Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/GYisfFpzQKKTCbsTUedLT9okIDA.roa
File: GYisfFpzQKKTCbsTUedLT9okIDA.roa (raw, json)
Hash identifier: WTyvWgP1AvBHolX4aIlku4o+XCzd9MwU1a2YB0Rkc3A=
Subject key identifier: 19:88:AC:7C:5A:73:40:A2:93:09:BB:13:51:E7:4B:4F:DA:24:20:30
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 018571D79C5A0A13DC349B58F6D238933386
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/GYisfFpzQKKTCbsTUedLT9okIDA.roa
Signing time: Mon 02 Jan 2023 09:37:13 +0000
ROA not before: Mon 02 Jan 2023 09:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211783
IP address blocks: 185.197.137.0/24 maxlen: 24
185.197.136.0/22 maxlen: 22
185.197.136.0/24 maxlen: 24
185.197.139.0/24 maxlen: 24
185.197.138.0/24 maxlen: 24
2a0a:7a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:9c:5a:0a:13:dc:34:9b:58:f6:d2:38:93:33:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Jan 2 09:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1988ac7c5a7340a29309bb1351e74b4fda242030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1a:dd:a5:26:bf:13:5b:51:ce:3e:be:a0:0d:
a8:4e:6b:b0:a1:be:ae:32:38:15:60:09:d1:6f:cd:
42:c1:89:d5:e7:ff:e3:8b:ae:8c:78:47:82:3b:95:
83:3d:63:13:85:19:dd:a2:e7:3c:76:68:86:2c:40:
4a:03:d8:e9:a7:c8:6b:cb:0a:e6:bc:e0:94:b9:03:
88:31:69:53:15:f1:e1:00:21:2f:97:35:1c:8b:13:
fd:5d:b0:5f:21:f9:11:d8:f2:8e:de:60:86:ed:df:
5f:b5:5e:b6:d1:7d:f0:14:0f:7a:f8:a7:d4:81:bf:
b7:89:a3:d4:1d:f1:70:51:44:24:04:12:d7:42:d3:
5f:de:ac:9b:b6:8a:cb:6b:56:7a:1b:6a:cc:a6:20:
27:41:0c:d8:f4:ca:58:6a:48:a4:8e:5a:e9:41:71:
17:04:d6:21:46:70:bf:3e:b4:02:f3:90:0a:69:92:
af:a7:8b:1d:27:2a:b8:c9:a3:6e:21:98:58:c7:d0:
86:06:5d:a3:3c:38:d3:f7:9a:b6:7a:26:98:c0:38:
97:3e:37:d6:26:fc:30:db:69:2c:79:c2:3b:40:e4:
49:b5:b7:0a:c8:40:df:22:56:1f:21:26:33:52:a0:
6b:86:e0:12:a4:5b:11:19:17:99:9e:bb:6c:91:09:
fc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:88:AC:7C:5A:73:40:A2:93:09:BB:13:51:E7:4B:4F:DA:24:20:30
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/GYisfFpzQKKTCbsTUedLT9okIDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.136.0/22
IPv6:
2a0a:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
87:46:df:99:30:a3:84:b5:95:c5:a0:00:b6:b5:95:4c:d0:58:
4a:0c:7d:8c:01:ca:81:39:88:40:87:a7:2b:e2:0d:9c:1d:04:
87:1c:e4:00:4e:21:12:c7:ba:46:6f:d6:e2:da:71:1a:43:e4:
24:95:15:b5:d8:05:4b:bc:12:a5:78:36:ed:ec:e8:fd:12:cd:
9d:d2:e9:65:49:91:35:9a:57:50:1e:41:5a:f2:7e:4f:7b:bf:
00:d4:1d:c5:70:f1:c3:94:fe:f0:bb:6c:10:97:55:36:e7:6b:
c0:ff:fd:71:a8:55:46:51:48:87:20:70:78:bf:81:96:a3:78:
82:ab:2b:01:5e:7f:79:80:45:e5:f6:21:95:45:62:ad:b1:4d:
5b:56:22:31:46:11:53:29:56:7c:01:ae:06:e0:f8:ad:9d:07:
a5:b3:cb:4c:1b:69:96:d4:b7:b4:9b:52:64:9e:cc:90:1b:db:
3d:c3:fa:8d:37:17:03:1c:5f:ee:26:fc:fb:48:34:3a:00:9d:
6c:60:33:5e:0e:cd:1f:01:9d:e5:e9:c5:d4:70:d6:c2:96:b9:
23:dd:c9:81:70:49:93:66:23:49:5a:4b:8a:1d:a1:5c:ba:83:
bf:1b:51:61:bb:14:7e:8c:e4:ea:4f:eb:74:53:6b:70:37:e0:
a2:0e:86:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx15xaChPcNJtY9tI4kzOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjMwMTAyMDkzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTg4YWM3YzVhNzM0MGEyOTMwOWJiMTM1MWU3NGI0ZmRhMjQyMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxrdpSa/E1tRzj6+oA2oTmuwob6u
MjgVYAnRb81CwYnV5//ji66MeEeCO5WDPWMThRndouc8dmiGLEBKA9jpp8hrywrm
vOCUuQOIMWlTFfHhACEvlzUcixP9XbBfIfkR2PKO3mCG7d9ftV620X3wFA96+KfU
gb+3iaPUHfFwUUQkBBLXQtNf3qybtorLa1Z6G2rMpiAnQQzY9MpYakikjlrpQXEX
BNYhRnC/PrQC85AKaZKvp4sdJyq4yaNuIZhYx9CGBl2jPDjT95q2eiaYwDiXPjfW
Jvww22ksecI7QORJtbcKyEDfIlYfISYzUqBrhuASpFsRGReZnrtskQn85QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBmIrHxac0Cikwm7E1HnS0/aJCAwMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvR1lpc2ZGcHpRS0tUQ2JzVFVlZExUOW9rSURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucWIMA0E
AgACMAcDBQMqCnpAMA0GCSqGSIb3DQEBCwUAA4IBAQCHRt+ZMKOEtZXFoAC2tZVM
0FhKDH2MAcqBOYhAh6cr4g2cHQSHHOQATiESx7pGb9bi2nEaQ+QklRW12AVLvBKl
eDbt7Oj9Es2d0ullSZE1mldQHkFa8n5Pe78A1B3FcPHDlP7wu2wQl1U252vA//1x
qFVGUUiHIHB4v4GWo3iCqysBXn95gEXl9iGVRWKtsU1bViIxRhFTKVZ8Aa4G4Pit
nQels8tMG2mW1Le0m1JknsyQG9s9w/qNNxcDHF/uJvz7SDQ6AJ1sYDNeDs0fAZ3l
6cXUcNbClrkj3cmBcEmTZiNJWkuKHaFcuoO/G1FhuxR+jOTqT+t0U2twN+CiDoZV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:30 2024 by rpki-client on console-ams.rpki-client.org