Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/gvR0YDxmIjC6jT_1x7F413p09bs.roa
File: gvR0YDxmIjC6jT_1x7F413p09bs.roa (raw, json)
Hash identifier: agvG5zFxWDAwjPJpBoL9Rj4TPsSkNDqEZXYnXbpfHWQ=
Subject key identifier: 82:F4:74:60:3C:66:22:30:BA:8D:3F:F5:C7:B1:78:D7:7A:74:F5:BB
Certificate issuer: /CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Certificate serial: 0185718311B2982E84053CA6806B6DC75060
Authority key identifier: 6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/gvR0YDxmIjC6jT_1x7F413p09bs.roa
Signing time: Mon 02 Jan 2023 08:04:53 +0000
ROA not before: Mon 02 Jan 2023 08:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198541
IP address blocks: 91.233.28.0/22 maxlen: 24
176.110.160.0/19 maxlen: 24
81.162.0.0/20 maxlen: 24
188.0.192.0/19 maxlen: 24
91.219.72.0/22 maxlen: 24
81.162.16.0/21 maxlen: 24
176.110.192.0/20 maxlen: 24
91.236.60.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:11:b2:98:2e:84:05:3c:a6:80:6b:6d:c7:50:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Validity
Not Before: Jan 2 08:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82f474603c662230ba8d3ff5c7b178d77a74f5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d8:fb:e7:00:8e:bb:cb:53:0f:0b:2b:2e:41:
4e:1b:6c:44:e9:77:6a:16:78:6e:c7:4b:d5:97:83:
7b:b7:8c:65:84:80:34:63:b8:8a:c3:58:2b:1e:e2:
9d:0d:96:72:00:29:13:1e:a3:50:e6:90:2f:a0:1c:
37:4b:9c:51:bb:92:d6:b8:0e:74:6f:21:02:79:32:
ef:58:95:ff:0a:93:5a:dc:52:6d:4f:69:ad:ac:af:
e3:57:de:df:08:d7:3f:4d:7d:0e:a2:07:16:82:fe:
74:0a:0d:c8:5b:4e:89:26:42:a1:9a:3c:6e:df:be:
0e:8d:1b:83:d6:47:45:6d:bf:03:e9:28:5d:ed:b4:
ba:d0:2b:17:93:7d:5c:e2:6a:e5:2b:37:f1:96:16:
00:09:e8:86:f0:fd:10:f8:ec:de:4f:6e:37:b1:6d:
17:ed:b8:ed:72:66:97:5c:b1:c4:e1:b9:06:70:33:
a3:b1:7e:bc:a8:d1:6a:0c:cf:b0:81:52:5e:9b:bc:
7c:44:66:58:14:09:97:a6:3d:89:ad:43:f9:ca:1e:
d6:e2:9c:05:6f:ea:96:12:7a:48:e5:b2:87:ef:43:
f6:63:c9:9a:c2:44:01:3f:aa:42:21:b9:ef:4b:f3:
07:83:84:e0:ae:ee:2e:22:d5:dd:53:73:08:b1:6d:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F4:74:60:3C:66:22:30:BA:8D:3F:F5:C7:B1:78:D7:7A:74:F5:BB
X509v3 Authority Key Identifier:
keyid:6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/gvR0YDxmIjC6jT_1x7F413p09bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/b1xXEvu82DJBnUxYhK47w8Shbns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.162.0.0-81.162.23.255
91.219.72.0/22
91.233.28.0/22
91.236.60.0/22
176.110.160.0-176.110.207.255
188.0.192.0/19
Signature Algorithm: sha256WithRSAEncryption
5a:eb:f6:9f:54:48:d9:92:62:26:2b:ac:ba:d9:b4:1b:ce:1e:
7d:1e:d6:6d:f1:12:1d:06:72:c1:78:e3:2b:b8:9e:92:54:0d:
b1:86:aa:32:f7:7c:83:a0:ca:d8:86:5a:c5:44:9a:f9:81:7a:
94:57:2c:5a:26:cf:e4:9b:b7:18:a0:fa:0b:9e:b9:bd:f0:0d:
7e:2a:96:3d:42:ba:c9:f1:3e:ba:07:02:04:26:78:37:1d:a3:
71:61:d1:35:0c:7a:82:36:77:0c:c2:fc:ef:62:1d:80:12:da:
d1:99:2b:96:97:84:76:f0:85:e7:32:3c:7e:5c:20:5f:6f:7e:
45:8e:66:db:bd:98:4b:42:14:c2:02:c4:5c:52:42:18:8a:37:
bb:22:85:cb:8c:61:33:4e:89:10:44:e4:78:32:b0:d2:64:cd:
cc:ef:c9:c1:c8:fb:1b:07:c2:06:d3:cd:eb:5b:1e:fd:63:5e:
30:24:40:7d:af:1d:f9:ec:a6:ff:52:9a:83:5c:6f:a4:6b:42:
6a:85:17:66:3d:04:e9:91:d1:d8:9e:6e:b8:e1:bc:18:57:d1:
0b:34:da:de:c7:2a:32:5f:06:45:ea:c3:6e:ae:64:41:f0:ed:
d9:8c:65:eb:c0:81:a3:ea:f1:5f:89:8c:71:1b:c3:e2:80:dc:
cd:f3:f7:46
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVxgxGymC6EBTymgGttx1BgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWM1NzEyZmJiY2Q4MzI0MTlkNGM1ODg0YWUzYmMzYzRh
MTZlN2IwHhcNMjMwMTAyMDgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmY0NzQ2MDNjNjYyMjMwYmE4ZDNmZjVjN2IxNzhkNzdhNzRmNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitj75wCOu8tTDwsrLkFOG2xE6Xdq
Fnhux0vVl4N7t4xlhIA0Y7iKw1grHuKdDZZyACkTHqNQ5pAvoBw3S5xRu5LWuA50
byECeTLvWJX/CpNa3FJtT2mtrK/jV97fCNc/TX0OogcWgv50Cg3IW06JJkKhmjxu
374OjRuD1kdFbb8D6Shd7bS60CsXk31c4mrlKzfxlhYACeiG8P0Q+OzeT243sW0X
7bjtcmaXXLHE4bkGcDOjsX68qNFqDM+wgVJem7x8RGZYFAmXpj2JrUP5yh7W4pwF
b+qWEnpI5bKH70P2Y8mawkQBP6pCIbnvS/MHg4Tgru4uItXdU3MIsW1rfwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIL0dGA8ZiIwuo0/9cexeNd6dPW7MB8GA1UdIwQY
MBaAFG9cVxL7vNgyQZ1MWISuO8PEoW57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEt
NzU1MDUyOWQ4NDdhLzEvZ3ZSMFlEeG1JakM2alRfMXg3RjQxM3AwOWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEtNzU1MDUyOWQ4NDdh
LzEvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAATAzMAsDAwFRogME
A1GiEAMEAlvbSAMEAlvpHAMEAlvsPDAMAwQFsG6gAwQEsG7AAwQFvADAMA0GCSqG
SIb3DQEBCwUAA4IBAQBa6/afVEjZkmImK6y62bQbzh59HtZt8RIdBnLBeOMruJ6S
VA2xhqoy93yDoMrYhlrFRJr5gXqUVyxaJs/km7cYoPoLnrm98A1+KpY9QrrJ8T66
BwIEJng3HaNxYdE1DHqCNncMwvzvYh2AEtrRmSuWl4R28IXnMjx+XCBfb35Fjmbb
vZhLQhTCAsRcUkIYije7IoXLjGEzTokQROR4MrDSZM3M78nByPsbB8IG083rWx79
Y14wJEB9rx357Kb/UpqDXG+ka0JqhRdmPQTpkdHYnm644bwYV9ELNNrexyoyXwZF
6sNurmRB8O3ZjGXrwIGj6vFfiYxxG8PigNzN8/dG
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:13 2024 by rpki-client on console-ams.rpki-client.org