Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/G-ZjxXAccnmGiGow3KTw1HYzHw0.roa
File: G-ZjxXAccnmGiGow3KTw1HYzHw0.roa (raw, json)
Hash identifier: YnSCLusaGceEXaGrdYNdV3MrlyZuEZgvDWE3oKqFdGk=
Subject key identifier: 1B:E6:63:C5:70:1C:72:79:86:88:6A:30:DC:A4:F0:D4:76:33:1F:0D
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01856E141FFA55AAAE94238A52DB2A1280B9
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/G-ZjxXAccnmGiGow3KTw1HYzHw0.roa
Signing time: Sun 01 Jan 2023 16:04:50 +0000
ROA not before: Sun 01 Jan 2023 16:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29262
IP address blocks: 185.254.54.0/24 maxlen: 24
185.254.55.0/24 maxlen: 24
139.28.32.0/22 maxlen: 22
141.98.50.0/24 maxlen: 24
188.119.68.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 10 Jan 2023 10:25:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1f:fa:55:aa:ae:94:23:8a:52:db:2a:12:80:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 16:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1be663c5701c727986886a30dca4f0d476331f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f0:fb:48:ae:0e:51:4d:d5:2a:0c:3a:50:58:
a1:1a:35:a3:41:71:38:eb:5c:61:76:70:db:19:7c:
8b:f9:5e:df:03:8b:55:6e:20:d4:55:98:58:1d:81:
ee:c2:37:74:1f:6f:61:7d:ee:a6:bd:48:61:67:f1:
8d:c1:16:28:6a:e2:92:43:3e:2c:f3:c6:15:7f:0e:
60:0d:84:fc:0b:bc:4c:1a:f3:2a:f3:22:59:11:41:
66:c1:3a:f9:73:2c:6d:d4:11:2b:08:00:26:b1:11:
9f:89:e2:71:5c:a8:76:87:56:34:19:af:93:22:2e:
05:31:ea:6d:38:96:d8:9f:e1:eb:b4:e8:e2:2d:d1:
1a:9c:60:1e:71:01:44:17:10:73:03:e9:5a:38:84:
51:ac:bc:d3:fd:42:68:8d:76:3e:7f:fd:c6:98:9b:
94:e0:df:72:3f:e0:d4:ec:d1:b3:22:7f:ff:9c:d6:
f2:87:2e:55:2a:60:fb:c0:d0:50:f3:46:ae:cf:a1:
f7:a6:d1:11:8d:17:45:2c:d1:e8:a1:b0:0a:69:dd:
68:61:48:bb:a5:35:9f:13:dd:cc:1b:0b:a0:20:be:
aa:83:a5:be:13:4c:e7:80:fa:1a:95:4b:5b:cf:b3:
ed:ce:91:c4:53:c0:c2:0d:6a:0b:e6:bf:97:d6:a7:
dd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E6:63:C5:70:1C:72:79:86:88:6A:30:DC:A4:F0:D4:76:33:1F:0D
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/G-ZjxXAccnmGiGow3KTw1HYzHw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
139.28.32.0/22
141.98.50.0/24
185.254.54.0/23
188.119.68.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:ea:86:6c:5c:bc:75:e7:d9:df:8d:22:7d:1f:e2:0a:c7:d1:
d1:b4:ee:88:63:aa:dd:59:66:4f:ba:98:61:f7:02:d7:00:db:
07:ad:3a:9c:b3:a1:b4:7b:c5:a5:91:15:16:92:43:50:13:f5:
ff:ec:b3:4a:c3:40:b5:69:b8:10:7f:bc:4b:f5:f5:2e:a1:ea:
34:ac:3d:84:f0:ec:64:5e:6b:92:1d:8e:72:03:00:90:82:5d:
43:48:16:79:e3:2d:c7:e0:aa:18:5e:b0:b7:0d:03:72:b4:78:
dc:ff:2f:3c:78:76:ee:61:03:a0:db:b1:e0:24:57:e4:bf:7a:
57:93:3a:56:27:79:61:13:c4:ea:30:d1:d4:6f:13:8a:e7:df:
59:0b:29:1e:f1:ba:9d:1f:37:b2:f9:0e:25:2d:3f:f4:cf:e7:
f3:1e:9f:9b:81:79:6f:44:93:63:8c:e3:6b:4f:a2:23:a3:34:
a8:f3:f0:cb:20:ed:59:34:73:e6:a6:42:05:68:74:10:c5:e5:
f9:b1:3b:45:39:40:76:d5:62:bc:e9:15:f7:a1:e9:0d:c0:7b:
17:4b:5d:c6:6e:70:cd:81:64:b4:a3:bc:0f:a9:3b:7f:7c:61:
65:41:0a:02:ab:1c:7e:2b:da:59:46:65:14:95:66:c3:47:b5:
a5:1a:ad:c0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVuFB/6VaqulCOKUtsqEoC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTAxMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmU2NjNjNTcwMWM3Mjc5ODY4ODZhMzBkY2E0ZjBkNDc2MzMxZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPD7SK4OUU3VKgw6UFihGjWjQXE4
61xhdnDbGXyL+V7fA4tVbiDUVZhYHYHuwjd0H29hfe6mvUhhZ/GNwRYoauKSQz4s
88YVfw5gDYT8C7xMGvMq8yJZEUFmwTr5cyxt1BErCAAmsRGfieJxXKh2h1Y0Ga+T
Ii4FMeptOJbYn+HrtOjiLdEanGAecQFEFxBzA+laOIRRrLzT/UJojXY+f/3GmJuU
4N9yP+DU7NGzIn//nNbyhy5VKmD7wNBQ80auz6H3ptERjRdFLNHoobAKad1oYUi7
pTWfE93MGwugIL6qg6W+E0zngPoalUtbz7PtzpHEU8DCDWoL5r+X1qfdQwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBvmY8VwHHJ5hohqMNyk8NR2Mx8NMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvRy1aanhYQWNjbm1HaUdvdzNLVHcxSFl6SHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU6v0AwQC
ixwgAwQAjWIyAwQBuf42AwQCvHdEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQDF
6oZsXLx159nfjSJ9H+IKx9HRtO6IY6rdWWZPuphh9wLXANsHrTqcs6G0e8WlkRUW
kkNQE/X/7LNKw0C1abgQf7xL9fUuoeo0rD2E8OxkXmuSHY5yAwCQgl1DSBZ54y3H
4KoYXrC3DQNytHjc/y88eHbuYQOg27HgJFfkv3pXkzpWJ3lhE8TqMNHUbxOK599Z
Cyke8bqdHzey+Q4lLT/0z+fzHp+bgXlvRJNjjONrT6IjozSo8/DLIO1ZNHPmpkIF
aHQQxeX5sTtFOUB21WK86RX3oekNwHsXS13GbnDNgWS0o7wPqTt/fGFlQQoCqxx+
K9pZRmUUlWbDR7WlGq3A
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org