Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/gd_BpItTzIlvKXB-MPwjLkklS4k.roa
File: gd_BpItTzIlvKXB-MPwjLkklS4k.roa (raw, json)
Hash identifier: 6lPmLdqy6q1VoNEqXuhxCKsBWfUmZ5Vrd61GSeST2P0=
Subject key identifier: 81:DF:C1:A4:8B:53:CC:89:6F:29:70:7E:30:FC:23:2E:49:25:4B:89
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 018875F99A2E25B0C16A3AA2E63370E8C4FE
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/gd_BpItTzIlvKXB-MPwjLkklS4k.roa
Signing time: Thu 01 Jun 2023 08:01:12 +0000
ROA not before: Thu 01 Jun 2023 08:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200532
IP address blocks: 89.33.41.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
2a06:942::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Jul 2023 12:15:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:75:f9:9a:2e:25:b0:c1:6a:3a:a2:e6:33:70:e8:c4:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jun 1 08:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81dfc1a48b53cc896f29707e30fc232e49254b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2b:f0:34:16:70:f2:76:d4:04:17:e7:fb:e6:
2a:49:35:20:07:b1:ca:8f:56:2d:73:ff:2f:e6:d7:
b7:85:0e:ca:7b:f1:4a:f4:b9:49:af:08:f5:15:6c:
23:51:35:ee:78:80:56:85:77:70:b0:4e:8a:0d:15:
75:32:11:54:e1:8f:37:21:b9:1d:22:bf:a1:0d:cc:
2a:8f:12:f0:21:23:c9:30:a7:fc:5a:86:43:42:92:
89:54:61:e1:25:4b:0c:9f:fe:f1:83:31:7c:35:1f:
89:2e:cb:d2:29:eb:60:34:66:ae:5c:24:19:c6:8a:
ee:9d:56:11:c0:d3:2d:e9:08:f0:47:e6:83:e5:28:
18:71:99:33:0b:27:a6:42:29:3a:37:b0:da:60:22:
34:45:7b:10:b1:41:99:4a:64:92:57:32:66:d9:61:
d6:68:33:cb:54:b9:4c:0a:b0:9a:09:74:67:b7:96:
11:2f:a0:65:8f:47:53:6e:02:21:36:b1:4d:72:b3:
cc:bf:1c:ef:45:3c:de:61:bf:e5:3c:55:40:24:50:
7c:28:e2:af:52:20:6d:4b:d1:d4:23:53:c9:8e:e4:
bf:eb:ab:f4:cf:90:ab:a5:94:83:1f:a5:7e:41:e0:
b5:01:61:65:6a:f2:18:4d:bd:55:bf:7b:30:3f:db:
07:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DF:C1:A4:8B:53:CC:89:6F:29:70:7E:30:FC:23:2E:49:25:4B:89
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/gd_BpItTzIlvKXB-MPwjLkklS4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.41.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/56
2a06:942::/48
Signature Algorithm: sha256WithRSAEncryption
58:8d:30:ed:62:82:77:58:9b:6a:dd:20:fb:f7:e3:5e:2d:fc:
d8:1d:3e:32:c0:43:89:cf:62:83:c9:21:64:35:75:ad:73:ab:
95:3b:69:9f:d9:27:17:23:e4:da:b4:e2:46:64:d4:5c:45:b3:
bd:58:f3:9a:ae:18:df:a1:35:9b:55:2f:82:97:31:71:1b:4c:
e3:28:53:bc:25:10:62:89:03:da:33:6e:5e:08:03:df:03:df:
88:49:67:34:93:91:8c:1c:b3:0e:a4:54:67:b9:91:23:e7:0c:
bf:17:ba:0d:02:95:df:69:b9:39:ad:c5:67:1f:1e:0e:21:d3:
4b:57:af:46:35:00:1d:6b:98:2a:97:d9:f2:51:bb:e0:28:33:
f8:1c:a5:9d:66:7f:a2:39:d9:1a:29:f8:76:23:0e:98:59:4d:
28:d8:0b:65:c6:95:5c:e5:31:06:97:7c:fa:28:8d:03:0c:08:
02:14:ba:76:83:91:a8:10:a8:df:c4:ba:3e:61:aa:d4:00:cb:
a4:f7:64:89:7a:fc:20:d2:7e:9b:e2:d2:63:87:84:c2:e9:c0:
17:12:34:2b:17:b0:00:f4:27:3a:27:4d:d6:70:a4:4b:26:ef:
ae:bd:5e:ff:b3:b3:ca:46:9d:58:8e:8a:6f:76:c7:ee:8b:1a:
67:07:02:92
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYh1+ZouJbDBajqi5jNw6MT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwNjAxMDgwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWRmYzFhNDhiNTNjYzg5NmYyOTcwN2UzMGZjMjMyZTQ5MjU0Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsivwNBZw8nbUBBfn++YqSTUgB7HK
j1Ytc/8v5te3hQ7Ke/FK9LlJrwj1FWwjUTXueIBWhXdwsE6KDRV1MhFU4Y83Ibkd
Ir+hDcwqjxLwISPJMKf8WoZDQpKJVGHhJUsMn/7xgzF8NR+JLsvSKetgNGauXCQZ
xorunVYRwNMt6QjwR+aD5SgYcZkzCyemQik6N7DaYCI0RXsQsUGZSmSSVzJm2WHW
aDPLVLlMCrCaCXRnt5YRL6Blj0dTbgIhNrFNcrPMvxzvRTzeYb/lPFVAJFB8KOKv
UiBtS9HUI1PJjuS/66v0z5CrpZSDH6V+QeC1AWFlavIYTb1Vv3swP9sHowIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFIHfwaSLU8yJbylwfjD8Iy5JJUuJMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvZ2RfQnBJdFR6SWx2S1hCLU1Qd2pMa2tsUzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBCBAIAATA8AwQAWSEpAwQC
uWIEAwQCuWRAAwQCuW9oAwQCuXGEAwQCuXTAAwQCuXlQAwQCuX1YAwQCuYEwAwQB
vPHYMBkEAgACMBMDCAAqBglAAAAAAwcAKgYJQgAAMA0GCSqGSIb3DQEBCwUAA4IB
AQBYjTDtYoJ3WJtq3SD79+NeLfzYHT4ywEOJz2KDySFkNXWtc6uVO2mf2ScXI+Ta
tOJGZNRcRbO9WPOarhjfoTWbVS+ClzFxG0zjKFO8JRBiiQPaM25eCAPfA9+ISWc0
k5GMHLMOpFRnuZEj5wy/F7oNApXfabk5rcVnHx4OIdNLV69GNQAda5gql9nyUbvg
KDP4HKWdZn+iOdkaKfh2Iw6YWU0o2AtlxpVc5TEGl3z6KI0DDAgCFLp2g5GoEKjf
xLo+YarUAMuk92SJevwg0n6b4tJjh4TC6cAXEjQrF7AA9Cc6J03WcKRLJu+uvV7/
s7PKRp1YjopvdsfuixpnBwKS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org