Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/gzVOZiC_s5B6ZUg2bSK6_GuKqiQ.roa
File: gzVOZiC_s5B6ZUg2bSK6_GuKqiQ.roa (raw, json)
Hash identifier: cu3avnfqhKuDU977Y6Ajb9u8HelVq2fVK4PoFr4aJho=
Subject key identifier: 83:35:4E:66:20:BF:B3:90:7A:65:48:36:6D:22:BA:FC:6B:8A:AA:24
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018FEDD36F22522500940EAB012EEED02544
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/gzVOZiC_s5B6ZUg2bSK6_GuKqiQ.roa
Signing time: Thu 06 Jun 2024 13:53:27 +0000
ROA not before: Thu 06 Jun 2024 13:53:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13335
IP address blocks: 131.102.0.0/16 maxlen: 24
149.126.48.0/21 maxlen: 24
162.23.0.0/16 maxlen: 24
193.5.216.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 13:03:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:d3:6f:22:52:25:00:94:0e:ab:01:2e:ee:d0:25:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jun 6 13:53:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83354e6620bfb3907a6548366d22bafc6b8aaa24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1d:a4:2c:4a:6f:69:5c:43:d2:82:f5:bf:6f:
9b:1d:97:96:4f:86:9c:e9:8d:70:38:78:6e:07:75:
ec:54:3d:bf:af:a2:38:82:00:ee:b2:7c:3a:16:ab:
c8:fc:6e:f8:69:0e:f5:7a:30:19:8a:0d:85:c9:9a:
60:2f:b1:01:1e:af:a1:3b:19:57:b1:24:52:7c:e6:
8e:32:74:b9:13:ce:4a:84:af:de:19:7f:82:b1:04:
fc:19:1e:48:76:47:75:f5:44:60:b6:48:93:ed:60:
bc:4b:2d:2a:b2:15:b8:44:12:d7:b1:7a:d8:58:bf:
74:01:80:7a:be:36:14:76:fd:c9:bc:ca:dc:82:1b:
30:7d:cc:8d:95:06:5a:cf:99:58:b5:7c:4a:7b:a7:
d4:f6:1f:05:54:b2:b9:87:2c:df:7d:45:60:91:a8:
a0:7d:c0:97:78:1c:d3:db:62:fd:7f:35:d9:35:2b:
fe:eb:b0:7a:da:bc:21:00:be:cb:79:ce:1d:2c:06:
90:b7:16:4c:eb:eb:4f:bd:43:ca:cd:4e:81:bb:fb:
ec:f9:d4:f1:6e:7c:63:cd:b8:83:28:98:04:54:42:
7a:2b:84:1c:8e:3f:6e:d8:75:5d:48:ad:90:85:53:
e7:61:3c:f0:b0:1e:e5:76:08:24:03:91:c7:20:8f:
ec:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:35:4E:66:20:BF:B3:90:7A:65:48:36:6D:22:BA:FC:6B:8A:AA:24
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/gzVOZiC_s5B6ZUg2bSK6_GuKqiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.102.0.0/16
149.126.48.0/21
162.23.0.0/16
193.5.216.0/21
Signature Algorithm: sha256WithRSAEncryption
88:f4:f8:43:28:70:6b:2a:27:f3:5c:0a:5e:25:5f:24:89:3a:
a3:86:e1:a1:cf:46:1a:16:61:bd:65:2c:4a:89:59:27:73:6d:
ff:be:50:f8:83:d8:d6:b1:3d:55:0a:c2:d9:30:2d:23:e4:d7:
ea:93:27:95:76:e8:f3:d6:ac:2b:20:ce:33:da:18:30:2f:e2:
af:3d:a1:66:bf:90:67:c3:31:a1:ed:51:a8:f4:b8:6e:00:41:
79:ab:bf:3c:8a:0e:dd:65:3e:8f:98:3e:39:0d:0b:ba:b3:ca:
8a:be:bf:00:96:bf:8a:a1:c9:e7:36:c0:ce:d8:c7:38:49:b4:
3f:fe:c6:21:fb:e5:e3:73:5a:48:6d:ee:06:df:24:af:5e:f4:
2f:e1:60:47:4f:dd:48:5d:dc:40:0c:00:26:32:0a:10:b9:84:
81:e1:5a:0d:b5:17:f7:71:c7:9f:44:ab:ff:61:6d:c6:7d:86:
4c:0a:4b:80:c4:24:f3:53:a1:65:91:f0:ab:a4:08:67:8c:11:
67:38:53:4d:02:5c:96:c5:97:0b:db:73:11:b6:e3:a7:c6:c8:
65:91:6c:77:65:ca:f4:d9:c1:be:ae:06:e2:61:05:2e:7b:f3:
55:a6:03:37:f4:d5:73:0c:83:89:82:1e:f2:dc:9c:1a:5f:c5:
ea:f1:a9:04
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY/t028iUiUAlA6rAS7u0CVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwNjA2MTM1MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM1NGU2NjIwYmZiMzkwN2E2NTQ4MzY2ZDIyYmFmYzZiOGFhYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR2kLEpvaVxD0oL1v2+bHZeWT4ac
6Y1wOHhuB3XsVD2/r6I4ggDusnw6FqvI/G74aQ71ejAZig2FyZpgL7EBHq+hOxlX
sSRSfOaOMnS5E85KhK/eGX+CsQT8GR5Idkd19URgtkiT7WC8Sy0qshW4RBLXsXrY
WL90AYB6vjYUdv3JvMrcghswfcyNlQZaz5lYtXxKe6fU9h8FVLK5hyzffUVgkaig
fcCXeBzT22L9fzXZNSv+67B62rwhAL7Lec4dLAaQtxZM6+tPvUPKzU6Bu/vs+dTx
bnxjzbiDKJgEVEJ6K4Qcjj9u2HVdSK2QhVPnYTzwsB7ldggkA5HHII/sMQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIM1TmYgv7OQemVINm0iuvxriqokMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvZ3pWT1ppQ19zNUI2WlVnMmJTSzZfR3VLcWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwMAg2YDBAOV
fjADAwCiFwMEA8EF2DANBgkqhkiG9w0BAQsFAAOCAQEAiPT4Qyhwayon81wKXiVf
JIk6o4bhoc9GGhZhvWUsSolZJ3Nt/75Q+IPY1rE9VQrC2TAtI+TX6pMnlXbo89as
KyDOM9oYMC/irz2hZr+QZ8Mxoe1RqPS4bgBBeau/PIoO3WU+j5g+OQ0LurPKir6/
AJa/iqHJ5zbAztjHOEm0P/7GIfvl43NaSG3uBt8kr170L+FgR0/dSF3cQAwAJjIK
ELmEgeFaDbUX93HHn0Sr/2Ftxn2GTApLgMQk81OhZZHwq6QIZ4wRZzhTTQJclsWX
C9tzEbbjp8bIZZFsd2XK9NnBvq4G4mEFLnvzVaYDN/TVcwyDiYIe8tycGl/F6vGp
BA==
-----END CERTIFICATE-----
Generated at Mon Jun 24 15:20:47 2024 by rpki-client on console-fra.rpki-client.org