Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/GwazWaeh-DacJc4bIzTDTDpw3yY.roa
File: GwazWaeh-DacJc4bIzTDTDpw3yY.roa (raw, json)
Hash identifier: 5bjEqQr3Btr2oCk3tEtZrCK3Uo/Hkh0dziEmNQEtbWw=
Subject key identifier: 1B:06:B3:59:A7:A1:F8:36:9C:25:CE:1B:23:34:C3:4C:3A:70:DF:26
Certificate issuer: /CN=a3ceb405987a3aa8bbe599d8ef4663c9242a34b8
Certificate serial: 01856E2F9C8CB97BEA63DCA12116DAA2BF98
Authority key identifier: A3:CE:B4:05:98:7A:3A:A8:BB:E5:99:D8:EF:46:63:C9:24:2A:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o860BZh6Oqi75ZnY70ZjySQqNLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/GwazWaeh-DacJc4bIzTDTDpw3yY.roa
Signing time: Sun 01 Jan 2023 16:34:52 +0000
ROA not before: Sun 01 Jan 2023 16:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43566
IP address blocks: 178.23.24.0/22 maxlen: 24
178.23.24.0/21 maxlen: 24
178.23.24.0/24 maxlen: 24
178.23.26.0/23 maxlen: 24
178.23.28.0/22 maxlen: 24
178.23.25.0/24 maxlen: 24
78.110.224.0/20 maxlen: 24
78.110.224.0/21 maxlen: 24
78.110.232.0/21 maxlen: 24
2a11:7f80::/32 maxlen: 36
2a11:7f80:8000::/33 maxlen: 36
2a11:7f80::/33 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:9c:8c:b9:7b:ea:63:dc:a1:21:16:da:a2:bf:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3ceb405987a3aa8bbe599d8ef4663c9242a34b8
Validity
Not Before: Jan 1 16:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b06b359a7a1f8369c25ce1b2334c34c3a70df26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:41:52:6f:87:0a:00:78:91:f2:9d:28:3a:05:
79:78:a2:76:98:90:2f:d8:4f:ca:be:45:74:37:b8:
63:86:54:76:c9:f7:ec:9c:13:a7:31:44:e3:4e:b3:
8b:70:1b:01:ae:de:5b:bc:a1:8a:47:d4:43:83:ea:
eb:f7:28:91:03:3c:74:b8:13:cc:fa:52:17:2e:e9:
18:f5:dc:b2:3b:87:9a:4f:e1:88:71:83:b4:18:6c:
0e:74:db:f5:a3:80:2f:d2:69:bd:c8:15:ae:78:18:
d6:88:6f:57:1f:55:ff:96:44:c6:52:dc:e4:d3:c4:
26:2d:59:a8:55:ac:85:67:94:f1:22:0a:34:f6:1d:
b2:c3:0d:81:4a:15:11:09:5a:57:80:45:74:48:39:
d7:0f:81:5b:d1:10:8a:df:77:20:8c:2b:6e:6f:a1:
c1:c4:33:93:37:3e:7f:f1:89:d2:80:a2:fa:35:9e:
5f:8a:59:8a:f6:14:58:5b:4b:e7:f2:d6:be:7c:3b:
c2:36:8c:b0:f7:01:07:5c:ff:63:93:b2:fb:18:fc:
d8:3b:e2:d8:11:bc:de:42:18:bd:e2:be:b3:f1:a6:
81:6c:43:bc:60:9d:d8:26:3b:49:b2:90:f6:2d:24:
25:09:52:ae:74:28:22:45:a6:b9:af:d8:87:2d:57:
40:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:06:B3:59:A7:A1:F8:36:9C:25:CE:1B:23:34:C3:4C:3A:70:DF:26
X509v3 Authority Key Identifier:
keyid:A3:CE:B4:05:98:7A:3A:A8:BB:E5:99:D8:EF:46:63:C9:24:2A:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o860BZh6Oqi75ZnY70ZjySQqNLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/GwazWaeh-DacJc4bIzTDTDpw3yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/o860BZh6Oqi75ZnY70ZjySQqNLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.224.0/20
178.23.24.0/21
IPv6:
2a11:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
17:76:d2:4f:25:97:24:a3:e0:d0:b2:f6:23:1b:8a:55:7c:59:
90:9e:51:5f:a0:6a:5c:39:3d:7b:53:68:9a:22:42:35:5b:1e:
c0:e8:ed:61:ee:3b:4e:f7:3d:d2:c7:24:e3:90:2c:cb:3a:05:
08:f7:d2:e5:fd:41:ae:4c:69:d3:34:0a:f0:44:4a:79:d8:f4:
86:ff:a6:b7:0e:03:95:62:77:ea:ed:5e:b8:20:15:27:01:2b:
12:d5:ea:a5:ed:29:cc:6f:0f:e3:2e:72:aa:be:39:96:7d:5e:
d2:ab:15:dd:7e:66:60:ad:c1:11:8c:40:9d:8b:83:a9:c5:aa:
b6:ec:54:83:8f:0a:42:32:05:ec:26:e5:c1:b7:65:f4:cd:de:
a5:66:32:22:36:ca:e4:eb:02:72:61:62:a4:7b:85:99:7e:41:
62:c5:11:4e:24:98:f5:cc:9a:90:0f:5e:dd:02:de:b3:06:a1:
d4:a3:6d:9a:3b:a2:0c:ec:f4:67:6c:43:0a:5d:35:90:09:79:
cc:61:59:a0:2a:c0:c7:d4:a0:de:51:fa:75:95:9b:da:08:20:
31:65:63:a6:e2:79:49:7d:b7:5c:e9:db:11:e5:1a:8a:85:84:
0e:2e:b3:fc:f5:bd:cc:eb:a4:af:bb:44:d7:12:69:27:f2:e5:
2c:41:13:27
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuL5yMuXvqY9yhIRbaor+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzY2ViNDA1OTg3YTNhYThiYmU1OTlkOGVmNDY2M2M5MjQy
YTM0YjgwHhcNMjMwMTAxMTYzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjA2YjM1OWE3YTFmODM2OWMyNWNlMWIyMzM0YzM0YzNhNzBkZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEFSb4cKAHiR8p0oOgV5eKJ2mJAv
2E/KvkV0N7hjhlR2yffsnBOnMUTjTrOLcBsBrt5bvKGKR9RDg+rr9yiRAzx0uBPM
+lIXLukY9dyyO4eaT+GIcYO0GGwOdNv1o4Av0mm9yBWueBjWiG9XH1X/lkTGUtzk
08QmLVmoVayFZ5TxIgo09h2yww2BShURCVpXgEV0SDnXD4Fb0RCK33cgjCtub6HB
xDOTNz5/8YnSgKL6NZ5filmK9hRYW0vn8ta+fDvCNoyw9wEHXP9jk7L7GPzYO+LY
EbzeQhi94r6z8aaBbEO8YJ3YJjtJspD2LSQlCVKudCgiRaa5r9iHLVdARQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBsGs1mnofg2nCXOGyM0w0w6cN8mMB8GA1UdIwQY
MBaAFKPOtAWYejqou+WZ2O9GY8kkKjS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzg2MEJaaDZPcWk3NVpuWTcwWmp5U1FxTkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9hNjgzMWUtZjNhZS00NTVmLWEzOTUt
NWRiODUxZDZmMDg2LzEvR3dheldhZWgtRGFjSmM0Ykl6VERURHB3M3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9hNjgzMWUtZjNhZS00NTVmLWEzOTUtNWRiODUxZDZmMDg2
LzEvbzg2MEJaaDZPcWk3NVpuWTcwWmp5U1FxTkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETm7gAwQD
shcYMA0EAgACMAcDBQAqEX+AMA0GCSqGSIb3DQEBCwUAA4IBAQAXdtJPJZcko+DQ
svYjG4pVfFmQnlFfoGpcOT17U2iaIkI1Wx7A6O1h7jtO9z3SxyTjkCzLOgUI99Ll
/UGuTGnTNArwREp52PSG/6a3DgOVYnfq7V64IBUnASsS1eql7SnMbw/jLnKqvjmW
fV7SqxXdfmZgrcERjECdi4Opxaq27FSDjwpCMgXsJuXBt2X0zd6lZjIiNsrk6wJy
YWKke4WZfkFixRFOJJj1zJqQD17dAt6zBqHUo22aO6IM7PRnbEMKXTWQCXnMYVmg
KsDH1KDeUfp1lZvaCCAxZWOm4nlJfbdc6dsR5RqKhYQOLrP89b3M66Svu0TXEmkn
8uUsQRMn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:46 2024 by rpki-client on console-ams.rpki-client.org