:62:3d:76:56:73:df:
38:76:d0:33:df:e0:09:97:26:bb:66:2c:8b:f0:44:
c9:eb:f2:9d:30:42:8b:34:d3:b4:6c:55:a1:91:3e:
6a:ae:e9:68:4a:d4:87:96:5f:73:40:fc:31:8b:aa:
8a:f7:ae:1c:e0:fa:40:85:8a:ef:52:b5:be:76:9e:
b9:f5:c9:f0:a1:88:a9:20:bf:72:a2:d2:32:ea:0a:
b6:e6:9a:3c:b7:ff:4e:1c:e0:c2:2e:64:59:de:ca:
b2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:03:F8:84:E6:AE:32:4F:7A:99:BD:EB:D6:8E:8C:6A:C0:C0:B7:6C
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/GgP4hOauMk96mb3r1o6MasDAt2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.240.174.0/24
185.7.228.0/22
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0-192.124.195.255
192.124.197.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
a0:c2:19:63:87:c9:e2:a9:12:9d:dc:7c:2d:48:74:9b:4a:c7:
7a:fb:95:6f:c2:85:e1:a0:c0:57:a5:9a:83:10:d8:d9:81:af:
9e:9c:71:ef:1c:05:2e:bc:03:ff:94:5e:13:20:a2:77:d5:09:
42:e1:6f:32:73:39:ca:1b:b9:e6:30:c6:1c:3e:60:8c:2a:2c:
76:16:4d:cf:77:c5:a0:d1:40:be:81:58:23:5d:71:1b:25:f5:
58:17:58:79:64:70:42:1a:86:fe:3e:fe:06:b6:0c:eb:9e:43:
42:e8:18:dd:de:6c:f6:07:da:71:97:66:bc:d2:dd:04:c9:37:
f6:8f:d1:f5:11:91:4d:e5:aa:22:a5:95:7d:49:04:f4:80:b5:
dd:5e:0f:b8:6e:2c:63:9a:66:f2:ea:3b:f2:4f:05:a6:e9:7b:
13:e6:41:0c:ae:50:48:c8:d1:08:a6:e7:7c:82:ca:5f:eb:88:
d4:5e:40:04:34:59:b1:de:fa:ef:f2:40:d0:02:2d:64:d9:c9:
56:a9:13:ec:af:31:59:a3:ee:e6:79:8e:aa:ce:2a:73:21:6d:
24:da:93:83:b6:9d:4b:ed:84:03:49:98:16:da:7c:6d:2c:12:
f5:0e:8b:5d:d5:9c:08:25:93:bb:07:13:a2:47:4c:23:e6:4e:
50:b1:10:f9
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYgPsXm528z7WcrCdAdx9z86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm
N2MxN2IwHhcNMjMwNTEyMTEyMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTAzZjg4NGU2YWUzMjRmN2E5OWJkZWJkNjhlOGM2YWMwYzBiNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNML9bZaX2QmyT4b7Dp0hUQMCdrY
SNTf01eZDLdE9dBuwvcKtQl09Ru/VtT1AqmqBt5ApT7nZalcXlAqxeZEQ14nDI3Z
MpD0wlOuyhO9CjgsiA0Q417WPY+pa9MNTNcRfuWPfWREh796RN8UGqdyPHWNl0Bb
azOg/gFhm+OYvs4MsbHpeFvMmyhTvnSYV9KlUwnpXbSpOCGsEPZYfHdiPXZWc984
dtAz3+AJlya7ZiyL8ETJ6/KdMEKLNNO0bFWhkT5qruloStSHll9zQPwxi6qK964c
4PpAhYrvUrW+dp659cnwoYipIL9yotIy6gq25po8t/9OHODCLmRZ3sqyGQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBoD+ITmrjJPepm969aOjGrAwLdsMB8GA1UdIwQY
MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt
MWNjNjE5MTk3NTUxLzEvR2dQNGhPYXVNazk2bWIzcjFvNk1hc0RBdDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx
LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQDLuIA
AwQDWSBYAwQAW/CuAwQCuQfkAwQCuSIIAwQCuUmYAwQCuWREAwQCuXpAAwQCufDI
AwQCvPEUMAwDBADAfMEDBALAfMAwDAMEAMB8xQMEAMB8xgMEAMB8yAMEAMB8ywME
AcB8zjANBAIAAjAHAwUAKgCmADANBgkqhkiG9w0BAQsFAAOCAQEAoMIZY4fJ4qkS
ndx8LUh0m0rHevuVb8KF4aDAV6WagxDY2YGvnpxx7xwFLrwD/5ReEyCid9UJQuFv
MnM5yhu55jDGHD5gjCosdhZNz3fFoNFAvoFYI11xGyX1WBdYeWRwQhqG/j7+BrYM
655DQugY3d5s9gfacZdmvNLdBMk39o/R9RGRTeWqIqWVfUkE9IC13V4PuG4sY5pm
8uo78k8Fpul7E+ZBDK5QSMjRCKbnfILKX+uI1F5ABDRZsd767/JA0AItZNnJVqkT
7K8xWaPu5nmOqs4qcyFtJNqTg7adS+2EA0mYFtp8bSwS9Q6LXdWcCCWTuwcTokdM
I+ZOULEQ+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:22 2024 by rpki-client on console-ams.rpki-client.org