Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/GSz2yppv_Mgv_0wCHfEJuLBzL0w.roa
File: GSz2yppv_Mgv_0wCHfEJuLBzL0w.roa (raw, json)
Hash identifier: q2IP6s8MqjHiEbuZSGExP1KjTj4L1NSUkYYUriJNLdw=
Subject key identifier: 19:2C:F6:CA:9A:6F:FC:C8:2F:FF:4C:02:1D:F1:09:B8:B0:73:2F:4C
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54A532B61132C95F2A7BB14243F781
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/GSz2yppv_Mgv_0wCHfEJuLBzL0w.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 153.96.78.0/24 maxlen: 24
153.96.82.0/24 maxlen: 24
153.96.218.0/24 maxlen: 24
153.96.22.0/24 maxlen: 24
153.96.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a5:32:b6:11:32:c9:5f:2a:7b:b1:42:43:f7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=192cf6ca9a6ffcc82fff4c021df109b8b0732f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2f:1c:35:dd:f2:00:5c:6a:d3:dd:e4:0b:60:
7b:34:22:54:3b:b5:8c:74:f9:a6:f4:af:3d:38:50:
6a:3e:0d:c9:1a:61:6a:a9:5a:4d:32:5a:53:c1:f1:
4f:a9:e7:e0:e3:c7:ab:fd:e2:94:82:60:b3:2f:88:
95:c7:e8:d4:ff:20:be:ed:ec:7b:34:bf:37:63:94:
9e:87:c7:ba:43:bc:f2:08:4a:3b:24:28:c7:e9:10:
65:3f:2c:4e:81:eb:dc:3c:64:df:6f:62:2c:5f:67:
16:51:7c:a5:bb:92:35:ef:23:3c:70:2f:30:08:64:
26:a6:73:1a:5b:fe:50:90:6d:4e:0a:60:3a:7b:60:
b5:d3:96:ba:4a:59:c2:e4:a6:fe:12:f9:e7:e7:b6:
a0:1f:6b:02:38:87:39:de:20:e8:df:a5:13:a2:92:
3d:56:93:71:11:0e:12:b7:bc:98:6c:89:94:7d:e6:
de:ee:20:43:f0:2d:59:cf:d0:f2:39:9a:32:82:70:
95:3e:2e:c7:33:ed:71:81:4b:ee:8d:62:36:fe:6c:
18:fc:c9:15:f1:45:d1:f9:e2:e4:b1:a9:d2:9e:22:
69:bf:7e:8f:2a:a3:19:b7:d8:10:b4:8d:f4:1e:73:
fd:65:65:09:5e:f7:93:6e:be:b9:dc:1f:f2:4a:63:
4e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2C:F6:CA:9A:6F:FC:C8:2F:FF:4C:02:1D:F1:09:B8:B0:73:2F:4C
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/GSz2yppv_Mgv_0wCHfEJuLBzL0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.22.0/24
153.96.51.0/24
153.96.78.0/24
153.96.82.0/24
153.96.218.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:8f:f6:85:b7:47:51:f9:f6:9a:07:7f:4e:c4:8b:d4:98:6a:
e9:11:a4:df:e3:95:af:51:b1:e0:38:83:8b:74:da:9a:a7:ef:
36:f9:3e:37:88:3b:43:0a:87:47:92:21:cb:36:5a:5a:7a:8b:
63:c0:ce:95:2e:e3:1a:95:42:49:c3:51:92:a7:b9:41:b8:41:
20:ad:54:d8:b0:18:ac:62:8f:85:51:76:04:00:e5:e3:45:30:
d2:15:68:88:e7:49:b4:39:f9:72:53:7b:e9:7c:e8:56:cd:fc:
df:d4:a5:c2:85:6f:24:20:53:60:8b:07:c3:48:be:a8:fa:ff:
77:db:2e:f0:b4:48:8d:97:8e:c8:00:87:5f:17:84:85:35:11:
93:36:29:b9:c8:60:ef:fd:1e:49:1a:90:13:3b:6f:c0:2f:44:
bc:9a:c7:b6:cd:f9:97:bf:30:fd:13:f7:30:72:0a:fb:f3:3e:
6b:24:1f:49:30:21:8c:cc:78:29:ac:69:74:fa:f6:d1:43:6f:
25:9f:cc:ed:59:ca:7c:02:43:66:d7:d0:3c:ef:70:b1:cc:af:
dd:75:e5:90:f3:d3:5c:e6:ed:54:4f:c7:bb:20:7d:2d:5a:0b:
7a:61:2e:85:65:f3:09:94:41:08:f2:b2:a9:e8:13:62:0c:50:
8f:3c:38:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvVKUythEyyV8qe7FCQ/eBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJjZjZjYTlhNmZmY2M4MmZmZjRjMDIxZGYxMDliOGIwNzMyZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC8cNd3yAFxq093kC2B7NCJUO7WM
dPmm9K89OFBqPg3JGmFqqVpNMlpTwfFPqefg48er/eKUgmCzL4iVx+jU/yC+7ex7
NL83Y5Seh8e6Q7zyCEo7JCjH6RBlPyxOgevcPGTfb2IsX2cWUXylu5I17yM8cC8w
CGQmpnMaW/5QkG1OCmA6e2C105a6SlnC5Kb+Evnn57agH2sCOIc53iDo36UTopI9
VpNxEQ4St7yYbImUfebe7iBD8C1Zz9DyOZoygnCVPi7HM+1xgUvujWI2/mwY/MkV
8UXR+eLksanSniJpv36PKqMZt9gQtI30HnP9ZWUJXveTbr653B/ySmNONQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBks9sqab/zIL/9MAh3xCbiwcy9MMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvR1N6MnlwcHZfTWd2XzB3Q0hmRUp1TEJ6TDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAmWAWAwQA
mWAzAwQAmWBOAwQAmWBSAwQAmWDaMA0GCSqGSIb3DQEBCwUAA4IBAQChj/aFt0dR
+faaB39OxIvUmGrpEaTf45WvUbHgOIOLdNqap+82+T43iDtDCodHkiHLNlpaeotj
wM6VLuMalUJJw1GSp7lBuEEgrVTYsBisYo+FUXYEAOXjRTDSFWiI50m0OflyU3vp
fOhWzfzf1KXChW8kIFNgiwfDSL6o+v932y7wtEiNl47IAIdfF4SFNRGTNim5yGDv
/R5JGpATO2/AL0S8mse2zfmXvzD9E/cwcgr78z5rJB9JMCGMzHgprGl0+vbRQ28l
n8ztWcp8AkNm19A873CxzK/ddeWQ89Nc5u1UT8e7IH0tWgt6YS6FZfMJlEEI8rKp
6BNiDFCPPDjl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:59 2024 by rpki-client on console-fra.rpki-client.org