Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/GZS2_YJvZNYOGpxHFaGVTQSxXCQ.roa
File: GZS2_YJvZNYOGpxHFaGVTQSxXCQ.roa (raw, json)
Hash identifier: Zxr4pO+LChPhRTze9mkYoC1VxRRyS+e37acXDYuPMjE=
Subject key identifier: 19:94:B6:FD:82:6F:64:D6:0E:1A:9C:47:15:A1:95:4D:04:B1:5C:24
Certificate issuer: /CN=e4457636e5ad66e1f0fbb2c10df29095e63e992f
Certificate serial: 018CCA992B516E72B7FF771FAF4D065B42FB
Authority key identifier: E4:45:76:36:E5:AD:66:E1:F0:FB:B2:C1:0D:F2:90:95:E6:3E:99:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5EV2NuWtZuHw-7LBDfKQleY-mS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/GZS2_YJvZNYOGpxHFaGVTQSxXCQ.roa
Signing time: Tue 02 Jan 2024 14:34:44 +0000
ROA not before: Tue 02 Jan 2024 14:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210780
IP address blocks: 185.252.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:2b:51:6e:72:b7:ff:77:1f:af:4d:06:5b:42:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4457636e5ad66e1f0fbb2c10df29095e63e992f
Validity
Not Before: Jan 2 14:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1994b6fd826f64d60e1a9c4715a1954d04b15c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:81:ed:0e:92:9b:34:2a:b0:45:96:24:93:e5:
75:c4:ac:a6:5b:06:ae:6e:2d:97:c6:04:f5:41:3b:
55:a5:00:b5:2b:e8:1f:3f:b1:8c:11:5d:84:c3:42:
9b:b6:f7:4e:d9:38:dd:16:b4:1f:f6:98:4a:1d:3e:
21:4a:ec:64:16:20:42:b6:08:26:0f:5b:a9:27:98:
5a:c6:ff:b6:48:93:68:3b:48:2d:e6:5f:6a:02:00:
1a:41:8a:90:fa:eb:ac:c8:c9:7b:93:87:e4:7e:ac:
d4:83:a0:30:1f:50:84:ec:c4:9f:88:bf:1a:86:65:
1b:fe:ed:d7:1c:58:10:ad:be:ff:c9:aa:8f:80:72:
72:eb:71:cb:b1:1c:cd:f7:f5:ac:4e:98:d7:4e:d9:
3f:03:e8:94:97:6f:36:49:fa:d3:e6:84:ee:02:35:
1f:72:6f:1c:e9:02:7c:5b:01:c4:e9:b3:37:80:fc:
c0:c3:47:52:81:98:21:ba:8c:3a:69:ed:8d:89:fd:
3d:4f:73:2e:0b:8e:ed:a1:4c:d0:49:6d:34:d2:7e:
ea:75:e0:cb:92:44:5f:5b:5e:29:8a:33:93:cf:e7:
75:01:74:d0:96:52:f7:3d:e6:6e:8e:08:ba:46:cf:
67:d0:1b:8e:95:ea:f9:3a:ff:e3:76:e0:e4:8b:f6:
1f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:94:B6:FD:82:6F:64:D6:0E:1A:9C:47:15:A1:95:4D:04:B1:5C:24
X509v3 Authority Key Identifier:
keyid:E4:45:76:36:E5:AD:66:E1:F0:FB:B2:C1:0D:F2:90:95:E6:3E:99:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5EV2NuWtZuHw-7LBDfKQleY-mS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/GZS2_YJvZNYOGpxHFaGVTQSxXCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/5EV2NuWtZuHw-7LBDfKQleY-mS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.214.0/24
Signature Algorithm: sha256WithRSAEncryption
10:b7:9f:b8:39:f6:58:2c:3b:f4:5f:9d:b3:c6:fc:96:10:9a:
9a:99:c1:73:49:ec:c0:c6:8a:80:79:c6:ff:b8:0a:11:26:d9:
e9:88:6e:0c:5e:a5:10:a1:a7:1c:b6:04:dc:eb:9f:92:6c:65:
45:b3:37:17:7f:bf:0e:fd:df:06:88:03:25:04:91:a2:17:3d:
92:59:ea:61:96:d1:12:85:82:47:1b:24:4d:e5:ac:13:71:2a:
b1:b0:c1:73:4d:36:05:ce:27:04:bb:41:db:e0:fb:c5:66:97:
e5:3f:10:44:cc:a8:c0:26:7c:35:3f:01:97:6c:cd:50:03:1a:
0a:ee:68:a8:e0:52:f1:39:78:22:a7:5b:77:15:03:f8:cc:c2:
9d:42:dd:e6:62:4e:6c:36:03:9f:0e:80:ec:75:54:05:ee:c6:
7f:7b:bf:7b:9a:bd:ef:5b:f7:dc:79:14:6b:8b:b4:f0:ed:d8:
9f:c0:96:1a:85:ad:17:35:93:45:6a:d2:99:f3:98:8b:0e:9f:
f2:cb:c4:cd:d7:20:9d:74:66:f4:f5:d9:4f:d5:d8:0f:1b:72:
56:62:31:66:0b:30:b4:f4:7d:d3:7f:78:f5:b7:91:77:42:3c:
4b:b7:5f:42:ab:af:7f:35:d3:ce:39:61:14:14:47:83:1c:61:
78:49:4e:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmStRbnK3/3cfr00GW0L7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NDU3NjM2ZTVhZDY2ZTFmMGZiYjJjMTBkZjI5MDk1ZTYz
ZTk5MmYwHhcNMjQwMTAyMTQzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk0YjZmZDgyNmY2NGQ2MGUxYTljNDcxNWExOTU0ZDA0YjE1YzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4HtDpKbNCqwRZYkk+V1xKymWwau
bi2XxgT1QTtVpQC1K+gfP7GMEV2Ew0KbtvdO2TjdFrQf9phKHT4hSuxkFiBCtggm
D1upJ5haxv+2SJNoO0gt5l9qAgAaQYqQ+uusyMl7k4fkfqzUg6AwH1CE7MSfiL8a
hmUb/u3XHFgQrb7/yaqPgHJy63HLsRzN9/WsTpjXTtk/A+iUl282SfrT5oTuAjUf
cm8c6QJ8WwHE6bM3gPzAw0dSgZghuow6ae2Nif09T3MuC47toUzQSW000n7qdeDL
kkRfW14pijOTz+d1AXTQllL3PeZujgi6Rs9n0BuOler5Ov/jduDki/Yf6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmUtv2Cb2TWDhqcRxWhlU0EsVwkMB8GA1UdIwQY
MBaAFORFdjblrWbh8PuywQ3ykJXmPpkvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUVWMk51V3RadUh3LTdMQkRmS1FsZVktbVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS84YzlmMTktYTcwMC00ODMyLWJlMjEt
YjBkNWU4YmU4NTNjLzEvR1pTMl9ZSnZaTllPR3B4SEZhR1ZUUVN4WENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS84YzlmMTktYTcwMC00ODMyLWJlMjEtYjBkNWU4YmU4NTNj
LzEvNUVWMk51V3RadUh3LTdMQkRmS1FsZVktbVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufzWMA0G
CSqGSIb3DQEBCwUAA4IBAQAQt5+4OfZYLDv0X52zxvyWEJqamcFzSezAxoqAecb/
uAoRJtnpiG4MXqUQoacctgTc65+SbGVFszcXf78O/d8GiAMlBJGiFz2SWephltES
hYJHGyRN5awTcSqxsMFzTTYFzicEu0Hb4PvFZpflPxBEzKjAJnw1PwGXbM1QAxoK
7mio4FLxOXgip1t3FQP4zMKdQt3mYk5sNgOfDoDsdVQF7sZ/e797mr3vW/fceRRr
i7Tw7difwJYaha0XNZNFatKZ85iLDp/yy8TN1yCddGb09dlP1dgPG3JWYjFmCzC0
9H3Tf3j1t5F3QjxLt19Cq69/NdPOOWEUFEeDHGF4SU5v
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:44 2025 by rpki-client