Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/gMbB4ZyDVEZYAL_T0LZ-sHe0CCM.roa
File: gMbB4ZyDVEZYAL_T0LZ-sHe0CCM.roa (raw, json)
Hash identifier: F7ABlJnp8s0CGAyK+H5PzhmfMWACypA8c4UgyUy1+08=
Subject key identifier: 80:C6:C1:E1:9C:83:54:46:58:00:BF:D3:D0:B6:7E:B0:77:B4:08:23
Certificate issuer: /CN=4ba7b24f87ea51446d519afd4fe60419198ec012
Certificate serial: 0185703045854ABA115C6A74E6D912FD0106
Authority key identifier: 4B:A7:B2:4F:87:EA:51:44:6D:51:9A:FD:4F:E6:04:19:19:8E:C0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6eyT4fqUURtUZr9T-YEGRmOwBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/gMbB4ZyDVEZYAL_T0LZ-sHe0CCM.roa
Signing time: Mon 02 Jan 2023 01:54:49 +0000
ROA not before: Mon 02 Jan 2023 01:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49010
IP address blocks: 193.187.164.0/22 maxlen: 22
91.207.2.0/23 maxlen: 23
109.232.72.0/21 maxlen: 21
185.20.140.0/22 maxlen: 22
84.252.76.0/22 maxlen: 22
86.62.24.0/22 maxlen: 22
2a09:5500::/29 maxlen: 29
2a00:19f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:45:85:4a:ba:11:5c:6a:74:e6:d9:12:fd:01:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ba7b24f87ea51446d519afd4fe60419198ec012
Validity
Not Before: Jan 2 01:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80c6c1e19c8354465800bfd3d0b67eb077b40823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e6:82:79:2e:13:fc:65:71:27:b9:ce:fb:bd:
29:b5:7f:3a:f8:07:f5:bd:8a:e9:01:b3:12:1f:5c:
94:e9:70:13:43:c9:c8:16:67:d1:c7:0d:90:47:ef:
04:09:30:1b:50:13:e8:91:3f:de:66:7f:6b:ea:58:
1e:74:29:3e:29:de:3f:e3:04:28:b6:44:81:9f:f9:
75:ce:1c:2c:42:ca:79:f0:a3:8d:e1:f9:43:45:84:
9b:9e:01:8d:d0:63:b4:8f:5c:8d:30:39:8e:f8:e2:
54:fa:6b:2b:ba:9d:c8:0e:bb:8e:f9:d5:7c:83:04:
6f:f2:51:a4:0d:e4:0e:f1:2f:b1:23:97:0d:8c:e5:
ec:76:93:09:56:10:f7:09:5f:22:2d:f6:b7:6b:39:
71:b6:5e:d2:34:34:79:94:3b:c5:d4:0d:c6:96:c6:
a4:61:58:75:bf:ec:4c:bb:b1:27:0e:94:7d:4c:a4:
b7:c5:f4:af:61:07:c2:ec:e3:be:af:b2:a5:d0:01:
82:df:44:84:88:18:01:35:16:4d:cb:7e:96:cb:6b:
06:be:f9:e7:89:e3:81:2c:f8:4f:e8:fb:00:60:ba:
b5:e3:e3:e5:f3:a6:e7:0e:d0:f0:44:7a:bf:ea:dc:
23:66:e5:7a:02:ab:1a:0b:2c:64:d2:70:a9:db:ed:
af:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C6:C1:E1:9C:83:54:46:58:00:BF:D3:D0:B6:7E:B0:77:B4:08:23
X509v3 Authority Key Identifier:
keyid:4B:A7:B2:4F:87:EA:51:44:6D:51:9A:FD:4F:E6:04:19:19:8E:C0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6eyT4fqUURtUZr9T-YEGRmOwBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/gMbB4ZyDVEZYAL_T0LZ-sHe0CCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/S6eyT4fqUURtUZr9T-YEGRmOwBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.76.0/22
86.62.24.0/22
91.207.2.0/23
109.232.72.0/21
185.20.140.0/22
193.187.164.0/22
IPv6:
2a00:19f8::/32
2a09:5500::/29
Signature Algorithm: sha256WithRSAEncryption
5c:89:e7:5b:5f:3e:7c:ff:0c:65:74:a8:4b:55:46:6f:e0:76:
0f:38:06:9c:03:ef:ef:47:1b:9a:c5:85:73:15:c0:a7:cc:8a:
83:db:43:93:b8:14:ce:76:87:aa:f9:eb:b5:1b:b6:a0:52:9b:
cb:88:39:81:36:53:b1:89:94:7a:6e:84:31:08:c1:0f:3a:b7:
c7:10:ba:57:0a:2b:8f:4f:a5:98:44:4f:65:42:e9:f6:da:27:
90:24:a0:4f:b8:f4:f9:b0:9b:59:44:02:c0:5a:73:86:1a:53:
5e:8b:41:ac:b8:e5:c8:b3:f9:15:dd:f1:4d:37:2c:ea:f1:a1:
f5:5e:87:07:53:aa:85:49:d2:ef:52:6b:0b:53:00:59:2d:33:
72:bd:35:d5:9c:4f:cf:6a:6a:7a:9c:d5:5a:08:f0:d3:bd:63:
66:6c:ce:fc:e7:6a:69:94:e1:4d:89:67:3a:62:d7:53:2d:33:
35:f5:ef:4a:25:69:dd:fe:f1:fd:43:42:92:76:a6:b6:40:d5:
f9:bf:5e:d8:63:ee:d1:11:04:36:56:a6:ba:ef:cb:f8:df:63:
c0:b9:6b:e0:8d:cd:3a:98:35:a1:af:df:c8:fa:4f:f1:8a:db:
70:9f:1c:a7:d7:0f:10:04:6e:ca:bf:9e:f8:97:c1:6c:4b:22:
da:e6:87:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVwMEWFSroRXGp05tkS/QEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYTdiMjRmODdlYTUxNDQ2ZDUxOWFmZDRmZTYwNDE5MTk4
ZWMwMTIwHhcNMjMwMTAyMDE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGM2YzFlMTljODM1NDQ2NTgwMGJmZDNkMGI2N2ViMDc3YjQwODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+aCeS4T/GVxJ7nO+70ptX86+Af1
vYrpAbMSH1yU6XATQ8nIFmfRxw2QR+8ECTAbUBPokT/eZn9r6lgedCk+Kd4/4wQo
tkSBn/l1zhwsQsp58KON4flDRYSbngGN0GO0j1yNMDmO+OJU+msrup3IDruO+dV8
gwRv8lGkDeQO8S+xI5cNjOXsdpMJVhD3CV8iLfa3azlxtl7SNDR5lDvF1A3Glsak
YVh1v+xMu7EnDpR9TKS3xfSvYQfC7OO+r7Kl0AGC30SEiBgBNRZNy36Wy2sGvvnn
ieOBLPhP6PsAYLq14+Pl86bnDtDwRHq/6twjZuV6AqsaCyxk0nCp2+2v9wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFIDGweGcg1RGWAC/09C2frB3tAgjMB8GA1UdIwQY
MBaAFEunsk+H6lFEbVGa/U/mBBkZjsASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZleVQ0ZnFVVVJ0VVpyOVQtWUVHUm1Pd0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMWZkZWQtNmZkZS00NWNlLWIzNTgt
YTI2ODg5ZWUyMmMyLzEvZ01iQjRaeURWRVpZQUxfVDBMWi1zSGUwQ0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMWZkZWQtNmZkZS00NWNlLWIzNTgtYTI2ODg5ZWUyMmMy
LzEvUzZleVQ0ZnFVVVJ0VVpyOVQtWUVHUm1Pd0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCVPxMAwQC
Vj4YAwQBW88CAwQDbehIAwQCuRSMAwQCwbukMBQEAgACMA4DBQAqABn4AwUDKglV
ADANBgkqhkiG9w0BAQsFAAOCAQEAXInnW18+fP8MZXSoS1VGb+B2DzgGnAPv70cb
msWFcxXAp8yKg9tDk7gUznaHqvnrtRu2oFKby4g5gTZTsYmUem6EMQjBDzq3xxC6
Vworj0+lmERPZULp9tonkCSgT7j0+bCbWUQCwFpzhhpTXotBrLjlyLP5Fd3xTTcs
6vGh9V6HB1OqhUnS71JrC1MAWS0zcr011ZxPz2pqepzVWgjw071jZmzO/OdqaZTh
TYlnOmLXUy0zNfXvSiVp3f7x/UNCknamtkDV+b9e2GPu0REENlamuu/L+N9jwLlr
4I3NOpg1oa/fyPpP8YrbcJ8cp9cPEARuyr+e+JfBbEsi2uaH2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:58 2024 by rpki-client on console-ams.rpki-client.org