Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/GVy2Q6P7FhHmgGdVlRdDTb1sMXY.roa
File: GVy2Q6P7FhHmgGdVlRdDTb1sMXY.roa (raw, json)
Hash identifier: +BzBz9z38RjhPLxurQiaMX+Dkp59Y7+IHtKOVhxnqug=
Subject key identifier: 19:5C:B6:43:A3:FB:16:11:E6:80:67:55:95:17:43:4D:BD:6C:31:76
Certificate issuer: /CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Certificate serial: 01856D540315CD1A09224BB1355DC0F50CCB
Authority key identifier: 33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/GVy2Q6P7FhHmgGdVlRdDTb1sMXY.roa
Signing time: Sun 01 Jan 2023 12:35:00 +0000
ROA not before: Sun 01 Jan 2023 12:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206077
IP address blocks: 185.196.253.0/24 maxlen: 24
185.196.252.0/23 maxlen: 23
185.196.252.0/22 maxlen: 22
185.196.252.0/24 maxlen: 24
185.196.254.0/23 maxlen: 23
185.196.255.0/24 maxlen: 24
185.196.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:03:15:cd:1a:09:22:4b:b1:35:5d:c0:f5:0c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Validity
Not Before: Jan 1 12:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=195cb643a3fb1611e68067559517434dbd6c3176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d9:b3:dd:f0:c3:f6:c0:f7:a6:af:c4:8e:2c:
6e:80:bc:95:17:a4:45:35:c3:97:6e:19:13:be:0a:
e7:36:8d:3b:a9:31:a9:08:4c:e7:be:c4:85:42:2a:
58:a8:3e:86:8e:f2:b3:b0:3c:4f:d8:0f:ed:dc:26:
a7:98:e0:4a:d5:89:22:09:ee:3a:66:1f:89:b4:2e:
09:be:d8:a4:4c:ff:3e:62:3b:eb:78:9a:03:cf:e3:
7a:52:6c:b0:fe:3c:53:1c:3a:ec:39:a1:86:63:15:
9c:3e:49:67:37:0e:15:13:1f:67:28:3a:0f:fd:42:
92:1e:76:60:d5:61:1c:93:f8:c3:b0:2c:cf:ea:d5:
39:ba:7f:06:12:6f:66:45:24:9f:dc:88:d0:05:91:
98:a8:78:e5:4b:41:b0:74:63:99:3f:31:de:b0:2d:
02:2e:3e:e0:28:f6:1c:96:93:0a:51:9b:13:d7:3f:
f6:76:72:2f:72:f1:ea:de:ab:7c:f8:30:79:d5:59:
5c:bb:38:ce:32:90:b6:c3:70:91:c5:40:ec:ba:a2:
25:86:cc:2d:6a:a7:4f:61:a0:65:ff:8c:aa:6a:d6:
9c:67:fd:b8:bf:df:5a:ba:cc:23:bc:b2:cc:fa:d3:
25:23:0f:e3:40:aa:88:52:ad:b3:5b:7b:e8:aa:33:
13:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:5C:B6:43:A3:FB:16:11:E6:80:67:55:95:17:43:4D:BD:6C:31:76
X509v3 Authority Key Identifier:
keyid:33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/GVy2Q6P7FhHmgGdVlRdDTb1sMXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.252.0/22
Signature Algorithm: sha256WithRSAEncryption
61:a4:1d:d2:7d:e4:6e:21:dc:bb:2a:27:fb:dd:9f:05:7a:23:
fc:79:25:4f:f0:9f:a6:44:74:fc:16:7d:78:e3:71:71:5c:e7:
42:eb:92:2e:15:c2:1f:1b:e9:2a:d7:31:8b:eb:c1:f2:4f:51:
42:fa:d7:55:a7:ff:5e:b0:4e:46:65:33:1e:42:6b:96:7d:60:
8a:44:12:2c:54:ee:de:7b:85:c2:a3:ba:9c:03:c9:b6:78:de:
f1:6e:08:19:a5:a5:e4:3a:47:a7:f8:9a:47:a8:f1:7b:be:b3:
b4:e2:bc:95:7e:04:c7:bb:75:3e:0b:29:2e:a3:76:dd:ed:74:
5d:16:66:3b:cd:81:25:61:92:94:8e:fd:7f:11:ed:3d:99:bc:
c8:6b:29:bc:0e:71:12:ed:76:f2:3e:74:98:75:a0:bd:58:73:
73:b4:3d:3f:df:66:38:35:83:45:be:e5:f3:82:96:9f:b4:d6:
e1:28:30:1f:cf:75:de:6c:4e:69:af:e5:f8:b8:54:42:e6:ff:
0f:a7:41:5f:ed:c5:87:53:fa:4e:04:df:11:00:00:7a:f3:b2:
57:b1:07:29:65:0c:a7:c7:11:87:fd:98:01:74:52:ee:ab:44:
2d:bf:2e:42:9b:92:9f:de:ce:13:4b:56:b0:67:b1:a9:c4:39:
2a:5b:a1:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVAMVzRoJIkuxNV3A9QzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM5ZTY0YTU4NTE0YzliMDkxZTliMmU2OGUyOTM3MWU0
M2UzZGYwHhcNMjMwMTAxMTIzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTVjYjY0M2EzZmIxNjExZTY4MDY3NTU5NTE3NDM0ZGJkNmMzMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNmz3fDD9sD3pq/EjixugLyVF6RF
NcOXbhkTvgrnNo07qTGpCEznvsSFQipYqD6GjvKzsDxP2A/t3CanmOBK1YkiCe46
Zh+JtC4JvtikTP8+YjvreJoDz+N6Umyw/jxTHDrsOaGGYxWcPklnNw4VEx9nKDoP
/UKSHnZg1WEck/jDsCzP6tU5un8GEm9mRSSf3IjQBZGYqHjlS0GwdGOZPzHesC0C
Lj7gKPYclpMKUZsT1z/2dnIvcvHq3qt8+DB51VlcuzjOMpC2w3CRxUDsuqIlhswt
aqdPYaBl/4yqatacZ/24v99auswjvLLM+tMlIw/jQKqIUq2zW3voqjMTGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBlctkOj+xYR5oBnVZUXQ029bDF2MB8GA1UdIwQY
MBaAFDMznmSlhRTJsJHpsuaOKTceQ+PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEt
NjM5ZGM0ZDVmMzcwLzEvR1Z5MlE2UDdGaEhtZ0dkVmxSZERUYjFzTVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEtNjM5ZGM0ZDVmMzcw
LzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucT8MA0G
CSqGSIb3DQEBCwUAA4IBAQBhpB3SfeRuIdy7Kif73Z8FeiP8eSVP8J+mRHT8Fn14
43FxXOdC65IuFcIfG+kq1zGL68HyT1FC+tdVp/9esE5GZTMeQmuWfWCKRBIsVO7e
e4XCo7qcA8m2eN7xbggZpaXkOken+JpHqPF7vrO04ryVfgTHu3U+Cykuo3bd7XRd
FmY7zYElYZKUjv1/Ee09mbzIaym8DnES7XbyPnSYdaC9WHNztD0/32Y4NYNFvuXz
gpaftNbhKDAfz3XebE5pr+X4uFRC5v8Pp0Ff7cWHU/pOBN8RAAB687JXsQcpZQyn
xxGH/ZgBdFLuq0Qtvy5Cm5Kf3s4TS1awZ7GpxDkqW6Fv
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:16 2024 by rpki-client on console-ams.rpki-client.org