Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gx4g2Fq8RuL4rlwq11cp_4zMj3s.roa
File: gx4g2Fq8RuL4rlwq11cp_4zMj3s.roa (raw, json)
Hash identifier: jSmXO2nNaWa4fHqtB5jt+gmMXr0KK8yEbuLf5UI2xgo=
Subject key identifier: 83:1E:20:D8:5A:BC:46:E2:F8:AE:5C:2A:D7:57:29:FF:8C:CC:8F:7B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01884968832FB93E1693E0D89D159A2EC62C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gx4g2Fq8RuL4rlwq11cp_4zMj3s.roa
Signing time: Tue 23 May 2023 16:19:26 +0000
ROA not before: Tue 23 May 2023 16:19:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
193.163.85.0/24 maxlen: 24
193.163.86.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a04:ccc6::/32 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a10:ccc0:420::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 26 May 2023 11:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:49:68:83:2f:b9:3e:16:93:e0:d8:9d:15:9a:2e:c6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 23 16:19:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=831e20d85abc46e2f8ae5c2ad75729ff8ccc8f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:f7:51:2b:c9:8b:b5:ca:3e:18:10:9f:07:
5a:98:3b:84:5e:1a:94:5c:53:e4:16:85:99:c7:61:
47:d9:7d:d2:09:92:8a:aa:f1:e9:6b:1c:50:11:bd:
0f:87:93:1d:f5:38:8d:d0:52:d9:6e:2c:25:9a:21:
60:73:c7:e3:59:a0:a2:25:8d:b0:cf:ba:80:79:81:
d8:23:5a:5d:13:97:58:58:1f:6e:be:61:2f:c6:fd:
43:a1:dd:7f:23:ad:fa:fc:3d:93:a6:e9:ff:80:3f:
32:e2:10:5d:f8:d2:0a:9f:31:83:71:20:76:4b:65:
e7:b9:c2:1f:c5:c8:92:6b:bc:5b:99:c9:a0:4c:db:
1b:a0:ce:25:90:0a:2e:40:43:37:27:61:22:ac:d5:
0f:20:7d:40:1f:40:41:5a:36:18:19:7a:93:4b:a4:
66:db:42:c6:0e:94:a6:53:f2:2f:9f:32:88:85:bd:
04:4c:d6:8d:6e:2c:e1:4c:8d:64:0b:4a:0b:38:ed:
1e:15:95:ed:03:07:92:41:06:2b:7b:4d:a2:a8:dd:
9f:11:62:e0:07:92:42:30:73:26:ac:2c:f3:7c:9f:
c1:49:25:e3:db:5e:83:22:3c:c7:9e:f2:19:68:97:
0a:fb:e9:32:3c:53:a9:5f:4e:8b:82:b4:13:4c:c4:
c6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1E:20:D8:5A:BC:46:E2:F8:AE:5C:2A:D7:57:29:FF:8C:CC:8F:7B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gx4g2Fq8RuL4rlwq11cp_4zMj3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.131.184.0/22
45.136.136.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
193.163.85.0-193.163.86.255
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc1::/32
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
2a10:ccc0:420::/44
Signature Algorithm: sha256WithRSAEncryption
42:f3:42:53:9a:b3:11:40:db:42:ba:51:2e:de:bc:b5:ec:5a:
ee:be:03:a6:08:65:be:f9:56:4e:0d:62:16:17:13:dd:ce:b4:
15:03:de:16:08:36:30:fc:63:9b:c6:37:03:e9:6c:3e:da:db:
17:c3:4d:e0:bc:d9:6e:31:e1:ac:ad:98:03:cc:5f:7e:d4:82:
4e:f3:62:cd:74:5c:a4:1a:a1:6e:e5:16:59:eb:cc:18:74:9b:
2a:34:03:c4:80:44:4e:53:a0:20:0c:10:20:e1:27:b9:0d:52:
68:7c:79:d5:b1:70:2e:a8:e3:1d:a6:d8:e1:a0:a3:6c:46:28:
54:06:a9:a5:1d:01:82:f1:1f:a5:d5:c4:e8:db:0c:db:ba:e9:
28:30:1d:f7:8b:3e:67:1c:19:2d:b8:b9:3d:f2:f2:06:a0:9a:
22:72:cc:6d:0a:54:c9:49:3e:59:e4:87:0c:55:30:80:85:ad:
f3:b5:16:81:00:3b:45:6c:81:da:03:67:39:81:7d:89:e9:7e:
9c:47:6d:10:17:bb:0e:d0:b4:eb:15:38:4b:5c:8f:37:c3:df:
9d:1f:1e:80:af:6c:11:7a:63:42:c4:49:3d:50:7f:8b:d6:f9:
13:bc:fd:cc:50:07:df:5b:b7:9d:98:52:08:fb:d2:b1:04:5a:
d5:87:83:2b
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYhJaIMvuT4Wk+DYnRWaLsYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTIzMTYxOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFlMjBkODVhYmM0NmUyZjhhZTVjMmFkNzU3MjlmZjhjY2M4ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bj3USvJi7XKPhgQnwdamDuEXhqU
XFPkFoWZx2FH2X3SCZKKqvHpaxxQEb0Ph5Md9TiN0FLZbiwlmiFgc8fjWaCiJY2w
z7qAeYHYI1pdE5dYWB9uvmEvxv1Dod1/I636/D2Tpun/gD8y4hBd+NIKnzGDcSB2
S2XnucIfxciSa7xbmcmgTNsboM4lkAouQEM3J2EirNUPIH1AH0BBWjYYGXqTS6Rm
20LGDpSmU/IvnzKIhb0ETNaNbizhTI1kC0oLOO0eFZXtAweSQQYre02iqN2fEWLg
B5JCMHMmrCzzfJ/BSSXj216DIjzHnvIZaJcK++kyPFOpX06LgrQTTMTGHwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFIMeINhavEbi+K5cKtdXKf+MzI97MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZ3g0ZzJGcThSdUw0cmx3cTExY3BfNHpNajNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjBQBAIAATBKAwQA
Hyq3AwQCLYO4AwQCLYiIAwQBTVEyAwQAVcrLAwQAXrF6AwQCixxgAwQAueh1MAwD
BADBo1UDBADBo1YDBADCMlwDBADCMl4wgc0EAgACMIHGAwUAKgTMwTAOAwUAKgTM
wwMFAyoEzMADBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHACoOl8ABcAMHBCoOl8AB
0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6XwwEQAwcEKg6XxAEAAwcEKg6XxAEgAwcA
Kg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHAAwcAKg/kBAECAwcAKhAv
AAGNAwcAKhAvAAGPAwcEKhDMQAJQAwcEKhDMRQEwAwcEKhDMwAQgMA0GCSqGSIb3
DQEBCwUAA4IBAQBC80JTmrMRQNtCulEu3ry17FruvgOmCGW++VZODWIWFxPdzrQV
A94WCDYw/GObxjcD6Ww+2tsXw03gvNluMeGsrZgDzF9+1IJO82LNdFykGqFu5RZZ
68wYdJsqNAPEgEROU6AgDBAg4Se5DVJofHnVsXAuqOMdptjhoKNsRihUBqmlHQGC
8R+l1cTo2wzbuukoMB33iz5nHBktuLk98vIGoJoicsxtClTJST5Z5IcMVTCAha3z
tRaBADtFbIHaA2c5gX2J6X6cR20QF7sO0LTrFThLXI83w9+dHx6Ar2wRemNCxEk9
UH+L1vkTvP3MUAffW7edmFII+9KxBFrVh4Mr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org