Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/GQDcURubTYCXm3KOtwNOhGswcvc.roa
File: GQDcURubTYCXm3KOtwNOhGswcvc.roa (raw, json)
Hash identifier: 1qwvSL3/U0Cc00/AlhOzYHPCuuo1S7Ufs8RS+pAelNU=
Subject key identifier: 19:00:DC:51:1B:9B:4D:80:97:9B:72:8E:B7:03:4E:84:6B:30:72:F7
Certificate issuer: /CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Certificate serial: 018CC424EC4DFDBD9C5889B7EE05EA196A0F
Authority key identifier: 8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/GQDcURubTYCXm3KOtwNOhGswcvc.roa
Signing time: Mon 01 Jan 2024 08:30:03 +0000
ROA not before: Mon 01 Jan 2024 08:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30742
IP address blocks: 185.115.80.0/22 maxlen: 24
176.118.180.0/22 maxlen: 24
82.198.192.0/19 maxlen: 24
185.48.224.0/22 maxlen: 24
80.245.132.0/22 maxlen: 24
80.245.136.0/21 maxlen: 24
185.43.24.0/22 maxlen: 24
2a03:9980::/29 maxlen: 32
2a01:9b60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 04 Nov 2024 15:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ec:4d:fd:bd:9c:58:89:b7:ee:05:ea:19:6a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Validity
Not Before: Jan 1 08:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1900dc511b9b4d80979b728eb7034e846b3072f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:51:f5:6d:8a:91:c6:36:a7:d2:cd:e3:86:cd:
70:53:bf:d8:47:d7:89:80:92:1d:ec:ea:93:93:80:
ca:20:57:57:49:8c:f0:e5:9c:ef:cf:ae:8c:1b:61:
a8:6e:87:b9:1b:a5:b8:6b:49:ea:d0:fe:d8:93:2f:
fc:6e:ca:93:37:d6:a1:c7:9f:a8:83:cb:c9:a4:99:
78:11:1b:fc:f6:f3:16:4f:2a:95:fe:87:63:7f:bb:
dd:4a:21:80:ad:5b:e5:5e:b4:9d:51:b1:29:fd:23:
f6:32:8d:77:31:e5:2a:c6:fa:c3:d0:6f:12:05:02:
54:5c:51:13:54:86:8b:a6:ca:59:11:6b:7c:d4:81:
e7:5e:c5:0b:de:97:35:b7:80:79:2d:06:85:a5:7c:
0f:7e:f6:39:6f:f8:24:3e:a7:b4:4c:25:9a:1f:a8:
70:89:0f:f1:23:ef:27:eb:21:be:0f:62:61:6d:42:
b1:74:9c:fa:2c:72:f0:c1:92:25:9a:a7:d8:ce:14:
16:a2:27:ea:29:92:51:c4:17:d9:33:16:eb:9f:97:
2b:1b:43:59:0a:01:d7:44:98:c7:8f:36:f3:63:ff:
07:00:d0:6b:f1:9a:03:e3:6c:51:fe:e9:2e:31:f6:
67:0a:87:2a:d8:2f:7a:5d:e5:67:c7:e2:25:18:6d:
0f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:00:DC:51:1B:9B:4D:80:97:9B:72:8E:B7:03:4E:84:6B:30:72:F7
X509v3 Authority Key Identifier:
keyid:8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/GQDcURubTYCXm3KOtwNOhGswcvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.132.0-80.245.143.255
82.198.192.0/19
176.118.180.0/22
185.43.24.0/22
185.48.224.0/22
185.115.80.0/22
IPv6:
2a01:9b60::/32
2a03:9980::/29
Signature Algorithm: sha256WithRSAEncryption
65:95:9b:a2:0e:6b:73:74:9f:25:e3:16:a7:92:85:94:1a:04:
d8:d3:c9:d8:15:39:83:d3:26:1a:6e:a1:d4:7b:0b:51:53:49:
ba:f7:aa:94:47:91:95:0f:bb:5e:1d:89:11:11:97:ac:44:56:
9d:7d:a3:eb:57:8b:e7:06:aa:ff:08:01:ca:7e:be:61:7d:a0:
98:85:30:be:10:c4:b1:f5:7d:8f:12:f1:cf:c3:cf:c1:d4:09:
88:9a:5f:5a:d6:99:3d:bc:81:81:92:1b:80:28:0a:16:33:af:
3d:1d:a7:9b:05:80:f4:8d:9b:eb:76:f1:05:c2:0c:31:02:4c:
11:12:53:3f:9f:4c:be:70:81:3f:e4:44:0a:4a:51:73:e7:6e:
73:ca:a2:e6:c0:55:51:d2:c4:47:ef:8d:8f:3f:78:40:bf:63:
fb:dc:93:19:4f:6d:96:14:05:c6:30:44:1a:c9:b3:63:18:fa:
19:52:24:2e:0d:25:37:1c:be:97:99:47:f7:4e:6d:86:6f:41:
6e:10:be:5b:ee:de:5d:0f:01:c1:77:0f:47:c2:18:87:30:35:
ef:d3:30:ac:f6:0e:2c:85:5f:ac:af:8f:73:6a:f6:79:fb:9c:
8e:f4:e0:aa:be:fc:a3:1e:5b:d2:97:37:1e:98:18:43:03:6f:
4d:b8:9f:b8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzEJOxN/b2cWIm37gXqGWoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzRhNjdkYmVkNzQ0NGRkZDI3ZTgwMGZiNmMyMTAxM2E1
YjExYzYwHhcNMjQwMTAxMDgzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTAwZGM1MTFiOWI0ZDgwOTc5YjcyOGViNzAzNGU4NDZiMzA3MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1H1bYqRxjan0s3jhs1wU7/YR9eJ
gJId7OqTk4DKIFdXSYzw5Zzvz66MG2Goboe5G6W4a0nq0P7Yky/8bsqTN9ahx5+o
g8vJpJl4ERv89vMWTyqV/odjf7vdSiGArVvlXrSdUbEp/SP2Mo13MeUqxvrD0G8S
BQJUXFETVIaLpspZEWt81IHnXsUL3pc1t4B5LQaFpXwPfvY5b/gkPqe0TCWaH6hw
iQ/xI+8n6yG+D2JhbUKxdJz6LHLwwZIlmqfYzhQWoifqKZJRxBfZMxbrn5crG0NZ
CgHXRJjHjzbzY/8HANBr8ZoD42xR/ukuMfZnCocq2C96XeVnx+IlGG0PUwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBkA3FEbm02Al5tyjrcDToRrMHL3MB8GA1UdIwQY
MBaAFI7Epn2+10RN3SfoAPtsIQE6WxHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMt
MGNlZjUxMmY1MDA5LzEvR1FEY1VSdWJUWUNYbTNLT3R3Tk9oR3N3Y3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMtMGNlZjUxMmY1MDA5
LzEvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsMAwDBAJQ9YQD
BARQ9YADBAVSxsADBAKwdrQDBAK5KxgDBAK5MOADBAK5c1AwFAQCAAIwDgMFACoB
m2ADBQMqA5mAMA0GCSqGSIb3DQEBCwUAA4IBAQBllZuiDmtzdJ8l4xankoWUGgTY
08nYFTmD0yYabqHUewtRU0m696qUR5GVD7teHYkREZesRFadfaPrV4vnBqr/CAHK
fr5hfaCYhTC+EMSx9X2PEvHPw8/B1AmIml9a1pk9vIGBkhuAKAoWM689HaebBYD0
jZvrdvEFwgwxAkwRElM/n0y+cIE/5EQKSlFz525zyqLmwFVR0sRH742PP3hAv2P7
3JMZT22WFAXGMEQaybNjGPoZUiQuDSU3HL6XmUf3Tm2Gb0FuEL5b7t5dDwHBdw9H
whiHMDXv0zCs9g4shV+sr49zavZ5+5yO9OCqvvyjHlvSlzcemBhDA29NuJ+4
-----END CERTIFICATE-----
Generated at Mon Nov 4 18:13:01 2024 by rpki-client on console-fra.rpki-client.org