Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/Gvcq5JsT70shw6hDHOT9NecNWUo.roa
File: Gvcq5JsT70shw6hDHOT9NecNWUo.roa (raw, json)
Hash identifier: G2KR73P/VQYWiGr+Ns/8vbbHYZCN5C9f0Me66UmTmaM=
Subject key identifier: 1A:F7:2A:E4:9B:13:EF:4B:21:C3:A8:43:1C:E4:FD:35:E7:0D:59:4A
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018C3E1BBF163D37C0BCC49746996EB3914B
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/Gvcq5JsT70shw6hDHOT9NecNWUo.roa
Signing time: Wed 06 Dec 2023 07:50:54 +0000
ROA not before: Wed 06 Dec 2023 07:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206271
IP address blocks: 195.93.226.0/24 maxlen: 24
2a0a:280::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 07 Dec 2023 09:17:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:1b:bf:16:3d:37:c0:bc:c4:97:46:99:6e:b3:91:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Dec 6 07:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af72ae49b13ef4b21c3a8431ce4fd35e70d594a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1c:80:c4:ec:91:4d:d8:cc:48:73:0d:66:d5:
bc:ab:58:a5:15:0f:98:df:f0:61:56:95:ae:c9:3a:
77:5b:36:d1:b3:8d:9b:92:f4:ad:a3:b5:93:2f:c8:
b8:ab:65:c8:50:43:39:fd:78:0d:2b:d1:2c:82:98:
21:97:e1:4b:54:a2:84:49:af:50:ff:e2:57:6c:46:
10:fd:7e:5c:b8:fc:d9:c5:88:d3:60:0e:44:ff:93:
91:85:b9:3c:60:7c:62:50:e3:ab:27:8d:21:66:57:
e2:5f:a0:d7:94:42:78:0d:94:43:46:79:fa:cd:52:
15:00:8d:63:ab:93:5b:67:7f:38:20:35:4a:8f:cc:
61:99:b1:f5:0e:02:cb:55:41:15:f3:ff:d5:34:70:
3d:51:f0:c5:1d:99:c9:18:12:70:19:20:7e:60:66:
7a:c8:4e:02:6d:60:90:8a:e0:6a:2f:aa:3e:9e:bd:
f4:64:41:0f:45:5a:ee:d0:ca:60:6d:a0:32:f0:18:
eb:0b:23:fd:f6:78:8f:8b:73:e2:0e:eb:ff:8e:8d:
c2:3d:c4:32:40:c9:67:bf:fc:67:63:34:ef:03:52:
46:36:87:87:4f:d8:91:98:f1:b6:f3:07:5d:b5:62:
51:21:79:64:4d:0e:4a:39:fe:ac:c7:b9:01:17:13:
f6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F7:2A:E4:9B:13:EF:4B:21:C3:A8:43:1C:E4:FD:35:E7:0D:59:4A
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/Gvcq5JsT70shw6hDHOT9NecNWUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.226.0/24
IPv6:
2a0a:280::/32
Signature Algorithm: sha256WithRSAEncryption
8e:15:b9:0b:9d:fe:f6:63:74:3e:15:a3:ab:f3:72:8a:0f:5b:
3e:a7:4a:97:f3:43:00:47:6e:f4:d1:b8:62:4e:47:d7:ec:9b:
28:04:c6:98:f0:9e:50:2b:02:83:9f:a4:87:b9:8e:37:5e:f6:
bb:b3:a7:5b:ae:7f:ff:f8:0a:b5:64:c9:ec:0e:ff:10:f7:4b:
7e:ea:97:02:08:30:ab:3f:fd:80:56:a7:43:ce:5a:b0:6b:c6:
da:bf:a6:57:af:5c:9c:82:0d:4f:c2:39:c0:05:94:2a:d4:fe:
0e:08:f1:b3:8d:99:03:ca:49:1b:1f:4d:c4:1f:cc:e6:db:c7:
52:74:71:7a:36:66:78:32:bd:91:83:e7:c9:ba:76:fb:99:01:
03:54:ad:00:ed:a2:b5:ae:c6:46:c0:99:c2:3d:8e:d1:7b:20:
ff:a5:71:e5:5c:43:57:37:2d:4d:66:1c:55:f1:b6:a9:39:e2:
be:89:68:d6:8f:8e:fd:42:87:95:09:e3:f7:c4:36:34:b9:6d:
3e:06:4f:30:48:07:0e:09:8b:79:6a:fd:83:0c:9a:93:54:a1:
8d:85:06:b2:6e:49:b0:eb:0c:59:c6:27:11:2e:f9:87:56:e2:
68:96:45:51:60:0c:f8:65:70:f7:4b:e3:c9:05:46:db:84:2e:
c6:c5:0a:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw+G78WPTfAvMSXRplus5FLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMxMjA2MDc1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY3MmFlNDliMTNlZjRiMjFjM2E4NDMxY2U0ZmQzNWU3MGQ1OTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhyAxOyRTdjMSHMNZtW8q1ilFQ+Y
3/BhVpWuyTp3WzbRs42bkvSto7WTL8i4q2XIUEM5/XgNK9Esgpghl+FLVKKESa9Q
/+JXbEYQ/X5cuPzZxYjTYA5E/5ORhbk8YHxiUOOrJ40hZlfiX6DXlEJ4DZRDRnn6
zVIVAI1jq5NbZ384IDVKj8xhmbH1DgLLVUEV8//VNHA9UfDFHZnJGBJwGSB+YGZ6
yE4CbWCQiuBqL6o+nr30ZEEPRVru0MpgbaAy8BjrCyP99niPi3PiDuv/jo3CPcQy
QMlnv/xnYzTvA1JGNoeHT9iRmPG28wddtWJRIXlkTQ5KOf6sx7kBFxP2awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBr3KuSbE+9LIcOoQxzk/TXnDVlKMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvR3ZjcTVKc1Q3MHNodzZoREhPVDlOZWNOV1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw13iMA0E
AgACMAcDBQAqCgKAMA0GCSqGSIb3DQEBCwUAA4IBAQCOFbkLnf72Y3Q+FaOr83KK
D1s+p0qX80MAR2700bhiTkfX7JsoBMaY8J5QKwKDn6SHuY43Xva7s6dbrn//+Aq1
ZMnsDv8Q90t+6pcCCDCrP/2AVqdDzlqwa8bav6ZXr1ycgg1PwjnABZQq1P4OCPGz
jZkDykkbH03EH8zm28dSdHF6NmZ4Mr2Rg+fJunb7mQEDVK0A7aK1rsZGwJnCPY7R
eyD/pXHlXENXNy1NZhxV8bapOeK+iWjWj479QoeVCeP3xDY0uW0+Bk8wSAcOCYt5
av2DDJqTVKGNhQaybkmw6wxZxicRLvmHVuJolkVRYAz4ZXD3S+PJBUbbhC7GxQo/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:22 2024 by rpki-client on console-fra.rpki-client.org