Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/GtnLJ8ZXPKbvXkhOz2jOjeOk4tE.roa
File: GtnLJ8ZXPKbvXkhOz2jOjeOk4tE.roa (raw, json)
Hash identifier: 58FWaAsK9A1Bh0jMCprcUYTZE78kW+W11bTQXIWsCqg=
Subject key identifier: 1A:D9:CB:27:C6:57:3C:A6:EF:5E:48:4E:CF:68:CE:8D:E3:A4:E2:D1
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018D5975A92D7C4929B974A2CA31AFE231FD
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/GtnLJ8ZXPKbvXkhOz2jOjeOk4tE.roa
Signing time: Tue 30 Jan 2024 08:21:39 +0000
ROA not before: Tue 30 Jan 2024 08:21:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.127.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.37.136.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Mar 2024 19:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:75:a9:2d:7c:49:29:b9:74:a2:ca:31:af:e2:31:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 30 08:21:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ad9cb27c6573ca6ef5e484ecf68ce8de3a4e2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:15:03:5d:06:d5:28:7d:16:9d:28:5e:c3:7b:
5c:9a:7d:01:f9:65:25:5f:a3:71:38:1b:11:16:ee:
05:56:1f:3c:37:b6:8e:d7:f9:44:e9:d1:bd:3e:35:
b7:a1:23:49:56:79:14:a9:6b:92:85:63:c2:85:63:
24:0d:7f:19:d7:12:2e:7e:39:5f:0f:5f:85:c4:4b:
64:d9:db:2c:61:4b:c4:5e:46:e0:c6:e7:be:80:8d:
ab:2d:7b:ad:3d:aa:96:78:cf:29:96:16:cc:a4:87:
1d:e0:18:3c:07:dc:4e:f9:51:80:f3:23:fa:61:ca:
29:bb:c9:1d:81:e3:af:ba:61:b1:5d:f0:c8:3c:9b:
5e:b6:59:b5:8f:a5:bd:bc:2f:11:cd:f5:db:71:b1:
54:4d:e0:91:fc:c1:75:e5:48:d6:17:e7:88:59:d3:
64:d7:c3:71:c9:15:a7:5f:85:5b:e7:6f:4d:75:d3:
bb:a1:50:93:af:5d:d0:58:aa:3c:db:8b:76:17:bb:
65:c2:95:26:27:1e:b4:fd:cc:be:7b:2f:f1:95:7f:
f2:a1:bc:6e:a1:51:ad:69:4c:bf:50:69:55:aa:5c:
e5:0f:15:09:eb:64:a8:81:c5:aa:e9:9c:b1:5c:ef:
1b:93:76:61:9f:56:8e:40:a5:a1:2e:b5:7c:c2:96:
c6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D9:CB:27:C6:57:3C:A6:EF:5E:48:4E:CF:68:CE:8D:E3:A4:E2:D1
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/GtnLJ8ZXPKbvXkhOz2jOjeOk4tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.127.0/24
86.106.80.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.45.0-89.43.46.255
89.43.73.0/24
89.44.209.0/24
89.45.34.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
95:c4:b9:59:1a:14:b9:c8:95:58:50:98:50:b1:17:33:7a:db:
f2:55:3b:96:53:78:56:99:96:64:4b:0f:ef:e2:cd:37:67:14:
67:16:01:7f:86:3c:5f:29:40:9a:02:23:e4:1c:46:72:49:df:
3d:3c:12:d8:59:30:1a:8c:4c:cc:72:04:4a:a0:ff:38:b0:34:
c1:a4:50:bf:48:73:56:c6:7e:8a:88:82:29:31:88:a2:ec:f7:
90:c5:ca:e1:30:8d:40:8c:ec:e1:5b:f5:7f:03:30:c2:20:9c:
0f:a4:50:ca:8e:ed:bd:39:fa:87:b3:a0:d8:28:a4:8a:5f:01:
32:6b:f6:87:06:84:28:81:eb:18:a4:2e:d2:b5:9b:80:bb:07:
ce:3b:cd:44:69:c2:04:ce:af:ef:52:c6:d2:16:10:de:2e:51:
a5:14:b5:36:61:78:cb:87:fa:43:c8:ca:3e:d2:00:18:63:70:
2d:ee:7a:34:9a:24:01:02:1f:df:43:46:35:f4:65:90:6e:80:
aa:b4:fa:80:39:4d:12:32:1d:df:9c:c4:4b:27:a3:9d:30:7f:
4c:f8:68:d4:9e:a9:41:27:ac:41:1d:f3:3d:96:4c:e4:86:61:
b2:c2:9c:ac:11:4b:e8:04:04:c2:d9:8c:59:0a:a2:70:bf:54:
de:df:cc:ba
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY1ZdaktfEkpuXSiyjGv4jH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTMwMDgyMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQ5Y2IyN2M2NTczY2E2ZWY1ZTQ4NGVjZjY4Y2U4ZGUzYTRlMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hUDXQbVKH0WnShew3tcmn0B+WUl
X6NxOBsRFu4FVh88N7aO1/lE6dG9PjW3oSNJVnkUqWuShWPChWMkDX8Z1xIufjlf
D1+FxEtk2dssYUvEXkbgxue+gI2rLXutPaqWeM8plhbMpIcd4Bg8B9xO+VGA8yP6
Ycopu8kdgeOvumGxXfDIPJtetlm1j6W9vC8RzfXbcbFUTeCR/MF15UjWF+eIWdNk
18NxyRWnX4Vb529NddO7oVCTr13QWKo824t2F7tlwpUmJx60/cy+ey/xlX/yobxu
oVGtaUy/UGlVqlzlDxUJ62SogcWq6ZyxXO8bk3Zhn1aOQKWhLrV8wpbGUQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBrZyyfGVzym715ITs9ozo3jpOLRMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvR3RuTEo4WlhQS2J2WGtoT3oyak9qZU9rNHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBgAQCAAEwegMEAFXM
fwMEAFZqUAMEAFZqaAMEAFkhowMEA1kiCAMEAFkliAMEAFkn/DAMAwQAWSstAwQA
WSsuAwQAWStJAwQAWSzRAwQAWS0iAwQAXXGeAwQAXXI3AwQAXXJjAwQAXXKrAwQA
XXK7AwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBAJXEuVkaFLnIlVhQmFCxFzN62/JVO5ZTeFaZlmRLD+/izTdnFGcW
AX+GPF8pQJoCI+QcRnJJ3z08EthZMBqMTMxyBEqg/ziwNMGkUL9Ic1bGfoqIgikx
iKLs95DFyuEwjUCM7OFb9X8DMMIgnA+kUMqO7b05+oezoNgopIpfATJr9ocGhCiB
6xikLtK1m4C7B847zURpwgTOr+9SxtIWEN4uUaUUtTZheMuH+kPIyj7SABhjcC3u
ejSaJAECH99DRjX0ZZBugKq0+oA5TRIyHd+cxEsno50wf0z4aNSeqUEnrEEd8z2W
TOSGYbLCnKwRS+gEBMLZjFkKonC/VN7fzLo=
-----END CERTIFICATE-----
Generated at Fri Mar 22 23:52:04 2024 by rpki-client on console-ams.rpki-client.org