Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/GCbycHbk2wbskRl7ThIrcw-vhPA.roa
File: GCbycHbk2wbskRl7ThIrcw-vhPA.roa (raw, json)
Hash identifier: wWzWWRIdfwVKDPyKoCT8PgNEPytm+YY5GeqRrvp/4+E=
Subject key identifier: 18:26:F2:70:76:E4:DB:06:EC:91:19:7B:4E:12:2B:73:0F:AF:84:F0
Certificate issuer: /CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Certificate serial: 0188A9C26F1A0DC590667A7945870198E899
Authority key identifier: 5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/GCbycHbk2wbskRl7ThIrcw-vhPA.roa
Signing time: Sun 11 Jun 2023 09:21:11 +0000
ROA not before: Sun 11 Jun 2023 09:21:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49558
IP address blocks: 195.20.137.0/24 maxlen: 24
194.4.164.0/22 maxlen: 22
91.228.64.0/22 maxlen: 22
45.128.224.0/22 maxlen: 22
91.213.39.0/24 maxlen: 24
2a0e:4240::/29 maxlen: 29
2a0d:8540::/29 maxlen: 29
2a11:500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a9:c2:6f:1a:0d:c5:90:66:7a:79:45:87:01:98:e8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Validity
Not Before: Jun 11 09:21:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1826f27076e4db06ec91197b4e122b730faf84f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ae:0c:12:7e:79:7c:52:da:d1:8c:22:02:76:
44:2d:23:b1:76:25:8f:70:30:6b:5c:be:22:a5:80:
5c:26:2f:81:5e:ef:b4:ab:47:32:b0:74:59:46:5f:
25:ef:50:94:7e:88:c8:77:a8:b8:ec:0b:6b:9f:bc:
83:e8:39:26:0c:bf:4f:6b:76:f2:78:a4:a5:d5:1c:
d8:68:1d:cc:00:6f:d4:0b:2d:1f:6b:43:82:2f:a1:
4c:69:50:1d:ca:91:6a:4f:dd:24:d0:2b:48:80:21:
14:91:57:c4:42:b7:92:b7:bf:42:ca:cc:c1:56:47:
05:3b:e8:f2:47:82:e1:77:b6:d2:ed:07:2f:82:02:
91:7c:dd:5d:32:7e:76:12:1a:22:42:7b:68:c1:7e:
c0:ee:6a:9c:94:1b:3c:74:8e:7c:8c:a6:6a:19:88:
da:ef:bf:a6:d8:8f:97:35:f1:17:10:88:81:da:45:
36:92:df:87:39:a3:d1:a0:8c:d8:ec:4d:ee:97:49:
e6:74:9a:ef:4a:5b:2d:a6:67:3e:c8:98:2c:15:1e:
cb:4c:3e:14:d1:33:a6:d9:5b:9b:d0:5e:ca:32:f6:
1a:ee:ee:bd:af:bf:1d:06:30:78:3f:5b:bc:53:13:
fd:64:4e:24:59:3e:e2:ea:f5:08:90:34:a2:9a:41:
7e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:26:F2:70:76:E4:DB:06:EC:91:19:7B:4E:12:2B:73:0F:AF:84:F0
X509v3 Authority Key Identifier:
keyid:5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/GCbycHbk2wbskRl7ThIrcw-vhPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.224.0/22
91.213.39.0/24
91.228.64.0/22
194.4.164.0/22
195.20.137.0/24
IPv6:
2a0d:8540::/29
2a0e:4240::/29
2a11:500::/29
Signature Algorithm: sha256WithRSAEncryption
be:11:34:1b:9b:d4:f3:34:b7:ce:39:08:69:42:fb:c2:60:c6:
cd:19:b5:dc:bc:30:ba:06:aa:cf:ae:62:d6:3e:10:ae:14:56:
7f:77:6e:90:3c:10:f5:60:cd:3c:7c:0e:05:1a:2a:56:85:b9:
1d:16:84:4a:16:76:d4:00:44:72:b1:1e:7d:fd:3b:d2:6f:3c:
40:6f:1d:b4:59:54:80:c6:6e:d4:1e:37:f2:51:47:05:56:30:
00:bb:d6:e4:e8:c9:53:7f:05:c1:a2:cb:7b:ea:fc:15:9b:43:
78:24:20:e6:06:47:c6:8d:d2:a2:d4:4e:16:05:b8:65:83:17:
4f:6a:db:00:9f:3c:13:d4:03:17:09:1e:b8:76:36:8d:57:0d:
9f:56:79:1d:c3:b6:86:5f:f6:f5:6b:c3:a6:16:6c:99:ec:3f:
bd:52:c9:ff:78:b6:81:58:0c:d7:ad:e5:f2:a6:f2:a0:21:2e:
79:b8:0c:aa:01:49:c9:38:9e:d9:4d:1b:33:ef:e4:ca:58:c0:
46:7e:55:5a:8c:4d:ca:f3:dc:7f:a3:0b:85:81:63:9b:4d:37:
33:b7:94:59:4c:b4:0f:39:98:6a:b3:8f:51:95:12:69:5c:0e:
7f:e9:80:4b:1d:fe:66:cd:01:b9:9d:19:df:56:a6:d5:ba:07:
da:20:30:b8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYipwm8aDcWQZnp5RYcBmOiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWUwNTFhOTM5MDFlY2MwMTc0NDA3OWFhNGFjMmZiMDc3
YjlmYzEwHhcNMjMwNjExMDkyMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODI2ZjI3MDc2ZTRkYjA2ZWM5MTE5N2I0ZTEyMmI3MzBmYWY4NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk64MEn55fFLa0YwiAnZELSOxdiWP
cDBrXL4ipYBcJi+BXu+0q0cysHRZRl8l71CUfojId6i47Atrn7yD6DkmDL9Pa3by
eKSl1RzYaB3MAG/UCy0fa0OCL6FMaVAdypFqT90k0CtIgCEUkVfEQreSt79CyszB
VkcFO+jyR4Lhd7bS7QcvggKRfN1dMn52EhoiQntowX7A7mqclBs8dI58jKZqGYja
77+m2I+XNfEXEIiB2kU2kt+HOaPRoIzY7E3ul0nmdJrvSlstpmc+yJgsFR7LTD4U
0TOm2Vub0F7KMvYa7u69r78dBjB4P1u8UxP9ZE4kWT7i6vUIkDSimkF+KQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBgm8nB25NsG7JEZe04SK3MPr4TwMB8GA1UdIwQY
MBaAFFvuBRqTkB7MAXRAeapKwvsHe5/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjIt
YTUyYTg3OTVkOTU2LzEvR0NieWNIYmsyd2Jza1JsN1RoSXJjdy12aFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjItYTUyYTg3OTVkOTU2
LzEvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCLYDgAwQA
W9UnAwQCW+RAAwQCwgSkAwQAwxSJMBsEAgACMBUDBQMqDYVAAwUDKg5CQAMFAyoR
BQAwDQYJKoZIhvcNAQELBQADggEBAL4RNBub1PM0t845CGlC+8Jgxs0Ztdy8MLoG
qs+uYtY+EK4UVn93bpA8EPVgzTx8DgUaKlaFuR0WhEoWdtQARHKxHn39O9JvPEBv
HbRZVIDGbtQeN/JRRwVWMAC71uToyVN/BcGiy3vq/BWbQ3gkIOYGR8aN0qLUThYF
uGWDF09q2wCfPBPUAxcJHrh2No1XDZ9WeR3DtoZf9vVrw6YWbJnsP71Syf94toFY
DNet5fKm8qAhLnm4DKoBSck4ntlNGzPv5MpYwEZ+VVqMTcrz3H+jC4WBY5tNNzO3
lFlMtA85mGqzj1GVEmlcDn/pgEsd/mbNAbmdGd9WptW6B9ogMLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:13 2024 by rpki-client on console-fra.rpki-client.org