Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/GDIDkeCLBqrGTOkJDSiXdQrUGrI.roa
File: GDIDkeCLBqrGTOkJDSiXdQrUGrI.roa (raw, json)
Hash identifier: lJrNX8I2R+paW1MOOMIdXMptPdN4Ip6XDIYQ66pWnp0=
Subject key identifier: 18:32:03:91:E0:8B:06:AA:C6:4C:E9:09:0D:28:97:75:0A:D4:1A:B2
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 01856F79A595990562A9B6927BC401605D78
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/GDIDkeCLBqrGTOkJDSiXdQrUGrI.roa
Signing time: Sun 01 Jan 2023 22:35:21 +0000
ROA not before: Sun 01 Jan 2023 22:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205465
IP address blocks: 85.187.60.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:a5:95:99:05:62:a9:b6:92:7b:c4:01:60:5d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 1 22:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18320391e08b06aac64ce9090d2897750ad41ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:28:c5:51:a0:bb:bf:71:08:41:ef:de:bf:a4:
38:c1:1a:4f:4c:69:dc:22:72:64:3b:fa:ea:82:71:
76:c6:34:7f:00:51:28:95:2c:0f:30:30:d7:10:51:
17:7c:f8:0a:28:b6:11:73:5a:63:c9:d4:34:32:3b:
ca:b4:ce:8b:5e:3a:4b:4b:b4:39:8b:4b:32:68:d7:
f8:66:c2:79:a7:b6:76:e6:b5:fe:0b:2c:c4:16:73:
21:40:35:0d:71:9f:fe:8c:b1:21:a7:5b:dd:2c:b5:
b6:3b:0f:90:ae:55:9a:95:26:23:b3:17:61:82:63:
dd:09:b8:a6:c1:c8:eb:2a:46:a1:a7:f7:ed:5e:2f:
c0:ec:60:58:3f:7a:eb:48:75:f1:62:60:72:6d:be:
6c:0c:3e:2b:f3:3d:02:3f:51:78:e6:ef:83:7d:3f:
ef:12:cb:91:bc:31:24:6e:76:df:73:3c:7a:46:08:
da:c4:e4:72:ee:1e:3b:2b:81:76:45:3c:dc:e9:1f:
1c:49:d5:c1:3c:49:d0:6a:e2:12:20:f2:9e:ad:a7:
11:37:83:ea:59:96:0b:78:ea:29:e4:ec:6e:d0:6a:
56:06:0e:7b:74:ca:ae:7a:b7:4e:e1:de:f5:6a:b1:
a2:e8:06:58:cb:84:c8:6a:83:2b:94:57:97:e7:59:
d3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:32:03:91:E0:8B:06:AA:C6:4C:E9:09:0D:28:97:75:0A:D4:1A:B2
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/GDIDkeCLBqrGTOkJDSiXdQrUGrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.60.0/23
Signature Algorithm: sha256WithRSAEncryption
41:16:8c:81:6d:0a:b4:79:4e:88:46:bc:12:2f:38:05:3b:9a:
7c:6d:c3:5d:b8:b3:1b:06:d1:3f:11:94:de:0b:41:2c:7b:05:
0e:de:2c:f9:fb:af:3e:a6:1c:eb:03:95:b0:2b:6f:c6:59:4e:
89:1d:1f:9c:2c:6b:25:29:f9:f2:92:3f:8e:88:ec:a9:29:79:
5d:75:22:26:1c:b3:66:5e:0d:e5:d5:d0:8e:3a:24:f8:12:c6:
a5:48:79:14:1a:50:26:02:a7:5e:44:e1:ee:92:68:0a:19:2a:
ec:bf:a2:ba:63:23:95:aa:63:92:f7:07:b4:c0:54:a3:4a:1e:
1e:4e:3a:3a:01:6c:47:0f:ba:84:7e:42:7d:c8:b1:82:bd:59:
ba:fa:19:40:70:7b:d3:9d:95:df:58:82:c1:1a:25:3d:47:a1:
35:55:e8:c8:e0:a7:23:26:a4:52:6d:f3:80:87:27:01:49:00:
ee:4d:d6:a1:15:44:dc:cc:68:5e:55:96:a1:7b:40:87:67:bb:
8f:9d:4e:98:d7:bb:e5:55:f8:33:06:a2:bf:96:0d:9e:df:e8:
33:58:43:0d:f9:bc:03:75:be:a2:3a:c9:b9:57:13:47:13:b2:
37:3b:33:4f:c3:7d:8a:e0:c7:68:b0:7d:43:03:56:4f:5f:3e:
65:2e:bf:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveaWVmQViqbaSe8QBYF14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjMwMTAxMjIzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODMyMDM5MWUwOGIwNmFhYzY0Y2U5MDkwZDI4OTc3NTBhZDQxYWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSjFUaC7v3EIQe/ev6Q4wRpPTGnc
InJkO/rqgnF2xjR/AFEolSwPMDDXEFEXfPgKKLYRc1pjydQ0MjvKtM6LXjpLS7Q5
i0syaNf4ZsJ5p7Z25rX+CyzEFnMhQDUNcZ/+jLEhp1vdLLW2Ow+QrlWalSYjsxdh
gmPdCbimwcjrKkahp/ftXi/A7GBYP3rrSHXxYmBybb5sDD4r8z0CP1F45u+DfT/v
EsuRvDEkbnbfczx6RgjaxORy7h47K4F2RTzc6R8cSdXBPEnQauISIPKeracRN4Pq
WZYLeOop5Oxu0GpWBg57dMquerdO4d71arGi6AZYy4TIaoMrlFeX51nTAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgyA5HgiwaqxkzpCQ0ol3UK1BqyMB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEvR0RJRGtlQ0xCcXJHVE9rSkRTaVhkUXJVR3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVbs8MA0G
CSqGSIb3DQEBCwUAA4IBAQBBFoyBbQq0eU6IRrwSLzgFO5p8bcNduLMbBtE/EZTe
C0EsewUO3iz5+68+phzrA5WwK2/GWU6JHR+cLGslKfnykj+OiOypKXlddSImHLNm
Xg3l1dCOOiT4EsalSHkUGlAmAqdeROHukmgKGSrsv6K6YyOVqmOS9we0wFSjSh4e
Tjo6AWxHD7qEfkJ9yLGCvVm6+hlAcHvTnZXfWILBGiU9R6E1VejI4KcjJqRSbfOA
hycBSQDuTdahFUTczGheVZahe0CHZ7uPnU6Y17vlVfgzBqK/lg2e3+gzWEMN+bwD
db6iOsm5VxNHE7I3OzNPw32K4MdosH1DA1ZPXz5lLr+M
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:50 2024 by rpki-client on console-fra.rpki-client.org