Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GxVGQReYO_34dlCS-7dhxLPiqWs.roa
File: GxVGQReYO_34dlCS-7dhxLPiqWs.roa (raw, json)
Hash identifier: o5j6dk+g12iqI5dGSh6lPGqv3sLD/RqQEt65Oasdz4g=
Subject key identifier: 1B:15:46:41:17:98:3B:FD:F8:76:50:92:FB:B7:61:C4:B3:E2:A9:6B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01877EDFB2ECB3BF6FCC84799823C3D69398
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GxVGQReYO_34dlCS-7dhxLPiqWs.roa
Signing time: Fri 14 Apr 2023 08:26:42 +0000
ROA not before: Fri 14 Apr 2023 08:26:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c3:110::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0e:97c0:790::/48 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Apr 2023 20:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:df:b2:ec:b3:bf:6f:cc:84:79:98:23:c3:d6:93:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 14 08:26:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b15464117983bfdf8765092fbb761c4b3e2a96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d7:8b:5d:33:2f:ae:ea:bc:91:16:20:92:b9:
3a:9e:84:35:6f:7b:5f:59:00:76:4f:2e:c2:10:d7:
30:83:18:d1:0e:b8:5d:b0:49:05:dc:d7:12:d6:a2:
e3:98:fc:00:04:9b:92:85:fd:89:fd:51:7d:6f:4e:
65:21:d2:49:ab:9a:e6:ba:f3:a5:50:9d:22:c0:5d:
20:fe:da:a2:f8:50:30:a3:ff:71:ff:73:59:a3:55:
1a:72:a5:e0:f0:76:7d:91:3e:e3:b7:48:30:83:ac:
ff:bc:1e:be:5f:63:28:9f:67:77:66:30:1e:d1:55:
96:84:3e:05:85:fd:0c:23:03:43:69:8c:3c:d8:57:
64:0e:b5:b3:3d:ae:c7:17:51:fa:70:b7:c1:95:69:
c1:6d:b1:a6:ce:ac:e4:fa:d9:d5:df:bb:28:26:49:
00:9d:bd:28:c1:f7:9f:74:83:31:c8:a6:85:a0:10:
2a:4e:d9:57:d8:17:5b:3e:b1:51:d2:47:03:fb:12:
1e:8d:06:71:49:95:c4:0b:ce:10:c3:f1:98:c9:0f:
fc:80:52:e3:a7:3f:b0:9a:d8:d5:76:4b:fe:c1:63:
ba:89:5a:74:88:bc:e9:97:ed:92:d3:af:7d:c2:e7:
02:50:be:87:bc:b9:27:fe:5e:0c:d0:de:f5:a8:64:
17:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:15:46:41:17:98:3B:FD:F8:76:50:92:FB:B7:61:C4:B3:E2:A9:6B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GxVGQReYO_34dlCS-7dhxLPiqWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c0:790::/48
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
6d:20:e1:76:c9:6d:c8:d7:20:e5:8d:15:32:d1:3e:53:79:21:
e7:16:7e:27:dd:16:32:3e:ad:30:b5:cb:22:6c:9e:49:8e:d1:
78:95:96:64:b7:22:eb:38:14:70:8e:b2:67:c9:dc:9d:df:cb:
43:00:fa:e5:d1:e7:2a:04:27:cc:3e:4b:63:1e:f2:83:ee:5c:
e6:c0:00:e4:5f:1c:1a:f5:da:62:66:ed:e9:3b:b7:78:3c:ec:
b6:c5:b5:74:d4:6e:1c:0a:d1:5b:26:19:75:d5:f4:3a:6d:bb:
67:9a:31:08:45:05:77:aa:9d:35:a8:57:8a:6b:e7:84:a2:a3:
1b:d9:9e:d0:39:d7:a6:73:bf:91:bb:81:b2:a3:1d:27:76:be:
08:a8:40:10:20:79:a5:92:f4:52:2a:1e:0e:12:c2:87:d6:22:
77:05:0d:0c:68:bf:59:d4:e0:88:f1:5b:49:35:da:9b:31:49:
66:b6:e2:0f:08:72:08:a3:c5:a8:65:9e:84:be:29:01:21:7f:
20:ab:19:06:0d:0c:41:98:b0:e6:c9:10:c2:49:fd:2d:90:a2:
96:ad:2b:13:03:2e:02:9b:dc:e8:f9:a2:10:0f:f7:b0:58:81:
66:f5:cb:4c:01:b6:e6:9e:36:86:ce:7a:57:c6:c7:c7:14:bb:
1d:81:3b:e3
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISAYd+37Lss79vzIR5mCPD1pOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDE0MDgyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjE1NDY0MTE3OTgzYmZkZjg3NjUwOTJmYmI3NjFjNGIzZTJhOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9eLXTMvruq8kRYgkrk6noQ1b3tf
WQB2Ty7CENcwgxjRDrhdsEkF3NcS1qLjmPwABJuShf2J/VF9b05lIdJJq5rmuvOl
UJ0iwF0g/tqi+FAwo/9x/3NZo1UacqXg8HZ9kT7jt0gwg6z/vB6+X2Mon2d3ZjAe
0VWWhD4Fhf0MIwNDaYw82FdkDrWzPa7HF1H6cLfBlWnBbbGmzqzk+tnV37soJkkA
nb0owfefdIMxyKaFoBAqTtlX2BdbPrFR0kcD+xIejQZxSZXEC84Qw/GYyQ/8gFLj
pz+wmtjVdkv+wWO6iVp0iLzpl+2S0699wucCUL6HvLkn/l4M0N71qGQXpQIDAQAB
o4IC/TCCAvkwHQYDVR0OBBYEFBsVRkEXmDv9+HZQkvu3YcSz4qlrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR3hWR1FSZVlPXzM0ZGxDUy03ZGh4TFBpcVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEQYIKwYBBQUHAQcBAf8EggEAMIH9MEIEAgABMDwDBAAf
KrcDBAItDEQDBAItg7gDBAItiIgDBABVyssDBABesXoDBAKLHGADBAC56HUDBADC
MlwDBADCMl4wgbYEAgACMIGvAwcAIAEH+AEZAwUDKgkEwDAOAwUHKgw7gAMFACoM
O4YDBwAqDpfAAXADBwQqDpfAAdADBwQqDpfAAmADBwAqDpfAB5ADBgAqDpfBAgMH
BCoOl8MBEAMHBCoOl8QBAAMHBCoOl8QBIAMHACoOsQcJ8gMHACoOsQcRZQMHACoO
sQcXhgMHACoP5AQBAgMHACoQLwABjQMHACoQLwABjwMHBCoQzEACUAMHBCoQzEUB
MDANBgkqhkiG9w0BAQsFAAOCAQEAbSDhdsltyNcg5Y0VMtE+U3kh5xZ+J90WMj6t
MLXLImyeSY7ReJWWZLci6zgUcI6yZ8ncnd/LQwD65dHnKgQnzD5LYx7yg+5c5sAA
5F8cGvXaYmbt6Tu3eDzstsW1dNRuHArRWyYZddX0Om27Z5oxCEUFd6qdNahXimvn
hKKjG9me0DnXpnO/kbuBsqMdJ3a+CKhAECB5pZL0UioeDhLCh9YidwUNDGi/WdTg
iPFbSTXamzFJZrbiDwhyCKPFqGWehL4pASF/IKsZBg0MQZiw5skQwkn9LZCilq0r
EwMuApvc6PmiEA/3sFiBZvXLTAG25p42hs56V8bHxxS7HYE74w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:28 2024 by rpki-client on console-fra.rpki-client.org