Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/GmKwsVWmErZFTk-C44KgzIbISI8.roa
File: GmKwsVWmErZFTk-C44KgzIbISI8.roa (raw, json)
Hash identifier: hpuRVUPobgOO55Qy5ZBkpneTD3HSEZnbNm2WpVMxG/8=
Subject key identifier: 1A:62:B0:B1:55:A6:12:B6:45:4E:4F:82:E3:82:A0:CC:86:C8:48:8F
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 01856F94BF1222E5D06B334B6612D64E1242
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/GmKwsVWmErZFTk-C44KgzIbISI8.roa
Signing time: Sun 01 Jan 2023 23:04:57 +0000
ROA not before: Sun 01 Jan 2023 23:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6878
IP address blocks: 80.158.31.0/24 maxlen: 24
80.158.32.0/19 maxlen: 24
80.158.72.0/21 maxlen: 24
80.158.80.0/20 maxlen: 24
80.158.96.0/19 maxlen: 24
80.158.0.0/23 maxlen: 23
80.158.0.0/21 maxlen: 24
80.158.16.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:bf:12:22:e5:d0:6b:33:4b:66:12:d6:4e:12:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Jan 1 23:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a62b0b155a612b6454e4f82e382a0cc86c8488f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:68:4a:2e:d8:fd:91:fa:a2:71:4c:36:c2:f2:
85:5c:b9:4b:0f:7c:59:a9:cf:2d:21:57:03:3d:51:
04:87:4d:0f:7c:54:cd:d2:3b:10:01:da:e5:2c:30:
54:ef:b9:9e:4a:38:46:c1:42:28:3c:b9:ad:18:b8:
54:d8:50:c1:1f:f7:82:75:01:7a:26:60:56:ee:6e:
e9:c4:b4:9c:6c:4b:cc:c9:63:d3:e1:e8:13:8a:d8:
1c:7f:73:3b:e3:4d:7e:28:ea:b9:e2:51:08:d0:e0:
6a:2b:9a:d0:dc:e6:34:ad:a7:3e:be:d8:f2:c1:d7:
08:72:0b:97:b8:66:41:d7:7c:51:e4:57:19:56:e6:
e3:8c:60:4a:e8:36:df:f8:6d:78:e2:a0:32:d1:a0:
ee:3f:69:b5:7f:2d:e9:b8:3b:9c:7e:fc:db:31:d3:
ab:37:71:11:68:f6:dd:bb:e8:46:85:54:6a:3d:a0:
aa:e2:04:98:b6:91:0f:3b:a1:32:af:9b:49:5d:32:
61:22:1f:45:1c:13:7a:bf:68:dc:35:9b:ea:1c:5e:
7b:21:4c:a2:8a:56:27:8e:27:b1:b3:c8:8e:25:20:
a8:6f:77:73:17:02:bc:21:d5:39:52:ba:b6:58:c9:
81:b3:e0:3e:36:35:36:ad:be:6b:c3:87:fa:f9:20:
e0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:62:B0:B1:55:A6:12:B6:45:4E:4F:82:E3:82:A0:CC:86:C8:48:8F
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/GmKwsVWmErZFTk-C44KgzIbISI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.158.0.0/21
80.158.16.0-80.158.63.255
80.158.72.0-80.158.127.255
Signature Algorithm: sha256WithRSAEncryption
84:12:09:e7:ea:dd:de:03:f1:41:c6:f6:00:06:74:51:0d:bf:
94:c9:38:b4:3a:13:e6:57:c1:72:56:fe:f8:ab:95:1b:9d:66:
66:7f:e8:4d:82:2f:f6:b8:e1:57:80:9a:0b:95:bc:53:cf:8f:
61:b9:63:28:fe:2e:9b:ca:30:d1:98:66:cd:04:c9:54:c9:02:
16:b2:f8:a1:98:4c:20:ec:66:15:2e:55:1b:65:71:63:3d:35:
ce:ca:46:7e:0f:0f:e8:cf:35:b1:aa:01:8d:a3:15:2b:de:40:
ec:b1:ad:cc:b8:20:0e:58:3c:0b:3f:fd:b3:0c:11:a3:42:25:
34:b0:db:65:e1:3a:ae:36:e1:29:94:7b:52:a7:29:5b:65:ae:
5a:04:5f:ea:39:c2:05:20:4f:fb:a9:d4:b0:42:51:29:66:0f:
07:04:79:a1:be:be:cc:f5:39:c1:54:61:ae:15:f2:da:67:60:
4f:e8:78:1b:4f:76:87:85:5d:10:70:27:6f:ac:3d:38:98:9b:
e2:6f:9f:2e:7b:8a:15:9b:66:ad:41:7d:56:7f:2c:d8:c4:bc:
49:8b:bd:d0:77:e6:f7:c4:96:21:27:ff:3c:ce:02:f2:42:17:
e8:0d:f4:5c:43:70:ca:c5:16:ee:e0:8d:83:1e:52:e6:a7:08:
bc:20:d1:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvlL8SIuXQazNLZhLWThJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjMwMTAxMjMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTYyYjBiMTU1YTYxMmI2NDU0ZTRmODJlMzgyYTBjYzg2Yzg0ODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymhKLtj9kfqicUw2wvKFXLlLD3xZ
qc8tIVcDPVEEh00PfFTN0jsQAdrlLDBU77meSjhGwUIoPLmtGLhU2FDBH/eCdQF6
JmBW7m7pxLScbEvMyWPT4egTitgcf3M7401+KOq54lEI0OBqK5rQ3OY0rac+vtjy
wdcIcguXuGZB13xR5FcZVubjjGBK6Dbf+G144qAy0aDuP2m1fy3puDucfvzbMdOr
N3ERaPbdu+hGhVRqPaCq4gSYtpEPO6Eyr5tJXTJhIh9FHBN6v2jcNZvqHF57IUyi
ilYnjiexs8iOJSCob3dzFwK8IdU5Urq2WMmBs+A+NjU2rb5rw4f6+SDgdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBpisLFVphK2RU5PguOCoMyGyEiPMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL0dtS3dzVldtRXJaRlRrLUM0NEtnekliSVNJOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgABMCIDBANQngAw
DAMEBFCeEAMEBlCeADAMAwQDUJ5IAwQHUJ4AMA0GCSqGSIb3DQEBCwUAA4IBAQCE
Egnn6t3eA/FBxvYABnRRDb+UyTi0OhPmV8FyVv74q5UbnWZmf+hNgi/2uOFXgJoL
lbxTz49huWMo/i6byjDRmGbNBMlUyQIWsvihmEwg7GYVLlUbZXFjPTXOykZ+Dw/o
zzWxqgGNoxUr3kDssa3MuCAOWDwLP/2zDBGjQiU0sNtl4TquNuEplHtSpylbZa5a
BF/qOcIFIE/7qdSwQlEpZg8HBHmhvr7M9TnBVGGuFfLaZ2BP6HgbT3aHhV0QcCdv
rD04mJvib58ue4oVm2atQX1WfyzYxLxJi73Qd+b3xJYhJ/88zgLyQhfoDfRcQ3DK
xRbu4I2DHlLmpwi8INEc
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:12 2024 by rpki-client on console-fra.rpki-client.org