Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/GbYbPLpD7RgEqJRC6xQOddQ-E7c.roa
File: GbYbPLpD7RgEqJRC6xQOddQ-E7c.roa (raw, json)
Hash identifier: NnUOGzLcnfzW14gcYiXv6zz20NLKG7ornEtQ/DzmqTY=
Subject key identifier: 19:B6:1B:3C:BA:43:ED:18:04:A8:94:42:EB:14:0E:75:D4:3E:13:B7
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0189057937B15057601FC092BFFDEE670716
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/GbYbPLpD7RgEqJRC6xQOddQ-E7c.roa
Signing time: Thu 29 Jun 2023 04:46:17 +0000
ROA not before: Thu 29 Jun 2023 04:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.191.96.0/24 maxlen: 24
188.191.100.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 11:41:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:05:79:37:b1:50:57:60:1f:c0:92:bf:fd:ee:67:07:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jun 29 04:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19b61b3cba43ed1804a89442eb140e75d43e13b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d1:ae:cd:95:cc:0e:6d:46:b2:9a:5d:84:4f:
fc:11:d1:41:6d:96:f4:15:d8:32:14:34:fb:e7:6a:
79:1e:b3:80:65:cc:5c:06:2a:da:cc:8a:9b:9c:8d:
b3:12:d3:69:48:ba:eb:36:b2:4a:fa:8c:d5:b5:62:
a0:6c:16:5b:e4:df:1e:76:12:49:ca:b5:2a:da:08:
25:5e:ab:4c:b7:b5:2d:a8:64:c4:b9:37:3b:f2:4f:
b8:0c:69:ed:a4:bc:8a:41:97:f3:33:31:57:76:b6:
a5:bb:07:71:df:0c:15:60:ca:85:66:66:6c:91:d7:
1c:c3:43:84:05:5d:5c:4d:09:c5:74:1f:66:32:bd:
90:1e:f7:42:2d:a3:b2:59:d9:d1:b9:39:16:f5:14:
07:49:5b:d2:c1:26:9b:e3:b7:b5:42:e1:85:ca:59:
44:ee:c4:5b:85:e6:0b:2b:99:74:d8:eb:bf:26:fa:
e3:18:1d:93:64:01:82:5d:17:d1:46:a0:ce:ba:0a:
cb:46:34:69:27:49:dd:40:bc:5f:5f:1e:60:f8:10:
d2:35:cf:4e:43:a6:57:56:0d:61:b0:3a:e0:41:da:
e9:fd:da:06:33:80:26:eb:2f:12:a6:84:7c:ba:17:
f9:cd:46:71:42:c5:c4:d9:e8:f9:2d:b7:6f:e7:55:
48:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B6:1B:3C:BA:43:ED:18:04:A8:94:42:EB:14:0E:75:D4:3E:13:B7
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/GbYbPLpD7RgEqJRC6xQOddQ-E7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.96.0/24
188.191.100.0/24
188.191.107.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c9:47:64:b8:db:7b:7c:a8:88:41:36:0d:da:b8:b2:94:86:
ea:76:02:87:a5:29:ee:9c:b5:b3:16:92:aa:b2:cb:67:e8:3d:
45:57:9d:4f:61:e0:96:f5:cf:cf:48:14:ab:74:1b:9c:4c:d3:
4c:c3:2d:b2:1a:6b:49:28:14:e9:bf:29:01:80:92:19:7a:8f:
e4:e5:dc:43:02:80:51:69:bf:03:0a:dd:e7:51:dd:81:b2:eb:
9b:42:78:49:79:03:41:7c:c3:07:f7:e9:88:b5:04:c7:fe:a2:
ec:09:e8:39:4b:fe:77:72:82:e4:c9:81:0f:1c:42:cf:25:67:
80:01:df:37:04:0d:78:3e:78:03:8e:0c:55:9f:f6:ca:10:e7:
1d:a5:2f:a9:9d:17:ee:bb:fb:1c:5d:1e:86:c2:23:ca:f4:8f:
d3:5d:fd:86:21:92:de:4a:3d:57:94:1e:bb:70:ab:f2:92:a5:
33:35:3c:32:c2:f7:0f:32:ce:2b:45:38:ee:f5:5e:fc:4f:2a:
69:3b:62:79:f5:e6:6a:7c:5f:a7:0d:d0:08:ef:9f:01:91:78:
dc:35:20:77:6f:54:51:eb:88:0e:04:b6:a9:2b:35:c1:ea:05:
34:dc:45:a4:2e:e0:df:2f:3a:1e:fc:e5:31:59:72:01:70:64:
e5:b9:d3:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkFeTexUFdgH8CSv/3uZwcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNjI5MDQ0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWI2MWIzY2JhNDNlZDE4MDRhODk0NDJlYjE0MGU3NWQ0M2UxM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9GuzZXMDm1GsppdhE/8EdFBbZb0
FdgyFDT752p5HrOAZcxcBirazIqbnI2zEtNpSLrrNrJK+ozVtWKgbBZb5N8edhJJ
yrUq2gglXqtMt7UtqGTEuTc78k+4DGntpLyKQZfzMzFXdraluwdx3wwVYMqFZmZs
kdccw0OEBV1cTQnFdB9mMr2QHvdCLaOyWdnRuTkW9RQHSVvSwSab47e1QuGFyllE
7sRbheYLK5l02Ou/JvrjGB2TZAGCXRfRRqDOugrLRjRpJ0ndQLxfXx5g+BDSNc9O
Q6ZXVg1hsDrgQdrp/doGM4Am6y8SpoR8uhf5zUZxQsXE2ej5Lbdv51VIWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBm2Gzy6Q+0YBKiUQusUDnXUPhO3MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvR2JZYlBMcEQ3UmdFcUpSQzZ4UU9kZFEtRTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+HhAwQA
vL9gAwQAvL9kAwQAvL9rMA0GCSqGSIb3DQEBCwUAA4IBAQCByUdkuNt7fKiIQTYN
2riylIbqdgKHpSnunLWzFpKqsstn6D1FV51PYeCW9c/PSBSrdBucTNNMwy2yGmtJ
KBTpvykBgJIZeo/k5dxDAoBRab8DCt3nUd2BsuubQnhJeQNBfMMH9+mItQTH/qLs
Ceg5S/53coLkyYEPHELPJWeAAd83BA14PngDjgxVn/bKEOcdpS+pnRfuu/scXR6G
wiPK9I/TXf2GIZLeSj1XlB67cKvykqUzNTwywvcPMs4rRTju9V78TyppO2J59eZq
fF+nDdAI758BkXjcNSB3b1RR64gOBLapKzXB6gU03EWkLuDfLzoe/OUxWXIBcGTl
udPC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org