Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/G79nvjBphqKWP2QnCw1_Dgfhxoo.roa
File: G79nvjBphqKWP2QnCw1_Dgfhxoo.roa (raw, json)
Hash identifier: kVyrkEdDduew36xWOWM3qGGEknqk2ecHDc/UZlacqkY=
Subject key identifier: 1B:BF:67:BE:30:69:86:A2:96:3F:64:27:0B:0D:7F:0E:07:E1:C6:8A
Certificate issuer: /CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Certificate serial: 0187C393E2502162F9197A14B8634BE118CF
Authority key identifier: AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/G79nvjBphqKWP2QnCw1_Dgfhxoo.roa
Signing time: Thu 27 Apr 2023 16:37:41 +0000
ROA not before: Thu 27 Apr 2023 16:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21119
IP address blocks: 193.169.42.0/23 maxlen: 24
185.36.28.0/22 maxlen: 24
93.187.80.0/21 maxlen: 24
193.201.74.0/23 maxlen: 24
5.226.160.0/21 maxlen: 24
89.233.96.0/21 maxlen: 24
80.86.128.0/20 maxlen: 24
217.65.224.0/20 maxlen: 24
2001:a90::/32 maxlen: 64
2a01:b8c0::/32 maxlen: 64
2a03:6240::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:93:e2:50:21:62:f9:19:7a:14:b8:63:4b:e1:18:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Validity
Not Before: Apr 27 16:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bbf67be306986a2963f64270b0d7f0e07e1c68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:72:e0:db:db:b6:eb:f7:52:f8:36:89:2e:95:
2f:f4:6f:fa:95:da:e3:36:75:7b:ab:bd:0a:be:f3:
17:67:0f:b8:bb:db:af:85:bb:10:0e:be:98:ab:58:
62:1f:36:1d:c8:d1:cc:92:c9:14:eb:0c:72:dd:fb:
fb:ca:e6:d7:d3:d9:18:ed:a6:35:bf:c9:8d:a1:76:
b0:9b:75:e8:da:3c:a7:b4:52:79:d6:8d:f8:7e:b4:
b1:0e:de:86:1c:9d:22:52:b4:b8:0a:f5:16:24:e1:
b8:76:86:36:99:d6:f1:c7:e2:7d:0f:5d:a2:45:b7:
65:d5:5c:a3:ec:50:df:d5:2b:7f:1f:05:83:b5:d5:
e9:61:79:2b:ae:7d:a5:01:ee:47:b6:eb:16:cc:27:
23:6c:2c:0a:11:88:9d:62:3e:e9:aa:e1:02:08:d8:
60:8a:a6:c0:14:f0:07:e8:ad:c0:f4:8a:a3:f1:19:
a3:10:5d:4e:a9:15:12:76:4a:d1:83:9d:20:9f:1b:
9c:4f:12:96:72:07:7e:fe:56:cd:30:34:d3:91:21:
cb:fa:8d:f0:9f:0e:b2:19:c9:a6:80:6f:9c:9c:ff:
bf:1a:56:c8:4e:22:64:75:21:b7:6c:e0:ce:ad:6f:
45:a9:6f:5e:09:d4:57:b4:1e:ac:46:3e:7e:c3:ca:
8e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BF:67:BE:30:69:86:A2:96:3F:64:27:0B:0D:7F:0E:07:E1:C6:8A
X509v3 Authority Key Identifier:
keyid:AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/G79nvjBphqKWP2QnCw1_Dgfhxoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/rQt55LWcX82kk6IK0Y6UVYWdAxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.160.0/21
80.86.128.0/20
89.233.96.0/21
93.187.80.0/21
185.36.28.0/22
193.169.42.0/23
193.201.74.0/23
217.65.224.0/20
IPv6:
2001:a90::/32
2a01:b8c0::/32
2a03:6240::/32
Signature Algorithm: sha256WithRSAEncryption
98:8c:ab:5a:8a:c4:25:76:3c:4d:d0:51:ca:30:3f:08:05:99:
7e:9a:9d:6f:78:6a:e6:27:68:c2:8a:c3:8d:29:2b:66:cf:6a:
8d:1c:e1:1a:a9:19:f6:d7:24:c1:f9:15:9c:5e:95:c9:ff:89:
0a:ab:47:e4:4d:9c:11:c1:25:fe:ab:c4:8f:a1:da:7c:0f:04:
a8:b5:40:c4:82:94:ba:3f:77:3e:e5:70:2f:8c:35:4b:79:9b:
8c:ba:f2:5b:0c:82:0b:ad:57:06:90:0b:9d:ea:b1:0a:18:ec:
26:6f:91:48:3a:1d:fc:bb:40:97:09:5e:27:a0:d4:83:0d:35:
82:ea:78:dc:69:67:a1:72:fc:4c:f8:01:bf:21:35:39:c3:87:
f7:5b:fd:5e:56:e7:0a:e8:a5:df:1e:a4:6a:c9:b9:ec:5a:29:
2e:b9:de:f3:29:c7:f8:f2:4c:bb:40:e8:29:98:29:92:e1:3e:
65:6a:62:30:06:d6:62:3d:c1:91:19:fb:c5:33:5c:e5:77:17:
ac:3f:08:29:be:f0:28:f4:b3:4d:5d:05:3c:c5:06:a7:26:42:
93:c6:75:7e:94:d6:26:59:e4:46:0c:b9:3a:f0:15:7e:11:80:
b1:46:8c:e2:4f:02:79:d0:6b:37:b6:1f:ca:71:60:28:cb:fe:
34:7c:ba:fc
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYfDk+JQIWL5GXoUuGNL4RjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGI3OWU0YjU5YzVmY2RhNDkzYTIwYWQxOGU5NDU1ODU5
ZDAzMWIwHhcNMjMwNDI3MTYzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJmNjdiZTMwNjk4NmEyOTYzZjY0MjcwYjBkN2YwZTA3ZTFjNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Lg29u26/dS+DaJLpUv9G/6ldrj
NnV7q70KvvMXZw+4u9uvhbsQDr6Yq1hiHzYdyNHMkskU6wxy3fv7yubX09kY7aY1
v8mNoXawm3Xo2jyntFJ51o34frSxDt6GHJ0iUrS4CvUWJOG4doY2mdbxx+J9D12i
Rbdl1Vyj7FDf1St/HwWDtdXpYXkrrn2lAe5HtusWzCcjbCwKEYidYj7pquECCNhg
iqbAFPAH6K3A9Iqj8RmjEF1OqRUSdkrRg50gnxucTxKWcgd+/lbNMDTTkSHL+o3w
nw6yGcmmgG+cnP+/GlbITiJkdSG3bODOrW9FqW9eCdRXtB6sRj5+w8qOAwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFBu/Z74waYailj9kJwsNfw4H4caKMB8GA1UdIwQY
MBaAFK0LeeS1nF/NpJOiCtGOlFWFnQMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQt
ZTNlYjRlOGEzOGRiLzEvRzc5bnZqQnBocUtXUDJRbkN3MV9EZ2ZoeG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQtZTNlYjRlOGEzOGRi
LzEvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA2BAIAATAwAwQDBeKgAwQE
UFaAAwQDWelgAwQDXbtQAwQCuSQcAwQBwakqAwQBwclKAwQE2UHgMBsEAgACMBUD
BQAgAQqQAwUAKgG4wAMFACoDYkAwDQYJKoZIhvcNAQELBQADggEBAJiMq1qKxCV2
PE3QUcowPwgFmX6anW94auYnaMKKw40pK2bPao0c4RqpGfbXJMH5FZxelcn/iQqr
R+RNnBHBJf6rxI+h2nwPBKi1QMSClLo/dz7lcC+MNUt5m4y68lsMggutVwaQC53q
sQoY7CZvkUg6Hfy7QJcJXieg1IMNNYLqeNxpZ6Fy/Ez4Ab8hNTnDh/db/V5W5wro
pd8epGrJuexaKS653vMpx/jyTLtA6CmYKZLhPmVqYjAG1mI9wZEZ+8UzXOV3F6w/
CCm+8Cj0s01dBTzFBqcmQpPGdX6U1iZZ5EYMuTrwFX4RgLFGjOJPAnnQaze2H8px
YCjL/jR8uvw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:23 2024 by rpki-client on console-fra.rpki-client.org