Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/GysCCdUmyZ-NhF9Y770zTZoe84k.roa
File: GysCCdUmyZ-NhF9Y770zTZoe84k.roa (raw, json)
Hash identifier: 6DYzT1AaxbeID3tOYD2DNcTAZ3uuT1OD/ENtPZZ1qoU=
Subject key identifier: 1B:2B:02:09:D5:26:C9:9F:8D:84:5F:58:EF:BD:33:4D:9A:1E:F3:89
Certificate issuer: /CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
Certificate serial: 01856C415023B8DA319F993B5B716ECF6C4D
Authority key identifier: 9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/GysCCdUmyZ-NhF9Y770zTZoe84k.roa
Signing time: Sun 01 Jan 2023 07:34:57 +0000
ROA not before: Sun 01 Jan 2023 07:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21413
IP address blocks: 93.159.96.0/19 maxlen: 24
31.187.67.0/24 maxlen: 24
31.187.77.0/24 maxlen: 24
85.190.176.0/21 maxlen: 24
31.187.79.0/24 maxlen: 24
212.99.192.0/19 maxlen: 24
185.90.128.0/22 maxlen: 24
83.221.224.0/19 maxlen: 24
89.187.200.0/21 maxlen: 24
94.100.64.0/20 maxlen: 24
176.126.88.0/22 maxlen: 22
185.175.209.0/24 maxlen: 24
77.235.160.0/19 maxlen: 24
193.98.112.0/21 maxlen: 21
46.227.216.0/21 maxlen: 24
87.121.192.0/20 maxlen: 24
37.247.64.0/19 maxlen: 24
87.121.224.0/20 maxlen: 24
80.243.32.0/19 maxlen: 24
2a00:1ca0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:50:23:b8:da:31:9f:99:3b:5b:71:6e:cf:6c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
Validity
Not Before: Jan 1 07:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b2b0209d526c99f8d845f58efbd334d9a1ef389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:31:e6:21:37:2c:db:2c:70:52:ed:86:6b:52:
2a:29:94:a0:8f:1f:13:47:35:68:24:0e:19:5a:69:
5d:c6:08:9e:f9:1f:be:02:78:17:e2:c0:ac:27:a8:
6e:34:93:02:f6:0f:5e:6b:d0:f2:40:fc:80:de:f2:
cb:a6:fd:1a:20:47:ed:e3:2e:6a:aa:1e:04:13:75:
2d:8c:f1:1d:17:ec:d5:b2:e2:27:57:ad:2a:73:2d:
18:18:a6:62:08:d9:b5:6e:46:e6:3e:15:85:72:8b:
ad:34:61:ef:36:07:84:65:68:08:40:e2:75:c5:ea:
ec:90:50:99:1a:c2:e9:20:44:13:03:0c:81:8a:7d:
89:e4:58:be:b6:29:99:4c:1e:d3:b3:54:5c:82:18:
59:55:4f:b0:1b:b1:66:db:e1:73:af:b6:6d:8c:e4:
c6:a2:cb:46:cb:e6:df:48:f1:8b:30:9d:a0:1f:44:
96:15:dc:91:83:a7:f3:f8:79:b3:fc:f5:17:46:32:
9e:1c:2a:83:02:af:da:5b:81:2d:7f:f9:7d:b4:0a:
1f:3c:f8:40:d9:9f:6d:a6:bd:bd:ba:e2:3e:fa:8e:
d3:aa:e8:b4:2e:dc:41:f0:74:f0:cc:19:a8:4c:cd:
36:70:66:0a:c3:8f:80:0e:e9:db:11:33:e9:9f:32:
7a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:2B:02:09:D5:26:C9:9F:8D:84:5F:58:EF:BD:33:4D:9A:1E:F3:89
X509v3 Authority Key Identifier:
keyid:9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/GysCCdUmyZ-NhF9Y770zTZoe84k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.67.0/24
31.187.77.0/24
31.187.79.0/24
37.247.64.0/19
46.227.216.0/21
77.235.160.0/19
80.243.32.0/19
83.221.224.0/19
85.190.176.0/21
87.121.192.0/20
87.121.224.0/20
89.187.200.0/21
93.159.96.0/19
94.100.64.0/20
176.126.88.0/22
185.90.128.0/22
185.175.209.0/24
193.98.112.0/21
212.99.192.0/19
IPv6:
2a00:1ca0::/32
Signature Algorithm: sha256WithRSAEncryption
92:26:12:e1:a0:ce:3e:28:b2:1b:d2:df:1e:73:63:50:b6:d5:
49:72:9d:f7:dd:05:4d:18:ab:8c:20:b0:37:1a:f4:0a:f3:31:
98:8c:ca:0f:90:71:7e:13:ef:68:5e:50:d1:9f:f3:09:85:28:
ad:86:45:25:ed:e3:0e:e4:54:0f:ef:09:0a:9c:6e:2e:4b:ee:
b9:aa:fa:6b:3c:43:75:25:fa:41:84:97:1c:bd:83:77:30:62:
a2:fc:16:dc:f4:70:26:e6:32:32:29:c4:88:11:db:6b:52:c5:
a9:1e:56:fd:f4:1f:7e:d1:b3:f6:40:c0:65:5b:9b:5e:f6:ec:
7b:2d:f9:08:27:17:1b:e6:ca:a4:4d:f1:f3:47:6e:44:c0:0b:
8c:64:1b:0f:9c:d7:ac:ec:54:48:1e:09:98:1d:a0:08:82:cb:
a5:68:f2:0b:0a:86:60:fa:6b:1a:a6:c5:1e:37:19:d9:3d:fb:
a5:fb:a9:90:ab:de:97:e0:4f:8f:94:2c:ae:e8:d8:2d:4b:23:
9a:1b:6d:3d:f9:d8:db:71:e2:8a:25:16:2b:8a:1f:cc:ef:1d:
2f:59:91:33:eb:c1:58:05:68:30:d2:63:97:79:44:a1:29:9e:
af:78:74:59:3b:f0:84:09:30:91:bf:e6:d9:6a:ff:0e:55:79:
f0:5b:63:94
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYVsQVAjuNoxn5k7W3Fuz2xNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmOTZhZTI3NzAyNjVhZjMyZTdkNGJlODZiYWIwN2EwN2My
ZDMzNTMwHhcNMjMwMTAxMDczNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjJiMDIwOWQ1MjZjOTlmOGQ4NDVmNThlZmJkMzM0ZDlhMWVmMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojHmITcs2yxwUu2Ga1IqKZSgjx8T
RzVoJA4ZWmldxgie+R++AngX4sCsJ6huNJMC9g9ea9DyQPyA3vLLpv0aIEft4y5q
qh4EE3UtjPEdF+zVsuInV60qcy0YGKZiCNm1bkbmPhWFcoutNGHvNgeEZWgIQOJ1
xerskFCZGsLpIEQTAwyBin2J5Fi+timZTB7Ts1RcghhZVU+wG7Fm2+Fzr7ZtjOTG
ostGy+bfSPGLMJ2gH0SWFdyRg6fz+Hmz/PUXRjKeHCqDAq/aW4Etf/l9tAofPPhA
2Z9tpr29uuI++o7Tqui0LtxB8HTwzBmoTM02cGYKw4+ADunbETPpnzJ6QQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFBsrAgnVJsmfjYRfWO+9M02aHvOJMB8GA1UdIwQY
MBaAFJ+WridwJlrzLn1L6GurB6B8LTNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUt
ZTY0Yzg4NWY2MmNlLzEvR3lzQ0NkVW15Wi1OaEY5WTc3MHpUWm9lODRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUtZTY0Yzg4NWY2MmNl
LzEvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQAH7tD
AwQAH7tNAwQAH7tPAwQFJfdAAwQDLuPYAwQFTeugAwQFUPMgAwQFU93gAwQDVb6w
AwQEV3nAAwQEV3ngAwQDWbvIAwQFXZ9gAwQEXmRAAwQCsH5YAwQCuVqAAwQAua/R
AwQDwWJwAwQF1GPAMA0EAgACMAcDBQAqABygMA0GCSqGSIb3DQEBCwUAA4IBAQCS
JhLhoM4+KLIb0t8ec2NQttVJcp333QVNGKuMILA3GvQK8zGYjMoPkHF+E+9oXlDR
n/MJhSithkUl7eMO5FQP7wkKnG4uS+65qvprPEN1JfpBhJccvYN3MGKi/Bbc9HAm
5jIyKcSIEdtrUsWpHlb99B9+0bP2QMBlW5te9ux7LfkIJxcb5sqkTfHzR25EwAuM
ZBsPnNes7FRIHgmYHaAIgsulaPILCoZg+msapsUeNxnZPful+6mQq96X4E+PlCyu
6NgtSyOaG209+djbceKKJRYrih/M7x0vWZEz68FYBWgw0mOXeUShKZ6veHRZO/CE
CTCRv+bZav8OVXnwW2OU
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:03 2024 by rpki-client on console-ams.rpki-client.org