Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/gylsWW3pG24NQ0xZN3ICQ6dDVOI.roa
File: gylsWW3pG24NQ0xZN3ICQ6dDVOI.roa (raw, json)
Hash identifier: xSxDhbhXcsD3H2rHPfxbZdoOOrvmmtrIHFIxzpr5Irg=
Subject key identifier: 83:29:6C:59:6D:E9:1B:6E:0D:43:4C:59:37:72:02:43:A7:43:54:E2
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 01856C53AF91753F38A66E5179B3F2AFB177
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/gylsWW3pG24NQ0xZN3ICQ6dDVOI.roa
Signing time: Sun 01 Jan 2023 07:55:01 +0000
ROA not before: Sun 01 Jan 2023 07:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28748
IP address blocks: 195.190.142.0/24 maxlen: 24
37.26.200.0/21 maxlen: 21
185.23.156.0/22 maxlen: 22
192.105.75.0/24 maxlen: 24
193.22.2.0/24 maxlen: 24
134.97.0.0/16 maxlen: 17
2001:650::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:af:91:75:3f:38:a6:6e:51:79:b3:f2:af:b1:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 1 07:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83296c596de91b6e0d434c5937720243a74354e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e6:0d:be:2e:2d:6c:ed:69:2c:38:4b:8c:5f:
94:78:f4:71:a9:c7:78:32:49:1e:63:c4:62:53:29:
aa:9b:cc:78:cf:be:4f:01:45:21:09:6f:9c:0d:8b:
0f:47:f5:1f:65:ea:3b:2a:62:78:be:18:a9:18:50:
11:78:bf:59:9c:37:3a:64:4c:8e:d1:a2:ae:bd:bd:
37:a5:43:62:12:7e:eb:66:25:1b:52:e5:c2:23:aa:
68:d5:2e:6b:60:22:b0:5a:df:ec:3a:df:c7:11:23:
03:69:da:cf:fa:2d:53:04:e5:5e:34:21:f9:bc:15:
95:f0:f2:5b:36:a0:38:1a:af:f1:4f:3d:2e:52:81:
a6:b4:f9:95:53:40:42:ae:35:d2:e2:6e:25:19:36:
e0:52:03:3e:cb:50:0d:eb:5a:65:3f:f2:56:7d:f5:
ed:0a:f8:7c:c1:39:d8:e8:b7:85:17:89:59:d0:3f:
5a:7c:fa:7a:21:3a:06:68:10:66:b4:28:67:61:29:
e3:f4:a3:16:ae:84:04:1e:da:37:d6:20:89:05:02:
dc:88:78:d4:2d:da:0e:dc:3b:58:30:71:03:bb:0a:
1f:d1:01:21:b2:46:91:3b:31:43:8f:8e:fb:4b:43:
33:c1:2d:8b:3e:4a:8c:e9:46:e0:96:8f:b4:8a:c2:
aa:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:29:6C:59:6D:E9:1B:6E:0D:43:4C:59:37:72:02:43:A7:43:54:E2
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/gylsWW3pG24NQ0xZN3ICQ6dDVOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.200.0/21
134.97.0.0/16
185.23.156.0/22
192.105.75.0/24
193.22.2.0/24
195.190.142.0/24
IPv6:
2001:650::/29
Signature Algorithm: sha256WithRSAEncryption
67:68:89:9b:d8:45:c7:49:4b:34:93:13:f8:39:f4:00:1d:06:
dc:c7:91:5c:82:c2:e4:17:4a:e3:e1:8b:1c:6c:4f:c0:bb:91:
c0:94:6d:6b:94:d1:f1:39:cc:86:e0:06:5e:4c:1b:c3:f8:15:
5e:da:84:e7:03:11:d5:58:a0:83:9f:c5:97:f6:ec:29:41:fd:
1f:73:7f:0d:90:05:a9:38:20:22:5c:05:9f:95:26:b4:5d:03:
c4:3e:41:7f:57:b3:e6:b4:87:26:3c:ea:70:92:57:81:a5:1f:
23:d7:1f:28:ed:87:a9:27:3c:da:8e:ea:1f:bd:bb:67:16:d8:
d2:0b:45:d3:d0:6e:dc:90:4a:be:c6:e9:2a:7c:cf:41:a0:69:
96:13:69:8f:cb:71:94:bc:5c:ee:82:bd:06:01:f7:bd:2c:36:
ce:05:d5:d3:1f:0d:a7:90:e8:f3:c5:af:f5:3f:11:8b:57:f7:
5d:23:24:b9:e9:76:36:84:a1:ec:f9:83:f7:34:bb:26:43:4a:
47:f5:15:99:3e:2d:89:4a:0e:1b:dd:99:01:d9:db:c7:aa:f5:
56:8d:6d:a6:36:b1:61:81:c7:77:45:83:23:fa:c6:f3:98:d4:
4e:1f:4b:5b:82:af:3c:95:93:b0:45:e3:42:db:06:ee:22:a8:
47:9f:fb:53
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVsU6+RdT84pm5RebPyr7F3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjMwMTAxMDc1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI5NmM1OTZkZTkxYjZlMGQ0MzRjNTkzNzcyMDI0M2E3NDM1NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOYNvi4tbO1pLDhLjF+UePRxqcd4
MkkeY8RiUymqm8x4z75PAUUhCW+cDYsPR/UfZeo7KmJ4vhipGFAReL9ZnDc6ZEyO
0aKuvb03pUNiEn7rZiUbUuXCI6po1S5rYCKwWt/sOt/HESMDadrP+i1TBOVeNCH5
vBWV8PJbNqA4Gq/xTz0uUoGmtPmVU0BCrjXS4m4lGTbgUgM+y1AN61plP/JWffXt
Cvh8wTnY6LeFF4lZ0D9afPp6IToGaBBmtChnYSnj9KMWroQEHto31iCJBQLciHjU
LdoO3DtYMHEDuwof0QEhskaROzFDj477S0MzwS2LPkqM6Ubglo+0isKqawIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIMpbFlt6RtuDUNMWTdyAkOnQ1TiMB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEvZ3lsc1dXM3BHMjROUTB4Wk4zSUNRNmREVk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDJRrIAwMA
hmEDBAK5F5wDBADAaUsDBADBFgIDBADDvo4wDQQCAAIwBwMFAyABBlAwDQYJKoZI
hvcNAQELBQADggEBAGdoiZvYRcdJSzSTE/g59AAdBtzHkVyCwuQXSuPhixxsT8C7
kcCUbWuU0fE5zIbgBl5MG8P4FV7ahOcDEdVYoIOfxZf27ClB/R9zfw2QBak4ICJc
BZ+VJrRdA8Q+QX9Xs+a0hyY86nCSV4GlHyPXHyjth6knPNqO6h+9u2cW2NILRdPQ
btyQSr7G6Sp8z0GgaZYTaY/LcZS8XO6CvQYB970sNs4F1dMfDaeQ6PPFr/U/EYtX
910jJLnpdjaEoez5g/c0uyZDSkf1FZk+LYlKDhvdmQHZ28eq9VaNbaY2sWGBx3dF
gyP6xvOY1E4fS1uCrzyVk7BF40LbBu4iqEef+1M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org