Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/gycwsK2khz27IoSMfFhBMEwRKFo.roa
File: gycwsK2khz27IoSMfFhBMEwRKFo.roa (raw, json)
Hash identifier: 1FAyDECCqUzAcU6fuZk0w5lYesbyWWsdSFjJihKi7Ss=
Subject key identifier: 83:27:30:B0:AD:A4:87:3D:BB:22:84:8C:7C:58:41:30:4C:11:28:5A
Certificate issuer: /CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Certificate serial: 01865A9D835CEC175A2C35576EED187154DE
Authority key identifier: 8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/gycwsK2khz27IoSMfFhBMEwRKFo.roa
Signing time: Thu 16 Feb 2023 14:25:17 +0000
ROA not before: Thu 16 Feb 2023 14:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198440
IP address blocks: 185.102.148.0/22 maxlen: 24
37.48.224.0/24 maxlen: 24
37.48.229.0/24 maxlen: 24
37.48.230.0/24 maxlen: 24
62.64.128.0/21 maxlen: 24
62.64.136.0/22 maxlen: 24
188.74.64.0/19 maxlen: 24
62.64.144.0/20 maxlen: 24
217.168.248.0/21 maxlen: 24
2a05:87c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5a:9d:83:5c:ec:17:5a:2c:35:57:6e:ed:18:71:54:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Validity
Not Before: Feb 16 14:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=832730b0ada4873dbb22848c7c5841304c11285a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:84:80:51:3f:89:d5:71:4b:14:07:8b:f2:1a:
1a:3f:e9:ea:bc:6a:80:1e:08:cc:db:10:49:02:18:
64:27:3a:0b:0f:d6:6f:4b:f3:0c:35:af:f1:46:80:
c3:b5:01:a5:4d:3b:31:36:f2:e8:e5:95:7f:40:db:
9a:0c:d3:1f:a8:8b:8d:98:03:86:fd:85:d4:7c:3b:
46:4d:a0:bb:32:ad:20:d6:3b:d9:01:0e:42:73:2a:
dc:b5:fa:99:f9:5a:72:73:6e:ea:9e:4f:66:39:89:
ff:5f:b2:7d:27:0a:2a:65:8e:de:70:9c:51:ef:7b:
ec:8a:10:45:3f:97:c2:a5:a7:7a:24:a1:19:20:63:
1d:b7:7a:bb:83:3c:2b:1f:9a:7c:3e:93:e2:10:de:
43:b7:02:df:c9:0c:9f:71:95:80:1e:25:c4:cc:2a:
f8:0a:2a:d2:fa:fc:63:d8:9f:33:ed:38:30:6a:fb:
b3:79:39:b6:4f:dc:17:7a:10:df:02:45:85:12:a0:
ca:a5:de:c3:75:8f:86:63:6f:b9:e0:de:c3:2c:21:
30:32:ab:e8:2b:78:7f:5c:19:3a:4e:45:96:39:4e:
b9:f5:ac:91:6d:8f:31:b2:64:af:3c:ae:1b:74:59:
d1:6b:a9:f7:2a:e5:c3:b6:e5:c1:31:77:01:f8:3b:
16:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:27:30:B0:AD:A4:87:3D:BB:22:84:8C:7C:58:41:30:4C:11:28:5A
X509v3 Authority Key Identifier:
keyid:8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/gycwsK2khz27IoSMfFhBMEwRKFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.224.0/24
37.48.229.0-37.48.230.255
62.64.128.0-62.64.139.255
62.64.144.0/20
185.102.148.0/22
188.74.64.0/19
217.168.248.0/21
IPv6:
2a05:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:00:d0:8c:e3:57:d1:1d:41:7f:d5:91:ba:c8:c1:45:bb:fd:
1e:4e:0c:4b:5a:54:a9:24:37:fd:91:8a:25:65:65:f5:7b:ea:
5a:45:28:98:6f:52:73:30:61:de:f0:e3:68:d5:f8:b1:81:a7:
e3:2a:da:64:cf:84:83:18:c5:86:3c:03:32:55:e7:09:b5:63:
e5:05:f4:60:1a:d6:e0:2a:90:38:21:de:2a:99:1b:af:8d:ea:
e4:b1:62:0c:8d:3d:7a:c5:22:98:06:6b:2c:eb:96:26:3c:e9:
ca:9e:51:9d:d5:98:ab:f8:1a:0f:07:19:50:df:26:9e:53:04:
6c:67:ec:cc:2a:ce:8c:fe:e4:cb:d1:ad:95:99:67:e7:95:ef:
e0:b2:a0:04:2e:42:0e:ac:5f:02:6a:22:74:be:24:d3:c4:bf:
dd:f9:c7:55:16:a4:6a:52:3b:59:e0:1f:e7:5e:5a:34:96:95:
27:a9:6e:33:bb:3f:e3:90:dd:bb:16:0d:b8:ba:2a:3e:d7:59:
df:45:89:a6:41:0d:55:01:51:a7:0c:56:b6:2a:83:fd:a0:0a:
03:f6:5d:75:ed:03:a2:4b:21:68:79:69:d6:f1:0a:77:bd:55:
64:d7:9b:ab:58:72:b8:89:06:1f:60:d4:2c:a8:a5:1f:35:7f:
72:b0:a4:16
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYZanYNc7BdaLDVXbu0YcVTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMTg2YTU2ZWE4NGMxM2M2Mjc2OGE5ZDE3YmFlMTMzY2Vk
ZjEwNDUwHhcNMjMwMjE2MTQyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI3MzBiMGFkYTQ4NzNkYmIyMjg0OGM3YzU4NDEzMDRjMTEyODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YSAUT+J1XFLFAeL8hoaP+nqvGqA
HgjM2xBJAhhkJzoLD9ZvS/MMNa/xRoDDtQGlTTsxNvLo5ZV/QNuaDNMfqIuNmAOG
/YXUfDtGTaC7Mq0g1jvZAQ5CcyrctfqZ+Vpyc27qnk9mOYn/X7J9JwoqZY7ecJxR
73vsihBFP5fCpad6JKEZIGMdt3q7gzwrH5p8PpPiEN5DtwLfyQyfcZWAHiXEzCr4
CirS+vxj2J8z7TgwavuzeTm2T9wXehDfAkWFEqDKpd7DdY+GY2+54N7DLCEwMqvo
K3h/XBk6TkWWOU659ayRbY8xsmSvPK4bdFnRa6n3KuXDtuXBMXcB+DsWIQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFIMnMLCtpIc9uyKEjHxYQTBMEShaMB8GA1UdIwQY
MBaAFIwYalbqhME8YnaKnRe64TPO3xBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2Qt
MjA5MmFmNjQ3MDcwLzEvZ3ljd3NLMmtoejI3SW9TTWZGaEJNRXdSS0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2QtMjA5MmFmNjQ3MDcw
LzEvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQAJTDgMAwD
BAAlMOUDBAAlMOYwDAMEBz5AgAMEAj5AiAMEBD5AkAMEArlmlAMEBbxKQAMEA9mo
+DANBAIAAjAHAwUDKgWHwDANBgkqhkiG9w0BAQsFAAOCAQEAPwDQjONX0R1Bf9WR
usjBRbv9Hk4MS1pUqSQ3/ZGKJWVl9XvqWkUomG9SczBh3vDjaNX4sYGn4yraZM+E
gxjFhjwDMlXnCbVj5QX0YBrW4CqQOCHeKpkbr43q5LFiDI09esUimAZrLOuWJjzp
yp5RndWYq/gaDwcZUN8mnlMEbGfszCrOjP7ky9GtlZln55Xv4LKgBC5CDqxfAmoi
dL4k08S/3fnHVRakalI7WeAf515aNJaVJ6luM7s/45DduxYNuLoqPtdZ30WJpkEN
VQFRpwxWtiqD/aAKA/Zdde0DokshaHlp1vEKd71VZNebq1hyuIkGH2DULKilHzV/
crCkFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:55 2024 by rpki-client on console-fra.rpki-client.org