Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/RGSrMG_ocGy4gN9vTsmybUnxYXc.roa
File: RGSrMG_ocGy4gN9vTsmybUnxYXc.roa (raw, json)
Hash identifier: PGa7jNJ/caxUHJ4tM5k3Pw1IASg5mgFHfjw6VP+/9eI=
Subject key identifier: 44:64:AB:30:6F:E8:70:6C:B8:80:DF:6F:4E:C9:B2:6D:49:F1:61:77
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 018CC7273D38FA96B6A1F9EF6B52DCB37431
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/RGSrMG_ocGy4gN9vTsmybUnxYXc.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12963
IP address blocks: 94.247.224.0/21 maxlen: 21
94.247.224.0/23 maxlen: 23
185.192.216.0/22 maxlen: 22
194.183.160.0/24 maxlen: 24
194.183.160.0/19 maxlen: 19
213.160.128.0/19 maxlen: 19
2a00:9880::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jul 2024 07:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3d:38:fa:96:b6:a1:f9:ef:6b:52:dc:b3:74:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4464ab306fe8706cb880df6f4ec9b26d49f16177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:44:8e:39:87:2f:3b:db:c8:99:c6:88:ec:2e:
51:c9:65:8a:33:27:4d:af:d4:f3:3d:9f:e2:c2:51:
a2:8a:d3:cc:4a:26:1b:98:9a:3f:44:1a:a2:c5:6a:
fe:3c:97:d3:7f:34:48:0d:4d:6f:a3:dd:ee:28:61:
32:fa:21:c3:31:59:f3:74:f7:47:57:0c:d4:9a:d5:
0a:03:4e:cd:34:6a:a3:42:23:90:b8:58:d9:bc:8a:
55:76:6b:a9:c6:51:19:60:42:8e:b0:a3:c3:8e:c7:
42:1b:a1:80:40:62:ca:44:5d:05:01:bd:b9:a9:d6:
37:5b:02:2d:38:da:10:29:9b:68:17:b7:45:f4:cb:
ea:4e:09:ae:0a:23:04:ce:f8:c6:f5:57:d8:4c:73:
ad:00:e2:d6:1b:78:70:95:d7:dd:fc:9e:f8:21:86:
14:c0:63:f7:6d:97:b7:79:23:3e:6d:b2:f7:f5:ba:
03:11:ad:da:f5:3e:8b:cf:05:e2:51:83:f9:c4:b5:
b6:a5:34:be:48:80:8e:01:83:c3:27:73:9f:ea:d2:
77:07:a9:e7:50:3c:40:52:3e:22:55:2b:b7:72:29:
c2:62:58:e6:d0:4e:2b:38:14:38:ce:df:6b:35:14:
a4:df:87:9e:b2:37:d7:a6:fa:d4:99:89:04:04:23:
5e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:64:AB:30:6F:E8:70:6C:B8:80:DF:6F:4E:C9:B2:6D:49:F1:61:77
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/RGSrMG_ocGy4gN9vTsmybUnxYXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.224.0/21
185.192.216.0/22
194.183.160.0/19
213.160.128.0/19
IPv6:
2a00:9880::/32
Signature Algorithm: sha256WithRSAEncryption
62:76:6b:c5:d9:ec:42:6c:88:d6:1a:36:12:54:26:9e:25:fc:
6f:44:b7:ef:86:92:af:36:cb:d1:9c:08:5d:a6:81:38:e8:c1:
5b:a7:d4:80:0e:64:d3:10:db:a5:b3:4f:52:1e:e8:73:34:a7:
df:ee:f0:f3:71:63:01:8a:9d:97:29:4f:86:61:58:9a:cd:af:
76:d4:1a:d6:73:0c:f1:9c:b1:3f:74:80:65:cf:4d:58:19:58:
fe:f2:e2:58:0f:f0:e8:0f:c0:89:26:32:5b:89:fc:f7:ec:ef:
21:4e:17:30:03:a4:0b:dc:45:ba:2a:9f:da:b9:b7:16:0c:fb:
18:50:0d:72:a1:05:78:d1:59:fe:32:c9:b6:b3:b9:4d:1a:b7:
53:f0:37:c6:24:57:0d:f8:10:56:36:fc:4e:f7:3b:ea:a7:c3:
3a:0a:8a:3e:0a:3b:ba:4b:77:78:d6:e0:65:9b:1e:ce:3b:31:
51:7f:9a:30:93:71:92:f2:0d:e5:e4:b3:a4:71:c6:54:fb:95:
cf:d6:fb:9f:e2:de:41:d7:e6:91:32:92:09:70:fb:44:46:89:
b3:a2:01:6e:da:cb:13:d3:05:61:2f:52:7a:98:13:da:1b:20:
25:73:bc:e2:15:87:c3:ea:3c:fd:30:cc:88:07:bc:9e:39:59:
48:72:65:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHJz04+pa2ofnva1Lcs3QxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDY0YWIzMDZmZTg3MDZjYjg4MGRmNmY0ZWM5YjI2ZDQ5ZjE2MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjESOOYcvO9vImcaI7C5RyWWKMydN
r9TzPZ/iwlGiitPMSiYbmJo/RBqixWr+PJfTfzRIDU1vo93uKGEy+iHDMVnzdPdH
VwzUmtUKA07NNGqjQiOQuFjZvIpVdmupxlEZYEKOsKPDjsdCG6GAQGLKRF0FAb25
qdY3WwItONoQKZtoF7dF9MvqTgmuCiMEzvjG9VfYTHOtAOLWG3hwldfd/J74IYYU
wGP3bZe3eSM+bbL39boDEa3a9T6LzwXiUYP5xLW2pTS+SICOAYPDJ3Of6tJ3B6nn
UDxAUj4iVSu3cinCYljm0E4rOBQ4zt9rNRSk34eesjfXpvrUmYkEBCNeoQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFERkqzBv6HBsuIDfb07Jsm1J8WF3MB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvUkdTck1HX29jR3k0Z045dlRzbXliVW54WVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXvfgAwQC
ucDYAwQFwregAwQF1aCAMA0EAgACMAcDBQAqAJiAMA0GCSqGSIb3DQEBCwUAA4IB
AQBidmvF2exCbIjWGjYSVCaeJfxvRLfvhpKvNsvRnAhdpoE46MFbp9SADmTTENul
s09SHuhzNKff7vDzcWMBip2XKU+GYViaza921BrWcwzxnLE/dIBlz01YGVj+8uJY
D/DoD8CJJjJbifz37O8hThcwA6QL3EW6Kp/aubcWDPsYUA1yoQV40Vn+Msm2s7lN
GrdT8DfGJFcN+BBWNvxO9zvqp8M6Coo+Cju6S3d41uBlmx7OOzFRf5owk3GS8g3l
5LOkccZU+5XP1vuf4t5B1+aRMpIJcPtERomzogFu2ssT0wVhL1J6mBPaGyAlc7zi
FYfD6jz9MMyIB7yeOVlIcmVM
-----END CERTIFICATE-----
Generated at Fri Jul 5 09:08:45 2024 by rpki-client on console-fra.rpki-client.org