Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c8043e-ea95-4851-a2fb-10cbc597a71a/1/GSmFRCBPM4FWvl9KvsBbGIBbKjU.roa
File: GSmFRCBPM4FWvl9KvsBbGIBbKjU.roa (raw, json)
Hash identifier: CDuP6MS7qFMOZ5mIappne5ZtgYzNMOZSecVG0ptwnkI=
Subject key identifier: 19:29:85:44:20:4F:33:81:56:BE:5F:4A:BE:C0:5B:18:80:5B:2A:35
Certificate issuer: /CN=36cb16e44cfbf07e97f6f5e44ae718aa50d05291
Certificate serial: 0185710C211F8FFF72B70062ACD750C791F4
Authority key identifier: 36:CB:16:E4:4C:FB:F0:7E:97:F6:F5:E4:4A:E7:18:AA:50:D0:52:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NssW5Ez78H6X9vXkSucYqlDQUpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c8043e-ea95-4851-a2fb-10cbc597a71a/1/GSmFRCBPM4FWvl9KvsBbGIBbKjU.roa
Signing time: Mon 02 Jan 2023 05:54:58 +0000
ROA not before: Mon 02 Jan 2023 05:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56334
IP address blocks: 185.136.22.0/24 maxlen: 24
185.136.21.0/24 maxlen: 24
185.136.20.0/24 maxlen: 24
2a06:f800::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:21:1f:8f:ff:72:b7:00:62:ac:d7:50:c7:91:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36cb16e44cfbf07e97f6f5e44ae718aa50d05291
Validity
Not Before: Jan 2 05:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19298544204f338156be5f4abec05b18805b2a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f5:0c:d0:1a:1b:c0:78:78:2a:86:39:09:95:
07:aa:a2:30:57:be:6d:54:d4:1c:5a:ad:3c:b5:6e:
b7:a8:08:ab:92:61:93:97:fb:08:e6:e3:19:8d:f1:
8f:34:da:db:70:4c:56:8f:b0:e2:e4:a8:6c:f2:98:
53:1e:69:e3:5a:d2:e8:f8:8a:b8:d8:c9:eb:f9:b5:
d5:0b:bc:26:24:23:00:b9:b8:86:32:08:d5:65:2a:
09:84:10:66:bd:f3:f1:75:13:f0:fb:de:2e:44:d9:
d0:38:23:6f:10:3a:45:ee:ac:78:e4:c2:f5:7a:22:
70:30:48:f1:ab:15:20:31:90:90:a4:cf:a2:e4:ca:
c2:66:b6:96:9b:25:df:bc:0d:82:e2:15:4c:24:71:
97:ba:80:2b:e8:3a:4f:0d:f9:8b:8c:79:13:c3:f7:
b2:b9:9b:08:08:35:c5:fd:0a:f2:83:6d:e1:ab:44:
a3:ca:90:b7:b8:23:db:56:40:41:d3:e6:ee:86:e5:
b7:c3:ec:96:f5:f2:bd:30:ea:c8:15:6a:59:f4:c6:
56:70:e3:54:d9:8e:1f:d1:44:c8:f1:87:d9:03:7d:
3c:cb:d0:17:82:e1:cf:15:c1:0f:cd:e6:af:0a:88:
29:4e:68:51:d3:6a:43:87:c9:80:2a:0f:c1:09:b2:
68:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:29:85:44:20:4F:33:81:56:BE:5F:4A:BE:C0:5B:18:80:5B:2A:35
X509v3 Authority Key Identifier:
keyid:36:CB:16:E4:4C:FB:F0:7E:97:F6:F5:E4:4A:E7:18:AA:50:D0:52:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NssW5Ez78H6X9vXkSucYqlDQUpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c8043e-ea95-4851-a2fb-10cbc597a71a/1/GSmFRCBPM4FWvl9KvsBbGIBbKjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c8043e-ea95-4851-a2fb-10cbc597a71a/1/NssW5Ez78H6X9vXkSucYqlDQUpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.20.0-185.136.22.255
IPv6:
2a06:f800::/29
Signature Algorithm: sha256WithRSAEncryption
11:22:e7:24:66:c1:05:5f:bb:83:50:b2:fa:5f:46:96:70:4f:
80:27:74:c9:f5:55:96:3b:90:dd:eb:24:26:83:89:e8:ef:7d:
c0:2c:f0:24:da:c2:df:8a:d7:c4:d2:c8:54:1f:2a:ba:ad:83:
a7:d3:53:88:23:a1:15:fb:a2:db:b0:ef:b0:15:33:d3:f0:5b:
44:87:dd:e2:c8:1a:f8:1a:0d:31:af:c2:d5:35:db:40:b7:77:
0d:c6:f3:0a:52:92:3e:58:f2:91:eb:a4:41:af:38:fd:e5:aa:
13:28:fc:26:74:a6:c4:da:43:7d:27:8d:7f:ee:4b:55:f9:a5:
b3:81:00:d6:79:5f:5a:e7:08:67:6d:bf:44:1c:8f:55:5f:5c:
2c:3d:b7:cd:3b:ef:d4:00:5a:7a:f3:1b:84:4f:10:9d:bd:7d:
48:a3:dc:08:bc:9d:23:c9:ac:81:8e:98:3e:48:36:05:22:8d:
39:50:1a:24:e2:08:e2:e6:04:02:16:ac:b9:81:5f:f1:63:90:
77:04:fe:c6:0f:ad:3f:48:8c:91:4a:88:cf:8e:1a:b4:96:2a:
f7:71:2b:47:3e:d2:8e:04:ee:2d:ea:66:96:cc:74:0d:40:96:
f5:7a:da:cf:6e:02:c7:96:d2:32:69:05:36:2e:66:9f:fe:d9:
1d:83:0b:0f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxDCEfj/9ytwBirNdQx5H0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Y2IxNmU0NGNmYmYwN2U5N2Y2ZjVlNDRhZTcxOGFhNTBk
MDUyOTEwHhcNMjMwMTAyMDU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTI5ODU0NDIwNGYzMzgxNTZiZTVmNGFiZWMwNWIxODgwNWIyYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/UM0BobwHh4KoY5CZUHqqIwV75t
VNQcWq08tW63qAirkmGTl/sI5uMZjfGPNNrbcExWj7Di5Khs8phTHmnjWtLo+Iq4
2Mnr+bXVC7wmJCMAubiGMgjVZSoJhBBmvfPxdRPw+94uRNnQOCNvEDpF7qx45ML1
eiJwMEjxqxUgMZCQpM+i5MrCZraWmyXfvA2C4hVMJHGXuoAr6DpPDfmLjHkTw/ey
uZsICDXF/Qryg23hq0SjypC3uCPbVkBB0+buhuW3w+yW9fK9MOrIFWpZ9MZWcONU
2Y4f0UTI8YfZA308y9AXguHPFcEPzeavCogpTmhR02pDh8mAKg/BCbJoPQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBkphUQgTzOBVr5fSr7AWxiAWyo1MB8GA1UdIwQY
MBaAFDbLFuRM+/B+l/b15ErnGKpQ0FKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNzVzVFejc4SDZYOXZYa1N1Y1lxbERRVXBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jODA0M2UtZWE5NS00ODUxLWEyZmIt
MTBjYmM1OTdhNzFhLzEvR1NtRlJDQlBNNEZXdmw5S3ZzQmJHSUJiS2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jODA0M2UtZWE5NS00ODUxLWEyZmItMTBjYmM1OTdhNzFh
LzEvTnNzVzVFejc4SDZYOXZYa1N1Y1lxbERRVXBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5iBQD
BAC5iBYwDQQCAAIwBwMFAyoG+AAwDQYJKoZIhvcNAQELBQADggEBABEi5yRmwQVf
u4NQsvpfRpZwT4AndMn1VZY7kN3rJCaDiejvfcAs8CTawt+K18TSyFQfKrqtg6fT
U4gjoRX7otuw77AVM9PwW0SH3eLIGvgaDTGvwtU120C3dw3G8wpSkj5Y8pHrpEGv
OP3lqhMo/CZ0psTaQ30njX/uS1X5pbOBANZ5X1rnCGdtv0Qcj1VfXCw9t80779QA
WnrzG4RPEJ29fUij3Ai8nSPJrIGOmD5INgUijTlQGiTiCOLmBAIWrLmBX/FjkHcE
/sYPrT9IjJFKiM+OGrSWKvdxK0c+0o4E7i3qZpbMdA1AlvV62s9uAseW0jJpBTYu
Zp/+2R2DCw8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:28 2024 by rpki-client on console-fra.rpki-client.org