Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/gNJPbbOlgDCXuuTebP7f7pngV-Q.roa
File: gNJPbbOlgDCXuuTebP7f7pngV-Q.roa (raw, json)
Hash identifier: coD2fF1yx0NKAvCtqEQgx4LotvEMZZCNO0BcO39ImAw=
Subject key identifier: 80:D2:4F:6D:B3:A5:80:30:97:BA:E4:DE:6C:FE:DF:EE:99:E0:57:E4
Certificate issuer: /CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
Certificate serial: 018C815C68A3A480D421FBC59BA915C2CC94
Authority key identifier: 61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/gNJPbbOlgDCXuuTebP7f7pngV-Q.roa
Signing time: Tue 19 Dec 2023 09:16:06 +0000
ROA not before: Tue 19 Dec 2023 09:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60517
IP address blocks: 185.118.245.0/24 maxlen: 24
185.118.244.0/24 maxlen: 24
185.118.244.0/22 maxlen: 24
185.118.246.0/24 maxlen: 24
185.118.247.0/24 maxlen: 24
185.51.128.0/24 maxlen: 24
185.51.128.0/22 maxlen: 24
185.51.130.0/24 maxlen: 24
185.51.129.0/24 maxlen: 24
185.51.131.0/24 maxlen: 24
185.36.95.0/24 maxlen: 24
185.36.93.0/24 maxlen: 24
185.36.92.0/24 maxlen: 24
185.36.92.0/22 maxlen: 24
185.36.94.0/24 maxlen: 24
185.131.182.0/24 maxlen: 24
185.131.181.0/24 maxlen: 24
185.131.183.0/24 maxlen: 24
185.131.180.0/22 maxlen: 24
185.131.180.0/24 maxlen: 24
185.175.212.0/22 maxlen: 24
185.91.172.0/24 maxlen: 24
185.91.172.0/22 maxlen: 24
178.157.98.0/24 maxlen: 24
178.157.97.0/24 maxlen: 24
185.91.175.0/24 maxlen: 24
185.91.174.0/24 maxlen: 24
178.157.96.0/24 maxlen: 24
178.157.96.0/22 maxlen: 24
185.91.173.0/24 maxlen: 24
178.157.99.0/24 maxlen: 24
185.27.123.0/24 maxlen: 24
185.27.122.0/24 maxlen: 24
185.27.121.0/24 maxlen: 24
185.27.120.0/22 maxlen: 24
185.27.120.0/24 maxlen: 24
2a06:96c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:5c:68:a3:a4:80:d4:21:fb:c5:9b:a9:15:c2:cc:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
Validity
Not Before: Dec 19 09:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80d24f6db3a5803097bae4de6cfedfee99e057e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:16:c6:c7:5c:af:bf:60:6f:b3:20:2f:32:ce:
b1:65:6b:aa:50:70:fe:16:3c:a1:87:bd:52:4c:5d:
3c:65:90:cd:f6:49:97:27:a3:d3:e0:97:22:88:c2:
96:9b:c6:3d:c0:5b:e4:a9:fb:ef:ba:7f:de:77:69:
01:58:07:fa:cf:98:ad:24:95:de:7b:c0:ed:11:70:
bc:02:84:dc:f1:85:1a:fb:a5:4d:8e:22:c6:f4:28:
8f:24:64:10:6d:03:78:9a:f7:b5:6e:d7:4b:e4:db:
78:47:50:1b:c8:78:9f:07:a4:4f:38:28:c0:d8:95:
f1:d9:cc:c9:99:09:5d:70:e6:da:c1:1f:05:d5:84:
55:25:a7:33:ed:81:bb:31:47:ec:0c:f3:54:35:a8:
ce:f4:4a:81:1b:f4:bc:b1:41:5c:3e:13:97:17:a9:
2f:93:6e:4a:60:9e:e2:d7:1f:c2:0e:e3:78:d5:46:
ad:cf:0b:6e:ed:0b:17:20:46:27:fb:8e:90:3b:ce:
86:f0:16:0f:d9:a0:63:60:3a:ad:10:78:cd:3f:e7:
3d:95:55:4b:f4:9a:ee:f6:c6:a9:3b:75:c0:e4:5b:
bd:ad:7a:2f:19:1c:bd:83:4c:e2:1d:00:06:07:c9:
31:c0:10:ab:75:9b:69:e1:d9:eb:fc:28:ff:fe:05:
a4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D2:4F:6D:B3:A5:80:30:97:BA:E4:DE:6C:FE:DF:EE:99:E0:57:E4
X509v3 Authority Key Identifier:
keyid:61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/gNJPbbOlgDCXuuTebP7f7pngV-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/YQ-Pmfymmqc_iKUx20bSKKfiw9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.157.96.0/22
185.27.120.0/22
185.36.92.0/22
185.51.128.0/22
185.91.172.0/22
185.118.244.0/22
185.131.180.0/22
185.175.212.0/22
IPv6:
2a06:96c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:dd:49:d3:df:ab:8d:d2:b5:48:fe:1a:d3:03:84:2c:5d:e3:
b1:9f:a7:db:b4:14:90:2c:96:57:6f:99:a8:1f:7e:b7:e0:d2:
93:4f:f9:d9:00:e4:1a:c3:d5:ef:89:39:4f:95:2b:e0:ca:98:
62:41:33:96:63:11:cc:7c:d2:c5:10:48:e1:d6:2a:10:fa:16:
10:a9:6b:6b:14:5b:4b:16:fd:dd:0a:1a:dd:35:5d:35:2b:85:
03:38:3c:be:c1:48:16:6e:6a:66:78:b7:4a:1f:4d:a2:7f:92:
5e:0d:6e:dd:80:28:c1:11:b6:f9:87:f2:a7:8f:8c:95:4e:21:
3a:15:ac:d9:6f:ca:1c:17:20:02:17:6f:e0:57:c7:a7:6b:20:
cb:7f:7d:54:6c:ce:2d:cd:ae:ca:a1:41:41:e4:23:01:cb:db:
c2:57:02:5b:f0:18:d1:77:3f:51:58:27:a5:2e:7c:9a:71:7c:
3b:ed:76:d9:3a:ff:c2:d7:91:11:b3:c3:78:2e:74:d8:3f:7e:
ef:76:d5:7d:6b:39:77:a5:c0:1c:d1:5d:26:0e:15:dd:71:64:
c8:cb:27:65:27:56:a8:e7:0d:de:68:33:02:9c:33:cf:2f:fd:
4e:37:6d:7e:6a:bf:b9:fd:ad:a4:c6:9a:90:7b:a7:ee:b5:57:
f6:77:f2:66
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYyBXGijpIDUIfvFm6kVwsyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGY4Zjk5ZmNhNjlhYTczZjg4YTUzMWRiNDZkMjI4YTdl
MmMzZDMwHhcNMjMxMjE5MDkxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQyNGY2ZGIzYTU4MDMwOTdiYWU0ZGU2Y2ZlZGZlZTk5ZTA1N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhbGx1yvv2BvsyAvMs6xZWuqUHD+
Fjyhh71STF08ZZDN9kmXJ6PT4JciiMKWm8Y9wFvkqfvvun/ed2kBWAf6z5itJJXe
e8DtEXC8AoTc8YUa+6VNjiLG9CiPJGQQbQN4mve1btdL5Nt4R1AbyHifB6RPOCjA
2JXx2czJmQldcObawR8F1YRVJacz7YG7MUfsDPNUNajO9EqBG/S8sUFcPhOXF6kv
k25KYJ7i1x/CDuN41Uatzwtu7QsXIEYn+46QO86G8BYP2aBjYDqtEHjNP+c9lVVL
9Jru9sapO3XA5Fu9rXovGRy9g0ziHQAGB8kxwBCrdZtp4dnr/Cj//gWk7QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFIDST22zpYAwl7rk3mz+3+6Z4FfkMB8GA1UdIwQY
MBaAFGEPj5n8ppqnP4ilMdtG0iin4sPTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgt
NzlhMGE1MjhlMGE0LzEvZ05KUGJiT2xnRENYdXVUZWJQN2Y3cG5nVi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgtNzlhMGE1MjhlMGE0
LzEvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCsp1gAwQC
uRt4AwQCuSRcAwQCuTOAAwQCuVusAwQCuXb0AwQCuYO0AwQCua/UMA0EAgACMAcD
BQMqBpbAMA0GCSqGSIb3DQEBCwUAA4IBAQB13UnT36uN0rVI/hrTA4QsXeOxn6fb
tBSQLJZXb5moH3634NKTT/nZAOQaw9XviTlPlSvgyphiQTOWYxHMfNLFEEjh1ioQ
+hYQqWtrFFtLFv3dChrdNV01K4UDODy+wUgWbmpmeLdKH02if5JeDW7dgCjBEbb5
h/Knj4yVTiE6FazZb8ocFyACF2/gV8enayDLf31UbM4tza7KoUFB5CMBy9vCVwJb
8BjRdz9RWCelLnyacXw77XbZOv/C15ERs8N4LnTYP37vdtV9azl3pcAc0V0mDhXd
cWTIyydlJ1ao5w3eaDMCnDPPL/1ON21+ar+5/a2kxpqQe6futVf2d/Jm
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:22 2024 by rpki-client on console-ams.rpki-client.org