Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/GWpBuwKglYi612b2XQrt1Tw-5ZE.roa
File: GWpBuwKglYi612b2XQrt1Tw-5ZE.roa (raw, json)
Hash identifier: lObl1wrvKkTw+LhO+s+ltlv/LAywt8NYnV8sKGWPtag=
Subject key identifier: 19:6A:41:BB:02:A0:95:88:BA:D7:66:F6:5D:0A:ED:D5:3C:3E:E5:91
Certificate issuer: /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial: 01856E2FCD65D5F1F7EE55774DE1C180CE0B
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/GWpBuwKglYi612b2XQrt1Tw-5ZE.roa
Signing time: Sun 01 Jan 2023 16:35:04 +0000
ROA not before: Sun 01 Jan 2023 16:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50115
IP address blocks: 195.64.232.0/22 maxlen: 22
195.64.240.0/22 maxlen: 23
Validation: Failed, certificate revoked on Tue 14 Feb 2023 18:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:cd:65:d5:f1:f7:ee:55:77:4d:e1:c1:80:ce:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Validity
Not Before: Jan 1 16:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=196a41bb02a09588bad766f65d0aedd53c3ee591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:89:32:dd:25:47:c2:65:9a:f0:e5:9f:0a:93:
55:05:66:74:74:f9:1b:12:e3:29:c0:f2:44:05:f1:
fd:f5:e7:c2:6c:96:ec:60:bb:58:8a:60:31:2f:b6:
ef:f5:ee:95:05:b4:4a:a9:14:14:af:f7:de:e3:ba:
03:d2:73:ae:13:f0:5b:97:b4:ca:29:06:84:03:00:
82:1b:43:0d:f3:82:54:a5:43:6d:61:1e:af:cd:a9:
db:46:9b:87:2f:93:60:7d:ad:a7:95:b2:15:ea:d3:
b0:a0:68:05:a4:53:93:bc:ba:56:6f:4a:01:fe:f7:
36:6f:d1:86:0b:ef:e5:74:89:05:19:39:0e:7d:3a:
90:7e:cf:48:7c:8a:ef:d7:db:d1:2b:9a:0f:8f:24:
e8:6c:1e:17:73:5b:db:ad:ab:69:43:84:3e:5d:61:
91:71:65:a5:77:0a:27:a4:3b:89:18:01:5f:01:2f:
1a:f9:01:fb:b5:df:fe:a8:f5:12:78:e0:84:0c:0e:
6a:59:c0:80:4c:69:31:49:b4:5c:c2:d4:ce:13:97:
6a:dd:87:97:f5:87:3b:ae:4a:db:84:e4:94:93:e1:
e8:3b:c0:f5:6e:2b:28:19:22:55:6e:7c:26:a7:71:
e5:4c:a4:8e:c0:5a:fa:d5:6c:f5:28:fe:b4:d5:87:
4a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6A:41:BB:02:A0:95:88:BA:D7:66:F6:5D:0A:ED:D5:3C:3E:E5:91
X509v3 Authority Key Identifier:
keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/GWpBuwKglYi612b2XQrt1Tw-5ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.232.0/22
195.64.240.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:f4:2a:17:3d:fb:27:10:79:dc:4e:44:a8:95:d6:f8:e4:36:
bb:f4:c0:1b:f3:6a:d2:8e:f8:5e:88:9f:11:ef:95:a1:7f:05:
d6:bd:0e:66:eb:d9:08:1d:60:23:45:be:8f:61:8e:81:4b:03:
9b:60:19:6f:71:b4:84:73:23:52:a2:cb:e2:78:dc:59:74:7d:
3a:a0:d5:4d:d5:e6:d5:9f:9c:51:14:47:2f:5b:4c:85:a0:94:
ae:43:c4:17:b2:57:65:39:8c:eb:0f:1d:47:c4:39:35:ec:e6:
5e:de:17:59:1e:ef:f8:4f:93:5d:fd:1f:8b:95:6a:58:2a:7e:
e2:98:e7:61:a7:f1:0d:dd:d1:19:f3:b6:9d:3d:f2:11:57:d3:
27:05:fe:ba:3b:75:2a:f2:80:53:29:36:77:dd:f4:e6:3d:77:
85:33:51:3b:1c:5f:64:b4:9e:31:9f:8e:8a:e9:51:eb:a9:0b:
17:17:d9:fe:b4:9d:63:4e:1b:c3:5e:8e:84:9a:2e:f6:17:b7:
13:b6:d6:f0:a8:c9:83:29:d1:39:9b:b1:87:5c:95:db:ac:96:
d6:df:e1:bb:18:eb:a8:16:7f:94:fb:f5:1f:ff:4b:99:82:18:
a9:c8:82:ae:45:cc:7f:34:64:0d:38:9e:c8:93:ae:a1:f9:4b:
1b:de:40:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuL81l1fH37lV3TeHBgM4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjMwMTAxMTYzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZhNDFiYjAyYTA5NTg4YmFkNzY2ZjY1ZDBhZWRkNTNjM2VlNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04ky3SVHwmWa8OWfCpNVBWZ0dPkb
EuMpwPJEBfH99efCbJbsYLtYimAxL7bv9e6VBbRKqRQUr/fe47oD0nOuE/Bbl7TK
KQaEAwCCG0MN84JUpUNtYR6vzanbRpuHL5Ngfa2nlbIV6tOwoGgFpFOTvLpWb0oB
/vc2b9GGC+/ldIkFGTkOfTqQfs9IfIrv19vRK5oPjyTobB4Xc1vbratpQ4Q+XWGR
cWWldwonpDuJGAFfAS8a+QH7td/+qPUSeOCEDA5qWcCATGkxSbRcwtTOE5dq3YeX
9Yc7rkrbhOSUk+HoO8D1bisoGSJVbnwmp3HlTKSOwFr61Wz1KP601YdK7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBlqQbsCoJWIutdm9l0K7dU8PuWRMB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvR1dwQnV3S2dsWWk2MTJiMlhRcnQxVHctNVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw0DoAwQC
w0DwMA0GCSqGSIb3DQEBCwUAA4IBAQBd9CoXPfsnEHncTkSoldb45Da79MAb82rS
jvheiJ8R75WhfwXWvQ5m69kIHWAjRb6PYY6BSwObYBlvcbSEcyNSosvieNxZdH06
oNVN1ebVn5xRFEcvW0yFoJSuQ8QXsldlOYzrDx1HxDk17OZe3hdZHu/4T5Nd/R+L
lWpYKn7imOdhp/EN3dEZ87adPfIRV9MnBf66O3Uq8oBTKTZ33fTmPXeFM1E7HF9k
tJ4xn46K6VHrqQsXF9n+tJ1jThvDXo6Emi72F7cTttbwqMmDKdE5m7GHXJXbrJbW
3+G7GOuoFn+U+/Uf/0uZghipyIKuRcx/NGQNOJ7Ik66h+Usb3kBC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:56 2024 by rpki-client on console-fra.rpki-client.org