Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa
File: GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa (raw, json)
Hash identifier: /heeITvMMLixov9UBcFghfsnXAfPa45GZkQX1hHNq7M=
Subject key identifier: 19:A1:19:D3:B6:56:A4:B3:84:8A:47:3B:43:E4:C8:6C:61:CE:3C:55
Certificate issuer: /CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Certificate serial: 0186A1C07387A3B0E39D97B48B793723D4F4
Authority key identifier: 8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa
Signing time: Thu 02 Mar 2023 09:56:29 +0000
ROA not before: Thu 02 Mar 2023 09:56:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203924
IP address blocks: 185.113.144.0/22 maxlen: 22
185.146.36.0/22 maxlen: 22
185.216.120.0/22 maxlen: 22
85.117.252.0/23 maxlen: 23
85.117.252.0/22 maxlen: 22
85.117.254.0/23 maxlen: 23
193.105.0.0/24 maxlen: 24
2a06:6a40::/29 maxlen: 29
2a0b:b640::/29 maxlen: 29
2a07:4d00::/30 maxlen: 30
2a07:4d00::/29 maxlen: 29
2a07:4d04::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:c0:73:87:a3:b0:e3:9d:97:b4:8b:79:37:23:d4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Validity
Not Before: Mar 2 09:56:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19a119d3b656a4b3848a473b43e4c86c61ce3c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b1:3c:f0:50:9c:dd:c5:c2:2f:a1:f7:91:dc:
44:a8:96:ba:d0:3e:26:ce:27:55:25:ce:5f:0a:a2:
e1:17:6a:7a:76:47:d5:6a:d2:e9:c8:20:9b:e8:b7:
b7:7a:68:21:0e:62:17:9f:41:16:7b:dc:61:62:ac:
e3:81:40:dd:f0:d7:6d:bf:c2:65:c9:f2:6a:82:53:
3d:27:b6:5b:cf:28:27:ec:10:ad:7b:76:bc:81:23:
3c:55:f8:41:d9:54:5c:19:eb:3b:df:1e:c3:cc:25:
5d:8f:48:ca:a9:f8:d9:a1:9a:ea:b8:4b:d1:4d:80:
1f:ce:ae:96:53:65:a9:30:45:07:4b:1a:4f:83:e8:
c6:49:0a:c1:f1:dd:ad:fc:29:f3:54:f1:02:ae:b4:
8e:97:f0:99:b1:48:0e:4f:cb:4e:ec:f8:a3:c8:58:
77:b8:0b:bb:da:25:7e:0b:88:39:c8:91:75:d8:b2:
88:f7:04:43:fe:53:24:f4:a2:6a:37:ad:54:d8:6f:
20:8f:c9:2c:c8:9e:1e:9f:a1:ad:02:dc:4f:e8:25:
78:c8:1b:b5:d1:50:7b:cd:45:84:00:e0:b9:63:91:
56:b5:40:d0:d3:70:09:d4:a2:9a:53:fc:a9:3a:5c:
d6:a6:d0:2d:1a:96:85:86:22:53:7a:99:09:60:fd:
6c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A1:19:D3:B6:56:A4:B3:84:8A:47:3B:43:E4:C8:6C:61:CE:3C:55
X509v3 Authority Key Identifier:
keyid:8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/GaEZ07ZWpLOEikc7Q-TIbGHOPFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/j5D2t16RPyeC7VSetyFyxZzEevE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.252.0/22
185.113.144.0/22
185.146.36.0/22
185.216.120.0/22
193.105.0.0/24
IPv6:
2a06:6a40::/29
2a07:4d00::/29
2a0b:b640::/29
Signature Algorithm: sha256WithRSAEncryption
06:5c:7e:6f:fa:37:5f:da:07:d7:3b:ef:80:7f:27:2e:1c:45:
1e:13:84:36:17:01:eb:20:70:4c:44:d2:75:31:b2:51:a1:d7:
64:78:b4:9d:66:b4:bf:4f:81:07:17:b0:68:3a:9f:83:40:da:
43:4c:70:55:5f:9c:b5:cf:f0:fb:45:58:61:2c:b8:bb:57:b1:
9e:2b:66:ad:c6:be:fe:cc:2e:6c:e9:71:9b:1f:5e:2d:b3:1b:
e7:98:d9:cc:6f:60:0b:ad:6f:b1:27:e6:c6:4b:f9:b3:1a:26:
81:e8:8e:b3:05:e3:e8:da:03:fa:34:4a:93:ad:21:bc:b9:d6:
bc:e4:0f:e1:87:44:a9:3f:e5:75:e2:5b:33:1e:10:03:ac:4a:
9c:2c:91:94:2e:ec:85:6d:19:26:f4:85:b8:d5:09:ca:20:fa:
60:b0:c9:54:0d:13:d6:9b:c0:01:be:21:9f:84:27:5e:22:5f:
04:13:ac:69:7b:5b:e9:3b:c5:e3:b0:dd:9b:0e:69:ee:36:e2:
b2:99:47:66:ad:59:8c:6e:34:59:a9:7a:a3:43:58:ea:e8:d2:
e0:80:f8:29:49:ce:6f:15:bd:62:61:10:c2:63:6b:99:96:de:
bd:26:0d:c6:20:09:6a:c9:f2:b6:ab:ce:88:2c:c4:d8:df:1f:
db:08:ce:c6
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYahwHOHo7DjnZe0i3k3I9T0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOTBmNmI3NWU5MTNmMjc4MmVkNTQ5ZWI3MjE3MmM1OWNj
NDdhZjEwHhcNMjMwMzAyMDk1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWExMTlkM2I2NTZhNGIzODQ4YTQ3M2I0M2U0Yzg2YzYxY2UzYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorE88FCc3cXCL6H3kdxEqJa60D4m
zidVJc5fCqLhF2p6dkfVatLpyCCb6Le3emghDmIXn0EWe9xhYqzjgUDd8Ndtv8Jl
yfJqglM9J7Zbzygn7BCte3a8gSM8VfhB2VRcGes73x7DzCVdj0jKqfjZoZrquEvR
TYAfzq6WU2WpMEUHSxpPg+jGSQrB8d2t/CnzVPECrrSOl/CZsUgOT8tO7PijyFh3
uAu72iV+C4g5yJF12LKI9wRD/lMk9KJqN61U2G8gj8ksyJ4en6GtAtxP6CV4yBu1
0VB7zUWEAOC5Y5FWtUDQ03AJ1KKaU/ypOlzWptAtGpaFhiJTepkJYP1s5wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBmhGdO2VqSzhIpHO0PkyGxhzjxVMB8GA1UdIwQY
MBaAFI+Q9rdekT8ngu1UnrchcsWcxHrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQt
YzFkMGFjYjc4MTlhLzEvR2FFWjA3WldwTE9FaWtjN1EtVEliR0hPUEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQtYzFkMGFjYjc4MTlh
LzEvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCVXX8AwQC
uXGQAwQCuZIkAwQCudh4AwQAwWkAMBsEAgACMBUDBQMqBmpAAwUDKgdNAAMFAyoL
tkAwDQYJKoZIhvcNAQELBQADggEBAAZcfm/6N1/aB9c774B/Jy4cRR4ThDYXAesg
cExE0nUxslGh12R4tJ1mtL9PgQcXsGg6n4NA2kNMcFVfnLXP8PtFWGEsuLtXsZ4r
Zq3Gvv7MLmzpcZsfXi2zG+eY2cxvYAutb7En5sZL+bMaJoHojrMF4+jaA/o0SpOt
Iby51rzkD+GHRKk/5XXiWzMeEAOsSpwskZQu7IVtGSb0hbjVCcog+mCwyVQNE9ab
wAG+IZ+EJ14iXwQTrGl7W+k7xeOw3ZsOae424rKZR2atWYxuNFmpeqNDWOro0uCA
+ClJzm8VvWJhEMJja5mW3r0mDcYgCWrJ8rarzogsxNjfH9sIzsY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:38 2023 by rpki-client on console-ams.rpki-client.org