Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/GXDr8pI1A_wuRQ8ZINO05Ie0GwM.roa
File: GXDr8pI1A_wuRQ8ZINO05Ie0GwM.roa (raw, json)
Hash identifier: Go2B2YztC9Cv26HrtHNL5hB24M7PuKh68IeZMycj358=
Subject key identifier: 19:70:EB:F2:92:35:03:FC:2E:45:0F:19:20:D3:B4:E4:87:B4:1B:03
Certificate issuer: /CN=25475f5ad9eccff69c35a630dcff2c5a663fd7cf
Certificate serial: 01856C0A5A54D4DD988ACA018A24DB79D209
Authority key identifier: 25:47:5F:5A:D9:EC:CF:F6:9C:35:A6:30:DC:FF:2C:5A:66:3F:D7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JUdfWtnsz_acNaYw3P8sWmY_188.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/GXDr8pI1A_wuRQ8ZINO05Ie0GwM.roa
Signing time: Sun 01 Jan 2023 06:34:55 +0000
ROA not before: Sun 01 Jan 2023 06:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31042
IP address blocks: 185.20.37.0/24 maxlen: 24
185.20.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:5a:54:d4:dd:98:8a:ca:01:8a:24:db:79:d2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25475f5ad9eccff69c35a630dcff2c5a663fd7cf
Validity
Not Before: Jan 1 06:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1970ebf2923503fc2e450f1920d3b4e487b41b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:27:29:a5:5e:a9:d3:cf:00:78:69:2b:eb:45:
1b:5c:41:aa:c9:cc:c7:45:23:28:16:88:79:35:27:
b8:ae:c3:b7:d2:1a:11:43:d4:07:05:23:8c:89:77:
70:ff:60:1e:0d:45:c4:d5:b6:fb:72:85:f8:5b:40:
1e:ef:b6:ca:47:18:c9:c5:47:64:cd:6d:a0:ca:7f:
44:e0:ad:84:05:58:c4:be:96:f7:2e:db:b4:c3:b2:
50:70:34:29:55:44:71:99:74:5a:14:64:00:87:91:
64:9f:af:8d:79:20:f2:85:f8:57:5a:08:0d:5d:bd:
93:75:a6:6c:58:a5:3a:99:25:2c:3a:b5:61:46:0c:
dd:15:f4:3f:c3:95:37:bd:33:e3:85:7c:ab:49:c0:
b6:a7:22:bf:0b:ff:ad:da:d0:1e:79:2c:31:61:c0:
5b:32:fe:16:c5:5d:eb:44:ac:db:7a:50:ce:51:a7:
6e:c5:aa:5f:26:26:8f:5c:4b:be:d1:51:e5:71:81:
1d:50:e9:4f:6c:7b:7b:b4:a3:f8:61:8f:28:14:fb:
a5:8b:ec:78:db:c6:e8:ae:18:e3:e9:cc:5e:bb:7a:
ce:a3:fd:92:71:6f:cf:0e:11:26:39:82:bc:07:30:
35:02:3b:96:a0:28:bf:57:5a:57:00:2f:7c:32:6a:
70:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:70:EB:F2:92:35:03:FC:2E:45:0F:19:20:D3:B4:E4:87:B4:1B:03
X509v3 Authority Key Identifier:
keyid:25:47:5F:5A:D9:EC:CF:F6:9C:35:A6:30:DC:FF:2C:5A:66:3F:D7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUdfWtnsz_acNaYw3P8sWmY_188.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/GXDr8pI1A_wuRQ8ZINO05Ie0GwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/JUdfWtnsz_acNaYw3P8sWmY_188.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.36.0/22
Signature Algorithm: sha256WithRSAEncryption
88:f0:1d:1e:c8:31:75:01:de:fc:88:0c:80:3f:16:d9:62:d7:
68:07:71:fc:44:92:b0:9f:66:1e:02:9a:2a:97:04:17:cc:3f:
d4:7f:f0:67:a7:a5:29:87:2b:97:87:7d:97:ec:67:34:4d:2f:
3a:4c:cd:3f:36:94:fd:81:ee:d9:d2:09:16:5e:32:b4:d4:e1:
9a:97:dd:ec:5c:8f:49:9b:45:5f:a7:54:9b:eb:2a:81:02:fb:
b2:d9:1f:39:fd:a7:d2:03:82:3b:0e:30:b9:ae:c1:be:f8:e5:
da:de:7c:3e:d9:2f:c7:3a:43:f8:31:8d:f7:b8:0f:98:d6:d7:
69:27:b3:22:56:78:b4:f9:6b:af:a8:ef:6b:5a:3b:79:86:76:
a5:8c:82:60:d9:4b:52:42:af:30:19:97:ba:50:9c:e7:a9:94:
42:aa:2e:ad:6b:ea:ca:b2:61:d5:28:a8:3a:66:4d:db:87:fb:
72:7a:c2:9f:6c:1a:67:1b:12:b1:80:9a:bc:7c:43:56:80:c2:
bd:39:95:ee:7a:41:4c:11:4f:cf:c9:b8:4a:e5:ab:c3:c0:3c:
bd:cc:f1:7a:63:22:7e:eb:7a:53:f2:16:00:9d:bf:20:25:55:
26:6f:b6:91:9d:95:53:70:f8:36:13:0e:13:fe:22:e3:10:a2:
06:77:55:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsClpU1N2YisoBiiTbedIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NDc1ZjVhZDllY2NmZjY5YzM1YTYzMGRjZmYyYzVhNjYz
ZmQ3Y2YwHhcNMjMwMTAxMDYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTcwZWJmMjkyMzUwM2ZjMmU0NTBmMTkyMGQzYjRlNDg3YjQxYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCcppV6p088AeGkr60UbXEGqyczH
RSMoFoh5NSe4rsO30hoRQ9QHBSOMiXdw/2AeDUXE1bb7coX4W0Ae77bKRxjJxUdk
zW2gyn9E4K2EBVjEvpb3Ltu0w7JQcDQpVURxmXRaFGQAh5Fkn6+NeSDyhfhXWggN
Xb2TdaZsWKU6mSUsOrVhRgzdFfQ/w5U3vTPjhXyrScC2pyK/C/+t2tAeeSwxYcBb
Mv4WxV3rRKzbelDOUaduxapfJiaPXEu+0VHlcYEdUOlPbHt7tKP4YY8oFPuli+x4
28borhjj6cxeu3rOo/2ScW/PDhEmOYK8BzA1AjuWoCi/V1pXAC98MmpwHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBlw6/KSNQP8LkUPGSDTtOSHtBsDMB8GA1UdIwQY
MBaAFCVHX1rZ7M/2nDWmMNz/LFpmP9fPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlVkZld0bnN6X2FjTmFZdzNQOHNXbVlfMTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iZmVjMDgtOGNiZS00YzQ1LThkYjEt
NGQ0NmM2YTcwMTBhLzEvR1hEcjhwSTFBX3d1UlE4WklOTzA1SWUwR3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iZmVjMDgtOGNiZS00YzQ1LThkYjEtNGQ0NmM2YTcwMTBh
LzEvSlVkZld0bnN6X2FjTmFZdzNQOHNXbVlfMTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRQkMA0G
CSqGSIb3DQEBCwUAA4IBAQCI8B0eyDF1Ad78iAyAPxbZYtdoB3H8RJKwn2YeApoq
lwQXzD/Uf/Bnp6UphyuXh32X7Gc0TS86TM0/NpT9ge7Z0gkWXjK01OGal93sXI9J
m0Vfp1Sb6yqBAvuy2R85/afSA4I7DjC5rsG++OXa3nw+2S/HOkP4MY33uA+Y1tdp
J7MiVni0+WuvqO9rWjt5hnaljIJg2UtSQq8wGZe6UJznqZRCqi6ta+rKsmHVKKg6
Zk3bh/tyesKfbBpnGxKxgJq8fENWgMK9OZXuekFMEU/PybhK5avDwDy9zPF6YyJ+
63pT8hYAnb8gJVUmb7aRnZVTcPg2Ew4T/iLjEKIGd1WH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:52 2024 by rpki-client on console-fra.rpki-client.org